New ‘Deep Learning Attack’ Deciphers Laptop Keystrokes with 95% Accuracy

New ‘Deep Learning Attack’ Deciphers Laptop Keystrokes with 95% Accuracy

,

A group of academics has devised a « deep learning-based acoustic side-channel attack » that can be used to classify laptop keystrokes that are recorded using a nearby phone with 95% accuracy.
« When trained on keystrokes recorded using the video conferencing software Zoom, an accuracy of 93% was achieved, a new best for the medium, » researchers Joshua Harrison, Ehsan Toreini, and Maryam Mehrnezhad

,

A group of academics has devised a « deep learning-based acoustic side-channel attack » that can be used to classify laptop keystrokes that are recorded using a nearby phone with 95% accuracy.
« When trained on keystrokes recorded using the video conferencing software Zoom, an accuracy of 93% was achieved, a new best for the medium, » researchers Joshua Harrison, Ehsan Toreini, and Maryam Mehrnezhad

, ,
https://thehackernews.com/2023/08/new-deep-learning-attack-deciphers.html

New SkidMap Redis Malware Variant Targeting Vulnerable Redis Servers

New SkidMap Redis Malware Variant Targeting Vulnerable Redis Servers,

Vulnerable Redis services have been targeted by a « new, improved, dangerous » variant of a malware called SkidMap that’s engineered to target a wide range of Linux distributions.
« The malicious nature of this malware is to adapt to the system on which it is executed, » Trustwave security researcher Radoslaw Zdonczyk said in an analysis published last week.
Some of the Linux distribution SkidMap

,

Vulnerable Redis services have been targeted by a « new, improved, dangerous » variant of a malware called SkidMap that’s engineered to target a wide range of Linux distributions.
« The malicious nature of this malware is to adapt to the system on which it is executed, » Trustwave security researcher Radoslaw Zdonczyk said in an analysis published last week.
Some of the Linux distribution SkidMap

, ,
https://thehackernews.com/2023/08/new-skidmap-redis-malware-variant.html

FBI Alert: Crypto Scammers are Masquerading as NFT Developers

FBI Alert: Crypto Scammers are Masquerading as NFT Developers,

The U.S. Federal Bureau of Investigation (FBI) is warning about cyber crooks masquerading as legitimate non-fungible token (NFT) developers to steal cryptocurrency and other digital assets from unsuspecting users.
In these fraudulent schemes, criminals either obtain direct access to NFT developer social media accounts or create look-alike accounts to promote « exclusive » new NFT releases, often

,

The U.S. Federal Bureau of Investigation (FBI) is warning about cyber crooks masquerading as legitimate non-fungible token (NFT) developers to steal cryptocurrency and other digital assets from unsuspecting users.
In these fraudulent schemes, criminals either obtain direct access to NFT developer social media accounts or create look-alike accounts to promote « exclusive » new NFT releases, often

, ,
https://thehackernews.com/2023/08/fbi-alert-crypto-scammers-are.html

MDR: Empowering Organizations with Enhanced Security

MDR: Empowering Organizations with Enhanced Security,

Managed Detection and Response (MDR) has emerged as a crucial solution for organizations looking to bolster their security measures. MDR allows businesses to outsource the management of Endpoint Detection and Response (EDR) products deployed across their network domain. With real-time threat-hunting capabilities, MDR services detect and mitigate malicious activities on individual endpoints while

,

Managed Detection and Response (MDR) has emerged as a crucial solution for organizations looking to bolster their security measures. MDR allows businesses to outsource the management of Endpoint Detection and Response (EDR) products deployed across their network domain. With real-time threat-hunting capabilities, MDR services detect and mitigate malicious activities on individual endpoints while

, ,
https://thehackernews.com/2023/08/mdr-empowering-organizations-with.html

Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems

Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems,

Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea.
« Unlike other rootkit malware that typically only provide concealment capabilities, Reptile goes a step further by offering a reverse shell, allowing threat actors to easily take control of systems, » the AhnLab Security Emergency Response Center (ASEC) said in a report published this week.
« Port

,

Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea.
« Unlike other rootkit malware that typically only provide concealment capabilities, Reptile goes a step further by offering a reverse shell, allowing threat actors to easily take control of systems, » the AhnLab Security Emergency Response Center (ASEC) said in a report published this week.
« Port

, ,
https://thehackernews.com/2023/08/reptile-rootkit-advanced-linux-malware.html

