April 25, 2024 at 03:22PM Researchers sinkholed a PlugX malware server, logging over 2.5 million unique IP connections from 170 countries in six months. Sekoia obtained control of the server and observed self-spreading capabilities, indicating global infections. They aim to disinfect impacted computers with self-delete commands, but highlight the challenge of re-infection via USB devices. … Read more
April 18, 2024 at 04:04PM The FIN7 threat group recently conducted a spear-phishing attack on a major US-based automotive manufacturer, using a malicious URL to install the Anunak backdoor and gain initial access to high-level IT employee accounts. BlackBerry’s threat and research team halted the attack before ransomware deployment. FIN7 has expanded its targets beyond … Read more
April 15, 2024 at 04:55PM Purdue University researchers have launched Project FIREFLY, aiming to enhance the robustness of cyber-physical systems (CPS) to prevent disruptions and damages in mission-critical applications for the Department of Defense. The $6.5 million project under the Defense Advanced Research Projects Agency will model, simulate, and analyze CPS to identify vulnerabilities and … Read more
April 10, 2024 at 01:24PM Researchers have developed the first native Spectre v2 exploit, affecting Linux systems on modern Intel processors. The discovery highlights the ongoing challenge of balancing performance optimization with security. Spectre V2 leverages speculative execution, leaving traces of sensitive data in CPU caches, and introduces security risks. Various entities are responding with … Read more
April 9, 2024 at 04:58PM Researchers at Bitdefender have identified four vulnerabilities in LG webOS, affecting various smart TV models and exposing around 91,000 devices. These bugs include command injection, privilege escalation, and bypass vulnerabilities, tracked as CVE-2023-6317, CVE-2023-6318, CVE-2023-6319, and CVE-2023-6320. LG released security updates after being alerted in November 2023. Users should check … Read more
March 25, 2024 at 12:11PM ZenHammer is a variant of the Rowhammer DRAM attack specifically targeting AMD Zen CPUs and DDR4/DDR5 memory chips. Developed by researchers at ETH Zurich, it overcomes previous challenges for AMD chips and demonstrates successful bit flips in memory, posing a threat to data security and system privileges. Defenses involve software … Read more
March 20, 2024 at 05:51AM Researchers from the CISPA Helmholtz Center in Germany have identified a new DoS attack that affects UDP-based application protocols and internet-facing systems, causing indefinite communication between servers. This self-sustaining loop attack disrupts services and networks, impacting protocols like NTP and DNS. The technique may be used for amplifying DoS or … Read more
March 13, 2024 at 06:33AM A team of researchers from IBM and VU Amsterdam unveiled a new data leakage attack, GhostRace, affecting major CPU makers and software. The attack exploits speculative race conditions, allowing attackers to access sensitive information from memory. The researchers shared details of the attack, notified vendors, and released a proof-of-concept exploit … Read more
March 4, 2024 at 07:18AM A team of Georgia Tech researchers developed web-based PLC malware, IronSpider, targeting modern PLCs such as Wago, Siemens, and others. This malware exploits web APIs, can persist through updates and hardware replacements, and has potential for real-time data exfiltration and destruction of industrial processes. The researchers also proposed a vendor-agnostic … Read more
February 21, 2024 at 12:15PM University of Florida and CertiK researchers unveil the VoltSchemer attack, exploiting voltage noise from wireless charger power supplies without modifying the chargers. The attack can manipulate voice assistants, damage devices, and bypass Qi standard safety measures. The vulnerability lies in insufficient noise suppression, making all wireless charging vulnerable to interference-based … Read more