Lifeboat Foundation

A team of cybersecurity researchers at Stony Brook University has uncovered a new way for scammers to steal from unsuspecting cryptocurrency users. They have posted a paper to the arXiv preprint server describing the new crypto scam and how users can protect themselves.

Cryptocurrency is a type of digital currency run on a secure online platform. One example is Coinbase. Crypto currency is stored in a crypto wallet. In this new study, the team in New York reports that scammers have found a way to get people to redirect crypto payments away from intended recipients and toward wallets held by the scammers.

The researchers call the scam typosquatting. It involves setting up Blockchain Naming Systems (BNS) domain names that are similar to those used by well-known entities. It exploits the use of simple word-based addresses rather than the complicated and hard-to-remember letter and digit codes commonly associated with crypto wallets.

The U.S. faces a critical cybersecurity threat as quantum computers edge closer to disrupting the cryptographic systems that secure vital government and infrastructure data, according to a Government Accountability Office (GAO) report.

U.S. faces significant cybersecurity risks from quantum computing due to leadership gaps and an incomplete national strategy.

The rise of quantum computing is more than a technological advancement; it marks a profound shift in the world of cybersecurity, especially when considering the actions of state-sponsored cyber actors. Quantum technology has the power to upend the very foundations of digital security, promising to dismantle current encryption standards, enhance offensive capabilities, and recalibrate the balance of cyber power globally. As leading nations like China, Russia, and others intensify their investments in quantum research, the potential repercussions for cybersecurity and international relations are becoming alarmingly clear.

Imagine a world where encrypted communications, long thought to be secure, could be broken in mere seconds. Today, encryption standards such as RSA or ECC rely on complex mathematical problems that would take traditional computers thousands of years to solve. Quantum computing, however, changes this equation. Using quantum algorithms like Shor’s, a sufficiently powerful quantum computer could factorize these massive numbers, effectively rendering these encryption methods obsolete.

This capability could give state actors the ability to decrypt communications, access sensitive governmental data, and breach secure systems in real time, transforming cyber espionage. Instead of months spent infiltrating networks and monitoring data flow, quantum computing could provide immediate access to critical information, bypassing traditional defenses entirely.

Tom Temin So what are you trying here in cyber security that hasn’t been thought of already?

Howard Shrobe Well, actually, this is a very old idea. And the analogy would help if you think about the way we build ships. The goal, of course, is for them not to fill up with water. And so we try to build them with strong hulls that are hard to penetrate. But we don’t stop there. We also build it into compartments that can isolate the flow. So the analogy to software systems or to computer systems more generally is, the attackers may get in, but we don’t want them to be able to advance from one place to the next. And so this idea of compartmentalization has a realization by breaking systems up into small pieces, each of which executes only with the privilege it really needs to do its job. And that principle goes back a long, long time in computer science. But it’s always been impractical, in fact, to enforce it because the overhead is too high. So the approach we’re taking is to use novel computer architectures, novel extensions to current conventional architectures to make the enforcement easy.

Coming out of stealth, cybersecurity startup Twine announced today $12 million in seed funding, co-led by Ten Eleven Ventures and Dell Technologies Capital, with participation from angel investors including the founders of Wiz. Twine plans to address cybersecurity’s critical talent shortage by developing AI agents or “digital employees” to augment companies’ security teams. Alex, Twine’s first digital employee, is an expert in identity and access management or IAM.

Alex is deployed as a SaaS platform, connecting to different systems within the customer’s environment. “The user interacts with the Alex interface in order to ask him questions or assign tasks,” explains Benny Porat, Twine’s co-founder and CEO. “For any task assigned, Alex creates a plan, seeks approval, provides full visibility, and proceeds with an A-to-Z execution of the plan.”

In a report published a few months ago, the World Economic Forum warned that the “cybersecurity industry faces a critical global shortage of nearly 4 million professionals.” This at a time when the rapid adoption of cloud computing, remote work and new AI solutions has significantly increased the number of cyber attacks.

Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November’s patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed prior to today.

The zero-day flaw tracked as CVE-2024–49039 is a bug in the Windows Task Scheduler that allows an attacker to increase their privileges on a Windows machine. Microsoft credits Google’s Threat Analysis Group with reporting the flaw.

Finastra, a global leader in financial technology that serves 45 of the world’s top 50 banks, has confirmed a major data breach impacting its internal file transfer system. The London-based firm, which facilitates vital banking and wire transfers for over 8,100 financial institutions worldwide, detected the breach on Nov. 7.

The breach targeted Finastra’s internally hosted Secure File Transfer Platform, or SFTP, which was exploited using stolen credentials—essentially, a username and password. The attacker claims to have leveraged IBM Aspera, a high-speed file transfer tool to exfiltrate data from Finastra’s systems.

The cybercriminal, known by the alias “abyss0,” first advertised the stolen data for sale on BreachForums, a notorious online marketplace for cybercrime, on October 31. Initially priced at $20,000, the data’s asking price was later halved to $10,000. After gaining attention, “abyss0” disappeared, erasing their presence on both BreachForums and Telegram. This sudden retreat suggests they either secured a buyer or sought to avoid further scrutiny.

A commitment to continually refining these strategies is critical in the face of emerging threats and vulnerabilities.

Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza.

BabbleLoader is an “extremely evasive loader, packed with defensive mechanisms, that is designed to bypass antivirus and sandbox environments to deliver stealers into memory,” Intezer security researcher Ryan Robinson said in a report published Sunday.

Evidence shows that the loader is being used in several campaigns targeting both English and Russian-speaking individuals, primarily singling out users looking for generic cracked software as well as business professionals in finance and administration by passing it off as accounting software.