Versa Networks recently announced patches for a vulnerability in the virtualization and service creation platform Versa Director, warning that proof-of-concept (PoC) code exists.  The vulnerability is tracked as CVE-2024-45229 (CVSS score of 6.6) is related to the REST API in Versa Director used for orchestration and management and could lead to the exposure of authentication tokens.

The extraction of sensitive user data from web pages by thousands of browser extensions poses significant privacy risks, as revealed by research conducted by Georgia Tech. This underscores the need for more robust privacy measures and improved enforcement. A team of researchers led by Frank Li, assistant professor in the School of Cybersecurity and Privacy and the School of Electrical and Computer Engineering, and Ph.D. student Qinge Xie, developed a new system to monitor browser extensions' collection of user content from web pages.

The US Department of Justice (DOJ) announced a court-authorized operation to disrupt a botnet known as "Raptor Train," which has affected 200,000 devices in the US and other countries.

Dr. Honggang Wang, an Artificial Intelligence (AI) and digital health applications expert, received a three-year National Science Foundation (NSF) grant to improve cybersecurity education and research in mobile health. The project titled "Augmenting Cybersecurity Education in Mobile Health (mHealth) Through Curriculum and Experimental Platform Development" will introduce a new mobile health cybersecurity course with detailed modules covering wearable device security, body sensor network security, trustworthy AI, and more. Dr.

The National Football league has more to contend with than the actual games on the field. The teams have experienced cyberattacks on their customers, players, arenas, and data. In today’s digital age, the companies are protecting their assets that control the game and connecting with their fans as well as handling everything from concession sales, stadium operations, loyalty programs, bio-metric check-ins at stadiums, and WI-FI in the stands. Fan information, real-time player data, video broadcast, and their brands all need to be protected.

Ankita Gupta, Rita Chhikara, and Prabha Sharma of the NorthCap University in Gurugram, India, have introduced a new method for detecting hidden messages in digital images. Their work advances steganalysis, a key field in cybersecurity and digital forensics. Steganography involves embedding data within media (e.g., words hidden in a digital image's bits and bytes). There are legitimate uses of steganography, but there may be more malicious ones, so law enforcement and security need effective detection.

German authorities seized 47 cryptocurrency exchange services hosted in the country, which facilitated ransomware groups' illegal money laundering activities. The platforms enabled users to exchange cryptocurrencies without complying with applicable "Know Your Customer" regulations, ensuring that users remained completely anonymous during transactions. This created a low-risk environment where cybercriminals could launder their proceeds without fear of being prosecuted or tracked. This article continues to discuss the seizure of 47 cryptocurrency exchanges used by ransomware groups.

Law enforcement agencies in Europe and Latin America have dismantled "iServer," a Phishing-as-a-Service (PhaaS) platform used by criminals to unlock stolen and lost phones. "Operation Kaerb" led to the dismantling of iServer, which targeted over 1.2 million mobile phones and made over 480,000 victims. According to investigators, there have been 483,000 victims, mostly Spanish-speaking nationals in European, North American, and South American countries. This article continues to discuss the iServer PhaaS platform used by criminals to harvest credentials and unlock phones.

Two people have been charged by the US Department of Justice (DOJ) for stealing over $230 million in cryptocurrency from an individual in Washington, DC. Malone Lam and Jeandiel Serrano are accused of stealing cryptocurrency and trying to launder the proceeds through exchanges and mixing services. The two would hack cryptocurrency accounts and transfer funds to wallets controlled by them, using Virtual Private Networks (VPNs) and other tools to hide. This article continues to discuss the hackers charged for the theft of $230 million in cryptocurrency.