Tag Archive for: identified

Deepfakes, Ransomware Identified As Imminent Threats For 2024 In India: Report


(MENAFN– IANS) New Delhi, March 22 (IANS) Artificial Intelligence (AI)-generated deepfakes, multi-factor authentication (MFA) fatigue attacks, and complex ransomware incidents are identified as imminent threats for 2024 in India that require urgent attention, a new report said on Friday.

Looking ahead to 2024, Seqrite, the enterprise arm of global cybersecurity solutions provider Quick Heal, anticipated emerging challenges that demand vigilance and strategic preparedness.

“With the rise of AI-powered threats like BlackMamba and the prevalence of Living off the Land attacks, Chief Information Security Officers (CISOs) must adopt advanced evasion techniques and heightened defences to combat evolving threats effectively,” the experts said.

According to the report, the upcoming 2024 elections are poised to attract phishing attacks exploiting political interests, while supply chain vulnerabilities underscore the need for collaborative cybersecurity efforts between the public and private sectors.

Moreover, the report emphasised the importance of implementing resilient strategies to mitigate ransomware threats through practices such as regular data backups, network segmentation, and prompt isolation of affected systems.

“CISOs are encouraged to maintain vigilance regarding evolving cyber regulations and compliance standards, aligning security policies accordingly to ensure continual compliance and resilience,” the experts stated.

Further, the report highlighted the significance of embracing emerging technologies like AI, quantum computing, and IoT (Internet of Things), while remaining cognizant of the associated cybersecurity risks.

It also underscored the importance of fostering collaborative relationships among CISOs and security professionals to collectively enhance organisations’ cybersecurity posture and response capabilities.

MENAFN22032024000231011071ID1108010495


Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses,…

Source…

‘TunnelCrack’ Vulnerabilities Identified; Updating VPN Should Address Security Issue – Forbes Advisor


Editorial Note: We earn a commission from partner links on Forbes Advisor. Commissions do not affect our editors’ opinions or evaluations.

A virtual private network can provide peace of mind by encrypting your activity on the internet and hiding your identity while you browse, which allows you to visit foreign websites and provides a more secure way to transmit private information.

But a new study has uncovered weaknesses that could allow your phone or computer to be tricked into leaking your online data input, known as “traffic,” before the traffic reaches the protected VPN tunnel.

In a paper presented at the USENIX Security Symposium on August 11, researchers from New York University, KU Leuven University in Belgium and NYU Abu Dhabi dubbed the VPN problem “TunnelCrack.”

And no matter what type of device you use, or what your VPN is, you could be at risk.

What Were the Findings?

“Our tests indicate that every VPN product is vulnerable on at least one device,” the researchers wrote. “We found that VPNs for iPhones, iPads, MacBooks, and macOS are extremely likely to be vulnerable, that a majority of VPNs on Windows and Linux are vulnerable, and that Android is the most secure with roughly one-quarter of VPN apps being vulnerable.”

The differences appear to have to do with the way the various operating systems are designed.

The testers confirmed their findings by running 248 experiments involving 67 VPN providers on Windows, macOS, iOS, Linux and Android.

Study co-author Mathy Vanhoef, a professor at KU Leuven, says researchers were able to run their tests without putting the public at risk. “We…used our own phones and own laptops, installed a lot of VPN apps you can find and then tested it,” he says, “and could basically attack ourselves in a lot of cases.”

Choose the VPN Plan that Works for You

Protect your Windows, Mac, iOS, Android, Linux devices, as well as gaming consoles, smart TVs, and routers with CyberGhost VPN.


Explore More

How Does TunnelCrack Work?

Two types of vulnerabilities were discovered: LocalNet attacks and ServerIP attacks.

LocalNet attacks involve traffic sent to and from…

Source…

Newly identified PACMAN flaw in Apple M1 CPU can’t be patched


What just happened? Researchers have revealed a newly discovered attack vector allowing malicious actors to overcome the M1’s security features. The exploit allows the CPU’s Pointer Authentication Codes (PAC), designed to defend against malicious code injection, to be sidestepped entirely. It also leaves no trace of an attack and cannot be proactively patched due to the exploit’s hardware-based nature.

Led by MIT’s Mengjia Yan, researchers from MIT’s Computer Science and Artificial Intelligence Laboratory (MIT CSAIL) created the novel attack using a combination of memory corruption and speculative execution to bypass the M1’s security. The research team’s proof of concept also demonstrated the attack’s effectiveness against the CPU kernel, which could have far-reaching impacts on any PAC-enabled ARM system.

A PAC typically guards the OS kernel by causing any mismatch between a PAC pointer and its authentication code to result in a crash. The PACMAN attack’s reliance on speculative execution and repeated guesses is critical to its success. Due to the finite number of PAC values, the team determined that it would be possible for a malicious actor to find the correct PAC value by simply trying them all. However, this requires the ability to make multiple guesses without triggering an exception any time the values are incorrectly guessed. The researchers figured out a way to do just that.

According to the team, a given malware exploit would have a 1 in 65,000 chance of guessing the correct code and not producing an exception. Unlike other malware, PACMAN can prevent these wrong guesses from triggering an exception, resulting in the ability to avoid crashes. Once guessed, the malware can inject malicious code into the target’s memory without resistance.

Despite the MIT team’s findings, a statement by Apple’s Scott Radcliffe attempted to downplay the discovery and its potential impact.

“[The exploit] does not pose an immediate threat to our users and is insufficient to bypass operating system security protections on its own,” said Radcliffe.

Apple currently uses PAC on all of their custom ARM products. Other manufacturers, including Qualcomm and Samsung, have also…

Source…

Blacklisted Iranian airline targeted by cyber attack, hackers identified


Iran’s Mahan Air was reportedly hit by a cyberattack on Sunday morning, making it the latest in the series of hacking attempts that it has been targetted by. Notably, Mahan is the second-largest airline operating in the country and has been accused of “providing financial, material, or technological support to the IRGC-QF.” IRGC-QF, which stands for Islamic Revolutionary Gaurd Corps- Quds Force has been sanctioned by the US since 2011 for aiding terrorists. 

In the aftermath of the attack, Mahan issued a statement stating, “Mahan Air’s computer system has suffered a new attack. It has already been the target on several occasions due to its important position in the country’s aviation industry.”

Further, in its statement, the company claimed to have successfully thwarted the attack, however, a report in the Jerusalem Post stated that the group which claimed responsibility was successful in obtaining certain documents regarding IRGC. The same was confirmed by hacker group Hoosyarane Vatan, which in a Telegram Post, stated that people “deserved to know the truth behind money spent by IRGC abroad.” The group even went further to state that even after detecting the attack, the airlines were “never managed to drive us out of there, and our access to their network was never damaged.”

“We believe the public deserves to know the truth behind this cooperation and the money wasted on IRGC activities abroad while Iranian people suffer at home,” Hooshyarane-Vatan said in a statement. 

Iran targetted by multiple cyber attacks 

Late last month, a cyberattack targeted gas stations across Iran, leaving the motorists stranded in long queues for several hours as the government-issued electronic cards became non-operational. While it remains unclear what caused the major compromise and breach of security at the pumps that deliver subsidised fuel to the Iranians, the state media reported that the incident was aimed at directly challenging Iran’s Supreme Leader Ayatollah Ali Khamenei. 

The agency stated that the government-issued card punched in to buy fuel through the machines on Tuesday flashed back an error code with a message: “Cyberattack 64411.”…

Source…