The US Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have jointly released a Public Service Announcement (PSA) titled "Just So You Know: Ransomware Disruptions During Voting Periods Will Not Impact the Security and Resilience of Vote Casting or Counting." It is the latest in their PSA series aimed at putting potential cyber-related election day disruptions during the 2024 election cycle into context for the American people.

As Artificial Intelligence (AI) agents advance, it may become harder to distinguish AI-powered users from real humans online. In a new white paper, researchers from MIT, OpenAI, Microsoft, and other technology and academic institutions propose using "personhood credentials" to enable someone to prove they are an actual human online while protecting their privacy. MIT News interviewed co-authors of the paper, Nouran Soliman and Tobin South, about why personhood credentials are important, the risks posed by such credentials, and how to safely implement them.

Over 5.3 billion people are expected to use digital wallets such as Apple Pay, Google Pay, and PayPal by the year 2026. Although these wallets are supposed to provide greater security than traditional payment methods, the reliance on outdated authentication methods and a preference for convenience over security make digital wallets vulnerable, according to new research led by computer engineers at the University of Massachusetts Amherst. This article continues to discuss the study "In Wallet We Trust: Bypassing the Digital Wallets Payment Security for Free Shopping."

The US cybersecurity agency CISA recently warned that a fresh critical-severity vulnerability in SolarWinds Web Help Desk has been exploited in attacks.  The bug is tracked as CVE-2024-28986 (CVSS score of 9.8) and is described as a Java deserialization remote code execution (RCE) issue that could allow attackers to run commands on the host machine.  This week, SolarWinds announced a hotfix addressing the vulnerability and noted that authentication is required for successful exploitation without mentioning its in-the-wild exploitation.

Researchers have discovered a sophisticated information stealer campaign that distributes "DanaBot" and "StealC" malware by impersonating legitimate brands. Russian-speaking cybercriminals, collectively codenamed "Tusk," are behind several sub-campaigns that exploit different platforms' reputation to trick users into downloading malware via fake websites and social media accounts. All of the sub-campaigns use Dropbox to host the initial downloader, which delivers additional malware samples to the victim's machine.

Palo Alto Networks found a threat actor extorting organizations after compromising their cloud environments using accidentally exposed environment variables. The researchers warn that the large-scale extortion campaign has targeted 110,000 domains using exposed .env files with sensitive data on unsecured web applications and misconfigured servers. These files enable organizations to define configuration variables for their web applications, often including hard-coded access keys for cloud services, Software-as-a-Service (SaaS) Application Programming Interface (API) keys, and more.