Identity compromise has become one of the most significant threats facing cloud infrastructure, particularly when attackers gain access to legitimate credentials. These valid access keys enable adversaries to bypass traditional security defenses, creating opportunities for widespread exploitation. Amazon Web Services environments have witnessed a surge in such attacks, with the Simple Email Service emerging as […]
The post New TruffleNet BEC Campaign Leverages AWS SES Using Stolen Credentials to Compromise 800+ Hosts appeared first on Cyber Security News.
As AI agents become integral to cloud native applications, the Model Context Protocol (MCP) has emerged as a leading standard for enabling these agents to interact with external tools and data sources. But with this new architectural pattern comes a critical security challenge: MCP-based systems require protection at three distinct layers, not just one. The..
The post Defense in Depth for AI: The MCP Security Architecture You’re Missing appeared first on Security Boulevard.
You must login to view this content
Synthetic identity theft — where criminals combine real and fabricated data to create entirely new “people” — is one of the fastest-growing forms of digital fraud. Unlike traditional identity theft, which steals from real individuals, synthetic identity fraud manufactures fake identities that appear legitimate to verification systems. This sophisticated type of fraud is costing organizations …
The post Synthetic Identity Theft in 2025: How Digital Identity Intelligence Detects Fraud That Doesn’t Exist appeared first on Security Boulevard.
SESSION Session 1D: System-Level Security
Authors, Creators & Presenters: Yuan Li (Zhongguancun Laboratory & Tsinghua University), Chao Zhang (Tsinghua University & JCSS & Zhongguancun Laboratory), Jinhao Zhu (UC Berkeley), Penghui Li (Zhongguancun Laboratory), Chenyang Li (Peking University), Songtao Yang (Zhongguancun Laboratory), Wende Tan (Tsinghua University)
PAPER
VulShield: Protecting Vulnerable Code Before Deploying Patches
Despite the high frequency of vulnerabilities exposed in software, patching these vulnerabilities remains slow and challenging, which leaves a potential attack window. To mitigate this threat, researchers seek temporary solutions to prevent vulnerabilities from being exploited or triggered before they are officially patched. However, prior approaches have limited protection scope, often require code modification of the target vulnerable programs, and rely on recent system features. These limitations significantly reduce their usability and practicality. In this work, we introduce VulShield, an automated temporary protection system that addresses these limitations. VulShield leverages sanitizer reports, and automatically generates security policies that describe the vulnerability triggering conditions. The policies are then enforced through a Linux kernel module that can efficiently detect and prevent vulnerability from being triggered or exploited at runtime. By carefully designing the kernel module, VulShield is capable of protecting both vulnerable kernels and user-space programs running on them. It does not rely on recent system features like eBPF and Linux security modules. VulShield is also pluggable and non-invasive as it does not need to modify the code of target vulnerable software. We evaluated VulShield's capability in a comprehensive set of vulnerabilities in 9 different types and found that VulShield mitigated all cases in an automated and effective manner. For Nginx, the latency introduced per request does not exceed 0.001 ms, while the peak performance overhead observed in UnixBench is 1.047%.
Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the organization’s’ YouTube channel.
The post NDSS 2025 – VulShield: Protecting Vulnerable Code Before Deploying Patches appeared first on Security Boulevard.