In mid-January 2024, researchers at the Zero Day Initiative (ZDI) discovered a DarkGate campaign that exploited the Windows zero-day flaw, tracked as CVE-2024-21412, using fake software installers. An unauthenticated attacker can exploit the flaw by sending the victim a specially crafted file that bypasses the displayed security checks. The attacker must trick the victims into clicking the file link.

A leaked database containing over 70 million records, allegedly stolen from AT&T, is now on the illicit marketplace BreachForums nearly for free. Some researchers have confirmed the legitimacy of the data, but it is unclear how the hackers got it. The seller claims that ShinyHunters, a criminal group, obtained the data in 2021. The data has previously been made public. In 2022, Cybernews reported that ShinyHunters demanded at least $200,000 for 70 million records allegedly belonging to AT&T.

The International Monetary Fund (IMF) recently announced that it is investigating a cybersecurity breach that led to the compromise of several internal email accounts.  The Washington-headquartered UN financial agency revealed in a brief statement on Friday that the incident was first detected on February 16.  The investigation determined that 11 IMF email accounts were compromised.  The IMF noted that the impacted email accounts were re-secured and that they have no indication of further compromise beyond these email accounts at this point in time.

Researchers Alireza Taheritajar and Reza Rahaeimehr at Augusta University have published a technical paper detailing their acoustic side-channel attack method. They demonstrated a new acoustic side-channel attack on keyboards that can deduce user input from typing patterns, even in noisy environments. Although the method has an average success rate of 43 percent, which is significantly lower than previously presented techniques, it does not require controlled recording conditions or a specific typing platform.

Researchers at Ben-Gurion University's Offensive AI Research Lab have presented an attack that can decipher AI assistant responses. The technique involves a side-channel found in all major Artificial Intelligence (AI) assistants except Google Gemini. It refines the fairly raw results through Large Language Models (LLMs) trained specifically for the task.

Continued advancements in quantum computer development and performance will make it possible to crack current encryption processes. In an effort to address this challenge, researchers at the Technical University of Munich (TUM) are working to develop encryption methods that use physical laws to prevent message interception. Satellites will be launched as part of the QUICK³ space mission to protect communications over long distances. This article continues to discuss the effort to address the challenge regarding the transmission of data over long distances in quantum cryptography.

A threat actor called "Blind Eagle," also known as APT-C-36, has been observed using a loader malware named "Ande Loader" to deliver Remote Access Trojans (RATs) such as Remcos RAT and NjRAT. According to eSentire, the attacks, launched through phishing emails, targeted Spanish-speaking users in the North American manufacturing industry. Blind Eagle is a financially motivated threat actor who has previously executed cyberattacks against entities in Colombia and Ecuador to deliver AsyncRAT, BitRAT, Lime RAT, NjRAT, Remcos RAT, and more.

According to a new public opinion poll conducted by MITRE and The Harris Poll, the US public believes cyberattacks to be of the greatest risk to critical infrastructure. Seventy-eight percent are concerned about cyberattacks, and 51 percent are not confident that the US is prepared to recover from an attack.

According to security researchers at Palo Alto's Unit 42 threat intelligence group, advanced attackers are increasingly seeking speed. The researchers analyzed hackers' preferred strategies for infiltrating organizations, exfiltrating data, crypto-locking systems with ransomware, and more in 2023. Wendi Whitmore, senior vice president at Unit 42, cautioned that the time between initial compromise and data exfiltration is shrinking. She goes on to say that attackers are sometimes beginning to exfiltrate data in hours rather than days, calling on defenders speed up their operations.

According to the US Department of Justice (DOJ), a Moldovan national has been sentenced to 42 months in US federal prison for running a set of websites selling access to compromised computers worldwide. He was the administrator for the E-Root Marketplace, which listed over 350,000 compromised credentials for sale. E-Root operated on a widely distributed network and took steps to hide the identities of its administrators, buyers, and sellers.