Aggregator

2024 KCTF 大赛于8月15日正式开赛！比赛设置了多维度的评分体系，包括难度值、火力值和精致度积分，旨在引导竞赛的难度和趣味度，使其更具挑战性和吸引力。同时，也为参赛选手提供了更加公平、有趣的竞

A new "EUCLEAK" flaw found in FIDO devices using the Infineon SLE78 security microcontroller, like Yubico's YubiKey 5 Series, allows attackers to extract Elliptic Curve Digital Signature Algorithm (ECDSA) secret keys and clone the FIDO device. [...]

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063形式主义向来是推动党和国家事业发展的大敌，且花样不断翻新，在数字时代又产生了一些新变种、新现象。7月30日召开的中共中央

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063近日，工业和信息化部、中央网信办、教育部、财政部、自然资源部、住房城乡建设部、农业农村部、国家卫生健康委、中国人民银行、

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063近年来，以大模型为代表的新一代人工智能技术加速迭代，向着更为智能化、通用化、普惠化的方向迈进，成为新一轮科技和产业变革的

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063文 | 清华大学丘成桐数学科学中心教授 丁津泰；重庆大学大数据与软件学院教授 向宏在当今数字化深度融入工作与生活的背景下

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063文 | 西南政法大学校长、教授、博士生导师 林维随着自动驾驶汽车、ChatGPT、人形机器人等人工智能应用的爆发，人工智

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063导 读工业和信息化部、中央网信办、教育部、财政部、自然资源部、住房城乡建设部、农业农村部、国家卫生健康委、中国人民银行、

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063实习招聘 /Recruitment/《中国信息安全》杂志是经国家新闻出版总署批准的面向国内外公开发行的信息安全权威媒体，

 

The decentralized finance (DeFi) and
cryptocurrency industries are being targeted by North Korean social engineering
schemes in highly personalized and convincing ways.

 

Here is an example that the FBI is showcasing:

1.      
A
person from your dream company, using the name of an old colleague, contacts
you on social media, mentioning a conference you both recently attended and
discussing shared interests.

2.      
He
asks if you're job hunting and reveals his company needs your skills, offering
a significant pay raise.  He arranges an
interview with his CTO and during the interview, the CTO gives you a
“pre-employment” test that involves troubleshooting code from some GitHub
repositories you do not recognize.

3.      
You
clone the repositories, execute the code, find the bugs, and pass the test with
flying colors.

 

Congrats - you have fallen for a well-disguised
social engineering scheme conducted by North Korean cyber actors. One of those
GitHub repositories was malicious and landed a malware dropper on your machine
which installed a key logger and acquired your credentials to access your
company’s network.

 

The North Korean attackers gain access and moving
laterally, eventually getting access to the seed phrases and security
signatures for your company’s cryptocurrency assets.  Shortly thereafter all the company’s crypto
assets disappear and everything you and your colleagues worked for is gone.

 

The threat is real.

 

Check out the full FBI public warning here: https://www.ic3.gov/Media/Y2024/PSA240903

The post FBI Warns of North Korea Attacks Against the Crypto Industry appeared first on Security Boulevard.

Apple Watch 的十年一剑（上）：从跨界新秀到可穿戴「大腕」几天之后，传闻中将会有较大幅度更新的 Apple Watch Series X 就要与我们见面了，不知你对这款「十年磨一剑」的产品抱

The UDRL and the Sleepmask are key components of Cobalt Strike’s evasion strategy, yet historically they have not worked well together. For example, prior to CS 4.10, Beacon statically calculated its location in memory using a combination of its base address and its section table. This calculation was then modified depending on the contents of [...]

Read More... from Revisiting the UDRL Part 3: Beacon User Data

The post Revisiting the UDRL Part 3: Beacon User Data appeared first on Cobalt Strike.

The ElectionGuard project allows anyone — voters, campaign staffers, and election officials — to cryptographically verify ballots, a promise that may bolster faith in election integrity.

Disinformation is hardly new, yet its impact is undeniably amplified in the digital age. AI-enabled bots are amplifying the noise.

The post How Bots and AI Are Fueling Disinformation appeared first on Security Boulevard.

via the inimitable Daniel Stori at Turnoff.US!

Permalink

The post Daniel Stori’s Turnoff.US: ‘pid 1’ appeared first on Security Boulevard.

Cisco has removed a backdoor account in the Cisco Smart Licensing Utility (CSLU) that can be used to log into unpatched systems with administrative privileges. [...]

Sophisticated social engineering is expected to accompany threat campaigns that are highly targeted and aimed at stealing crypto and deploying malware.

A vulnerability was found in dpgaspar Flask-AppBuilder up to 4.5.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /login. The manipulation leads to use of web browser cache containing sensitive information. This vulnerability is handled as CVE-2024-45314. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in ethyca fides up to 2.43.x. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Jinja Template Handler. The manipulation leads to improper neutralization of special elements used in a template engine. This vulnerability is known as CVE-2024-45053. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.