Tags → #cybersecurity

A proposed Convolutional Neural Network (CNN) model aims to enhance cybersecurity in the Internet of Medical Things (IoMT) by achieving high accuracy in detecting cyberattacks, while also addressing challenges related to real-time performance and integration within healthcare networks.

Remote Access Tools (RATs), such as VenomRAT and AsyncRAT, are utilized by cyber attackers for unauthorized system control, with distinct differences in their capabilities and detection methods.

The Qualys Threat Research Unit has identified five critical Local Privilege Escalation vulnerabilities in the needrestart component, which is installed by default on Ubuntu Server, allowing unprivileged users to gain root access without user interaction.

The Common Weakness Enumeration (CWE) Top 25 list has been released, identifying critical software vulnerabilities that require attention from developers and security professionals.

Insikt Group has reported the emergence of a cyber-espionage campaign attributed to TAG-110, which primarily targets organizations in Central Asia, East Asia, and Europe.

A cybersecurity incident involving LevelBlue's Managed Detection and Response (MDR) Security Operations Center has underscored the importance of monitoring persistence mechanisms, following the detection of a potentially unwanted application that utilized suspicious registry keys and scheduled tasks.

ESET researchers have identified multiple samples of a Linux backdoor named WolfsBane, attributed to the Gelsemium APT group, marking the first public report of their use of Linux malware.

Foray is a newly developed attack synthesis framework aimed at improving the security of Decentralized Finance applications by effectively identifying vulnerabilities in smart contracts.

On November 20, 2024, Phylum's automated risk detection platform identified a malicious update in the "aiocpa" package on PyPI, which was designed to steal private keys through obfuscated code.

In late October 2024, analysts at EclecticIQ identified a sophisticated phishing campaign targeting the telecommunications and financial sectors, utilizing Google Docs to deliver links that redirected victims to counterfeit login pages hosted on Weebly.