Scientists at Cambridge Quantum Computing (CQC) have developed methods and demonstrated that quantum machines can learn to infer hidden information from very general probabilistic reasoning models. These methods could improve a broad range of applicati…
Read More Scientists develop quantum machine learning methods for reasoningClaroty researchers have found and privately disclosed nine vulnerabilities affecting Rockwell Automation’s FactoryTalk AssetCentre, an ICS-specific backup solution. All of the vulnerabilities have been assigned the maximum (10.0) CVSS v3 base score an…
Read More Vulnerabilities in ICS-specific backup solution open industrial facilities to attackSecurity researcher David Sopas has published a new open-source project: MindAPI, a mind map with resources for making API security research easier. “I love mind maps. They help me create a fine-tuned methodology and keep the mind organized,̶…
Read More MindAPI makes API security research and testing easierWhen you bump into someone in the workplace or at your local coffee shop, you might call that an “encounter.” That’s the scientific term for it, too. As part of urgent efforts to fight COVID-19, a science is rapidly developing for mea…
Read More Encrypted method that measures encounters could slow down or prevent future pandemicsAdaptiveMobile Security today publicly disclosed details of a major security flaw in the architecture of 5G network slicing and virtualized network functions. The fundamental vulnerability has the potential to allow data access and denial of service at…
Read More 5G network slicing vulnerability leaves enterprises exposed to cyberattacksMachine learning systems are becoming pervasive not only in technologies affecting our day-to-day lives, but also in those observing them, including face expression recognition systems. Companies that make and use such widely deployed services rely on …
Read More Can private data be recovered from “sanitized” images?According to recent estimates, there will be roughly 10 billion people to feed in 2050. Agricultural production will need to increase by almost 56% to guarantee food security globally, without converting more land for agriculture (in line with environm…
Read More How to tackle modern agriculture security challengesThe delivery method for the six-year-old Gootkit financial malware has been developed into a complex and stealthy delivery system for a wide range of malware, including ransomware. Sophos researchers have named the platform Gootloader. It is actively d…
Read More Multi-payload Gootloader platform stealthily delivers malware and ransomwareWith the voice commands “Alexa Skills,” users can load numerous extra functions onto their Amazon voice assistant. Amazon screens special voice assistant functions for security. However, scammers can circumvent this check. These Skills can often have s…
Read More Alexa Skills: Security gaps and data protection problemsAs browser-makers move to defang third-party (tracking) cookies, marketers are increasingly switching to alternative tracking techniques. One of these is CNAME cloaking, which not only evades anti-tracking measures on most widely-used browsers but, acc…
Read More CNAME-based tracking increasingly used to bypass browsers’ anti-tracking defensesThe internet has revolutionized our lives – whether in terms of working, finding information or entertainment, connecting with others, or shopping. The online world has made many things easier and opened up previously unimaginable opportunities. …
Read More How can we protect ourselves against fake news and manipulation?Detection is a key point in threat hunting. During the past few weeks, stright in the middle of the winter “holidays” (well, maybe if you live in a place where no COVID-19 lockdown was involved), many people re/started a studying program on cybersecurity. Some of them wrote to me asking if there is a way […]
Read More C2 Traffic Patterns: Personal NotesIf you are a security researcher or even a passionate about how attackers implement phishing you will find yourself to look for phishing kits. A phishing kit is not a phishing builder, but a real implementation (actually re-implementation) of a third party website built to lure your victim. Initially attackers use a phishing builder to […]
Read More Introducing PhishingKitTrackerAfter six months from Cyber Threats Trends launch it’s time to check its main findings. When I decided to develop my own Cyber Threats Observatory I was not sure about its effectiveness and I was even more skeptical about the real usage from international cybersecurity communities. Fortunately many students, researchers and professionals used such a […]
Read More Cyber Threats Trends 6 Months Of FindingsHi Folks, today I want to share a quantitative analysis on a weird return-match by Upatre. According to Unit42 Upatre is an ancient downloader firstly spotted in 2013 used to inoculate banking trojans and active up to 2016. First discovered in 2013, Upatre is primarily a downloader tool responsible for delivering additional trojans onto the […]
Read More Is upatre downloader coming back ?