Microsoft Addresses Critical Power Platform Flaw After Delays and Criticism

Microsoft Addresses Critical Power Platform Flaw After Delays and Criticism,

Microsoft on Friday disclosed that it has addressed a critical security flaw impacting Power Platform, but not before it came under criticism for its failure to swiftly act on it.
« The vulnerability could lead to unauthorized access to Custom Code functions used for Power Platform custom connectors, » the tech giant said. « The potential impact could be unintended information disclosure if secrets

,

Microsoft on Friday disclosed that it has addressed a critical security flaw impacting Power Platform, but not before it came under criticism for its failure to swiftly act on it.
« The vulnerability could lead to unauthorized access to Custom Code functions used for Power Platform custom connectors, » the tech giant said. « The potential impact could be unintended information disclosure if secrets

, ,
https://thehackernews.com/2023/08/microsoft-addresses-critical-power.html

Researchers Uncover New High-Severity Vulnerability in PaperCut Software

Researchers Uncover New High-Severity Vulnerability in PaperCut Software,

Cybersecurity researchers have discovered a new high-severity security flaw in PaperCut print management software for Windows that could result in remote code execution under specific circumstances.
Tracked as CVE-2023-39143 (CVSS score: 8.4), the flaw impacts PaperCut NG/MF prior to version 22.1.3. It has been described as a combination of a path traversal and file upload vulnerability.
« 

,

Cybersecurity researchers have discovered a new high-severity security flaw in PaperCut print management software for Windows that could result in remote code execution under specific circumstances.
Tracked as CVE-2023-39143 (CVSS score: 8.4), the flaw impacts PaperCut NG/MF prior to version 22.1.3. It has been described as a combination of a path traversal and file upload vulnerability.
« 

, ,
https://thehackernews.com/2023/08/researchers-uncover-new-high-severity.html

NYC Couple Pleads Guilty to Money Laundering in $3.6 Billion Bitfinex Hack

NYC Couple Pleads Guilty to Money Laundering in $3.6 Billion Bitfinex Hack,

A married couple from New York City has pleaded guilty to money laundering charges in connection with the 2016 hack of cryptocurrency stock exchange Bitfinex, resulting in the theft of about 120,000 bitcoin.
The development comes more than a year after Ilya Lichtenstein, 35, and his wife, Heather Morgan, 33, were arrested in February 2022, following the seizure of roughly 95,000 of the stolen

,

A married couple from New York City has pleaded guilty to money laundering charges in connection with the 2016 hack of cryptocurrency stock exchange Bitfinex, resulting in the theft of about 120,000 bitcoin.
The development comes more than a year after Ilya Lichtenstein, 35, and his wife, Heather Morgan, 33, were arrested in February 2022, following the seizure of roughly 95,000 of the stolen

, ,
https://thehackernews.com/2023/08/nyc-couple-pleads-guilty-to-money.html

Webinar – Making PAM Great Again: Solving the Top 5 Identity Team PAM Challenges

Webinar – Making PAM Great Again: Solving the Top 5 Identity Team PAM Challenges,

Privileged Access Management (PAM) solutions are widely acknowledged as the gold standard for securing critical privileged accounts. However, many security and identity teams face inherent obstacles during the PAM journey, hindering these solutions from reaching their full potential. These challenges deprive organizations of the resilience they seek, making it essential to address them

,

Privileged Access Management (PAM) solutions are widely acknowledged as the gold standard for securing critical privileged accounts. However, many security and identity teams face inherent obstacles during the PAM journey, hindering these solutions from reaching their full potential. These challenges deprive organizations of the resilience they seek, making it essential to address them

, ,
https://thehackernews.com/2023/08/webinar-making-pam-great-again-solving.html

Malicious npm Packages Found Exfiltrating Sensitive Data from Developers

Malicious npm Packages Found Exfiltrating Sensitive Data from Developers,

Cybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate sensitive developer information.
Software supply chain firm Phylum, which first identified the « test » packages on July 31, 2023, said they « demonstrated increasing functionality and refinement, » hours after which they were removed and re-uploaded under different

,

Cybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate sensitive developer information.
Software supply chain firm Phylum, which first identified the « test » packages on July 31, 2023, said they « demonstrated increasing functionality and refinement, » hours after which they were removed and re-uploaded under different

, ,
https://thehackernews.com/2023/08/malicious-npm-packages-found.html