Reconnaissance is one of the most time-consuming parts of network attack planning for adversaries. As Application Programming Interfaces (APIs) are exposed to the public, attackers spend less time finding attack vectors into the API's network, making APIs an easier target for breaches. If poorly designed, APIs can increase a network's attack surface and cause serious security issues. Since microservice architectures are increasingly replacing monolithic software architectures, APIs are more common than ever.

Researchers have discovered a new ransomware strain called "HardBit" that uses new obfuscation methods to avoid analysis. Cybereason researchers found that HardBit ransomware 4.0 added passphrase protection. The passphrase must be provided during runtime for proper ransomware execution. HardBit, which emerged in October 2022, is a financially motivated ransomware group that uses double extortion to generate illicit revenues. This article continues to discuss findings regarding the HardBit ransomware.

The National Security Agency (NSA) has released a new Cybersecurity Information Sheet (CSI) titled "Advancing Zero Trust Maturity Throughout the Automation and Orchestration Pillar" to help organizations detect cyber threats and respond to threats more quickly. This report is the NSA's final CSI in a series pertaining to the seven pillars of the US Department of Defense (DoD) Zero Trust (ZT) framework.

A second Remote Code Execution (RCE) vulnerability has been found in OpenSSH in an analysis of the recently discovered "regreSSHion" flaw. The regreSSHion bug, discovered by Qualys, was believed to impact millions of OpenSSH servers. Openwall founder Alexander Peslyak has found another regreSSHion-related issue, which is a race condition in signal handling involving the 'privsep' child process. This article continues to discuss findings regarding the recently discovered OpenSSH bug.

Barracuda researchers found cybercriminals using URL protection services to hide phishing links. The company observed phishing campaigns using three URL protection services to mask phishing URLs and send victims to credential-stealing websites. Researchers estimate these campaigns have targeted hundreds of companies. URL protection services prevent users from visiting malicious websites via phishing links. This article continues to discuss cybercriminals' abuse of legitimate URL protection services.

According to a recent paper by University of Missouri researcher Prasad Calyam and collaborators from Amrita University in India, Artificial Intelligence (AI)-powered chatbots can pass a cybersecurity exam but should not be relied on for complete protection. Using a standard certified ethical hacking exam, the team tested OpenAI's ChatGPT and Google's Bard. Certified ethical hackers use the same methods as malicious hackers to find and fix security vulnerabilities. Ethical hacking exams measure a person's understanding of attacks, system protection, and security breach response.

One of the most widely used network protocols, Remote Authentication Dial-In User Service (RADIUS), is vulnerable to a newly discovered attack called "Blast-RADIUS." This complex attack enables adversaries to gain control over various environments, including industrial controllers, telecommunications services, Internet Service Providers (ISPs), and more. RADIUS is supported by almost all switches, routers, access points, and Virtual Private Network (VPN) concentrators shipped in the past 20 years.

A smartphone's unique Bluetooth fingerprint could be used to track the device's user. To eliminate this vulnerability, a team of researchers at UC San Diego has developed a simple firmware update that completely hides the Bluetooth fingerprint. The researchers developed a method that involves multiple layers of randomization. This article continues to discuss the researchers' development of a firmware update that hides a device's Bluetooth fingerprint.

ML-KEM, CRYSTALS-Dilithium, and Sphinx Plus are three standardized post-quantum algorithms that will allow classical computers to encrypt data against a future fault-tolerant quantum computer. Matthew Scholl, the chief of the computer security division in the National Institute of Standards and Technology's (NIST) Information Technology (IT) Laboratory, urges organizations to monitor algorithm configuration and test for vulnerabilities during implementation. This article continues to discuss experts' insights on the proactive transition of networks to quantum-resilient standards.

According to the BlackBerry Threat Research and Intelligence Team, "Akira" ransomware actors can now exfiltrate data from victims in just over two hours, a significant change in the average time it takes a cybercriminal to get to the stage where they collect information. BlackBerry's analysis of a June Akira ransomware attack on a Latin American airline reveals that the threat actor used the Secure Shell (SSH) protocol to gain initial access through an unpatched Veeam backup server and stole information before launching the Akira ransomware the following day.