"New Proposal Aims to Boost IoT Security With a Sticker"

"New Proposal Aims to Boost IoT Security With a Sticker"

The Federal Communications Commission (FCC) has proposed a cybersecurity labeling program to protect smart device users. The new initiative encompasses Internet of Things (IoT) devices such as Wi-Fi routers, digital personal assistants, home security cameras, GPS trackers, medical devices, and other Internet-connected appliances. Although the underlying problem is real and devices are often found to lack adequate cybersecurity, many, including one of the FCC's commissioners, consider the proposed solution lightweight. This article continues to discuss the effort to boost IoT security.

Submitted by Gregory Rigby on

"German Spy Chief Warns of Cyberattacks Targeting Liquefied Natural Gas Terminals"

"German Spy Chief Warns of Cyberattacks Targeting Liquefied Natural Gas Terminals"

Bruno Kahl, the head of Germany's foreign intelligence service, warned that state-sponsored hackers could target the country's Liquefied Natural Gas (LNG) terminals. Due to the Russian invasion of Ukraine in 2022, estimated to have reduced Germany's GDP by 2.5 percent because of its reliance on gas pipelined from Russia, the country chartered three new LNG terminals, with plans for future expansion. However, according to the spy chief, these new LNG landing facilities should be viewed as potential targets for future cyberattacks.

Submitted by Gregory Rigby on

"Clop Gang Stolen Data From Major North Carolina Hospitals"

"Clop Gang Stolen Data From Major North Carolina Hospitals"

The Microsoft-owned healthcare technology company Nuance has disclosed that the Clop extortion gang stole personal data on major North Carolina hospitals as part of the Progress MOVEit Transfer campaign. Companies use MOVEit Transfer to securely transmit files via SFTP, SCP, and HTTP-based uploads. Microsoft credits the Clop ransomware group, also known as Lace Tempest, with exploiting a zero-day vulnerability in the MOVEit Transfer platform, tracked as CVE-2023-34362.

Submitted by Gregory Rigby on

"Modeling Social Media Behaviors to Combat Misinformation"

"Modeling Social Media Behaviors to Combat Misinformation"

Social media manipulation is used to spread false narratives, influence democratic processes, and more. However, not everyone with whom you disagree on social media is a bot. Misinformation strategies have continued to evolve. Their detection has been a reactive process, with malicious actors always one step ahead. Alexander Nwala, an assistant professor of data science at William & Mary, seeks to proactively combat these forms of exploitation.

Submitted by Gregory Rigby on

"New AMBERSQUID Cryptojacking Operation Targets Uncommon AWS Services"

"New AMBERSQUID Cryptojacking Operation Targets Uncommon AWS Services"

A novel cloud-native cryptojacking operation has targeted Amazon Web Services (AWS) offerings such as AWS Amplify, AWS Fargate, and Amazon SageMaker to mine cryptocurrency. Sysdig has given the malicious cyber activity the codename AMBERSQUID. The AMBERSQUID operation exploited cloud services without triggering the AWS requirement for approval of additional resources, as would have been the case if they had only spammed EC2 instances, according to Alessandro Brucato, a security researcher at Sysdig.

Submitted by Gregory Rigby on

"Microsoft Flushes Out 'Ncurses' Gremlins"

"Microsoft Flushes Out 'Ncurses' Gremlins"

The "ncurses" programming library contains multiple memory corruption vulnerabilities that allow attackers to target applications running in macOS, Linux, and FreeBSD. Microsoft researchers discovered the vulnerabilities in the library that provides Application Programming Interfaces (APIs) for text-based user interfaces and terminal applications. Researchers from the company's threat intelligence team described the vulnerabilities in a technical report as enabling data leaks, privilege escalation, and arbitrary code execution.

Submitted by Gregory Rigby on

"BlackCat Ransomware Hits Azure Storage With Sphynx Encryptor"

"BlackCat Ransomware Hits Azure Storage With Sphynx Encryptor"

The BlackCat (ALPHV) ransomware group encrypts Azure cloud storage using stolen Microsoft accounts and the recently discovered Sphynx encryptor. Sophos X-Ops incident responders found that the attackers used a new Sphynx variant with added support for using custom credentials. After gaining access to the Sophos Central account with a stolen One-Time Password (OTP), the attackers disabled Tamper Protection and modified security policies. These actions were possible after stealing the OTP from the victim's LastPass vault through the LastPass Chrome extension.

Submitted by Gregory Rigby on

"Kubernetes Vulnerability Allows RCE on Windows Endpoints"

"Kubernetes Vulnerability Allows RCE on Windows Endpoints"

Three high-severity Kubernetes vulnerabilities, tracked as CVE-2023-3676, CVE-2023-3893, and CVE-2023-3955, could enable attackers to remotely execute code and take control of all Windows nodes in the Kubernetes cluster. The three flaws impact all Kubernetes versions before 1.28. The Kubernetes team released updated versions at the end of August. If administrators are unable to upgrade to a patched version, Akamai has provided alternative mitigation steps. This article continues to discuss the potential exploitation and impact of the three high-severity Kubernetes vulnerabilities.

Submitted by Gregory Rigby on

"Researchers Develop Adversarial Training Methods to Improve Machine Learning-Based Malware Detection Software"

"Researchers Develop Adversarial Training Methods to Improve Machine Learning-Based Malware Detection Software"

Machine Learning (ML) has changed how computer-related tasks are considered and performed. Its ability to identify patterns and process massive amounts of data lends itself to many applications. When it comes to malware detection, ML has streamlined a once daunting process, allowing antivirus software to detect potential attacks more efficiently and with a higher success rate. Antivirus software previously relied on knowledge of earlier attacks, comparing program code to a list of known malicious binaries to determine which programs may be harmful.

Submitted by Gregory Rigby on

"LSU Computer Science Professor Leading Project to Increase Security in Federated Learning"

"LSU Computer Science Professor Leading Project to Increase Security in Federated Learning"

Federated learning has garnered attention for its potential to bolster privacy, security, and efficacy across multiple industries. This technique is sometimes subjected to "critical learning" to improve its quality and robustness. However, during these times, external actors have the opportunity to initiate precise and damaging attacks.

Submitted by Gregory Rigby on
Subscribe to