Researchers have discovered a new infostealer malware, dubbed DUCKTAIL, targeting individuals and organizations that operate on Facebook’s Business.
Researchers have discovered a new infostealer malware, dubbed DUCKTAIL, targeting individuals and organizations that operate on Facebook’s Business.
Circa 2015
New software being developed at MIT is proving able to autonomously repair software bugs by borrowing from other programs and across different programming languages, without requiring access to the source code. This could save developers thousands of hours of programming time and lead to much more stable software.
Bugs are the bane of the software developer’s life. The changes that must be made to fix them are often trivial, typically involving changing only a few lines of code, but the process of identifying exactly which lines need to be fixed can be a very time-consuming and often very frustrating process, particularly in larger projects.
An Israel-based company was exposed for employing a malware that exploited a vulnerability in Google’s search engine to access the personal data of co.
Cybersecurity researchers were able to link a zero-day vulnerability in Google’s search engine to a US-sanctioned Israeli spyware company that targets journalists throughout West Asia.
On 21 July, cybersecurity company Avast reported that the Israeli spyware company, Candiru, was behind the DevilsTongue malware that has targeted dozens of journalists in Lebanon, Turkey, Yemen, and Palestine.
A new phishing campaign codenamed ‘Ducktail’ is underway, targeting professionals on LinkedIn to take over Facebook business accounts that manage advertising for the company.
The operators of Ducktail have a narrow targeting scope and select their victims carefully, trying to find people who have admin privileges on their employer’s social media accounts.
The discovery of this campaign comes from researchers at WithSecure, who have been tracking what they believe to be a Vietnamese threat actor since 2021, and collected evidence of activity dating going back to 2018.
Microsoft has chosen to add specific security measures against brute force attacks against RDP (Remote Desktop Protocol). These security improvements have been introduced in the most recent builds of Windows 11. Given the evolution of this type of attack abusing RDP, Microsoft decided to add the security measure in the latest Insider Preview22528.1000. This system automatically locks accounts for 10 minutes after 10 invalid login attempts. The news was broken by David Weston (VP of OS & Enterprise Security) on Twitter last week.
These kinds of attacks against RDP are quite common in human operated ransomware. With this relatively simple measure, it is possible to complicate brute force attacks, being quite effective in discouraging them. However, it was already possible to activate this measure in Windows 10, so the novelty is really enabling it by default.
A new batch of malicious Android apps filled with adware and malware was found on the Google Play Store that have been installed close to 10 million times on mobile devices.
The apps pose as image-editing tools, virtual keyboards, system optimizers, wallpaper changers, and more. However, their underlying functionality is to push intrusive ads, subscribe users to premium services, and steal victims’ social media accounts.
The discovery of these malicious apps comes from the Dr. Web antivirus team, who highlighted the new threats in a report published today.
Microsoft is now taking steps to prevent Remote Desktop Protocol (RDP) brute-force attacks as part of the latest builds for the Windows 11 operating system in an attempt to raise the security baseline to meet the evolving threat landscape.
To that end, the default policy for Windows 11 builds – particularly, Insider Preview builds 22528.1000 and newer – will automatically lock accounts for 10 minutes after 10 invalid sign-in attempts.
“Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute-force password vectors,” David Weston, Microsoft’s vice president for OS security and enterprise, said in a series of tweets last week. “This technique is very commonly used in Human Operated Ransomware and other attacks — this control will make brute forcing much harder which is awesome!”
A couple of times per year, I take a deep dive on writing about the newly reported cybersecurity statistics and trends that are impacting the digital landscape. Unfortunately, despite global efforts, every subsequent year the numbers get worse and show that we are far from being able to mitigate and contain the numerous cyber-threats targeting both industry and government.
Below is a synopsis with links on some of the recent cyber developments and threats that CISOs need to key a close watch on (and that you need to know) for the remaining part of 2022 and beyond.
While many of the statistics seem dire, there is some positive aspect on the trends side as the cybersecurity community has been taking several initiatives to create both cyber awareness and action. And for those attending the 2022 RSA Conference in San Francisco, hopefully the backdrop of the following statistics and trends from mid-year 2022 can also be useful to analyze and match with product and services roadmaps for cybersecurity.
Digital information is everywhere in the era of smart technology, where data is continuously generated by and communicated among cell phones, smart watches, cameras, smart speakers and other devices. Securing digital data on handheld devices requires massive amounts of energy, according to an interdisciplinary group of Penn State researchers, who warn that securing these devices from bad actors is becoming a greater concern than ever before.
Led by Saptarshi Das, Penn State associate professor of engineering science and mechanics, researchers developed a smart hardware platform, or chip, to mitigate energy consumption while adding a layer of security. The researchers published their results on June 23 in Nature Communications.
“Information from our devices is currently stored in one location, the cloud, which is shared and stored in large servers,” said Das, who also is affiliated with the Penn State School of Electrical Engineering and Computer Science, the Materials Research Institute and the College of Earth and Mineral Sciences’ Department of Materials Science and Engineering. “The security strategies employed to store this information are extremely energy inefficient and are vulnerable to data breaches and hacking.”
