Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Artificial Intelligence

In Other News: Google’s PQC Threat Model, Keyboard Sounds Expose Data, AI Roadmap 

Noteworthy stories that might have slipped under the radar: Google’s post-quantum cryptography threat model, keyboard typing sounds can expose data, DHS publishes AI roadmap.

Cybersecurity News tidbits

SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports. 

Here are this week’s stories:  

Keyboard typing sounds can expose sensitive user data

Researchers have detailed a new acoustic side-channel attack that involves the sounds made by the keyboard when the user is typing. By analyzing the sounds made by the keyboard and the user’s typing pattern in a realistic scenario, they showed how an attacker could obtain sensitive data such as passwords. During their experiments, the researchers achieved a success rate of 43%.

ICS attacks in the second half of 2023

Kaspersky has published a report on the ICS threat landscape in the second half of 2023. Roughly 31% of the ICS computers protected by the company were targeted, one of the smallest percentages recorded in the past several years.  

Advertisement. Scroll to continue reading.

DHS AI roadmap

The US Department of Homeland Security has laid out its Artificial Intelligence Roadmap, detailing how AI technologies could help protect privacy and civil liberties and rights and deliver essential goods and services, and announced three pilot programs to assess the efficacy of AI. DHS will work with private sector, federal agencies, and international partners to accelerate the development and deployment of AI solutions.

Ukraine arrests hackers trying to sell 100 million stolen accounts

Ukrainian police announced the arrest of three individuals involved in the theft of email and Instagram account credentials via brute-force attacks. The hackers are believed to have stolen the credentials for over 100 million user accounts, selling them to other cybercriminals on the dark web. Authorities seized computer equipment, phones, bank cards, and more than $3,000 in cash. 

Google describes threat model for post-quantum cryptography

Google has shared some details on its threat model for post-quantum cryptography, saying that the main risk for a cryptographically relevant quantum computer is within a 10-15 year timeframe. The company expects significant improvements in this field by 2030.

Google offering rewards for AI-focused improvements to network scanner

Google is offering rewards ranging between $500 and $3,133.7 for contributions to its Tsunami network security scanner. Tsunami has an extensible plugin system for detecting severe vulnerabilities and the tech giant is seeking help for securing open source AI infrastructure via the scanner.

Zoom launches communications compliance solution

Zoom announced the launch of Zoom Compliance Manager, an offering that provides archiving, e-discovery, legal hold, and information protection capabilities to help organizations meet regulatory requirements and mitigate communications compliance risks across the platform.

I-Soon integrated operations platform analysis

BishopFox details the integrated operations platform of Chinese company I-Soon, a private contractor working with multiple Chinese government entities, including the Ministry of Public Security, Beijing’s top policing agency. The platform encompasses internal applications (for mission and resource management) and external applications (for cyber operations). At least two hacking groups are believed to act as I-Soon’s penetration teams.

Chinese hackers targeting defense contractors, government entities

Mandiant has observed the Chinese hacking group tracked as UNC5174 exploiting F5 BIG-IP and Connectwise ScreenConnect vulnerabilities (CVE-2023-46747 and CVE-2024-1709) in attacks targeting US defense contractor appliances, UK government entities, and various institutions. Likely affiliated with China’s Ministry of State Security (MSS), UNC5174 was also linked to Chinese hacktivist collectives.

Zephyr OS vulnerability

A vulnerability in the real-time operating system Zephyr OS renders protections against IP address spoofing attacks useless. Tracked as CVE-2023-7060 (CVSS score of 8.6), the issue exists because Zephyr OS “does not drop IP packets arriving from an external interface with a source address equal to the localhost or the destination address” and opens the door to DoS attacks. Zephyr OS versions 3.5, 3.4, 2.7, and all other releases supporting IPv6 or IPv4 are vulnerable.

DHCP administrators can take over Windows domains

Akamai has discovered that the DHCP administrators group in Active Directory (AD) environments can be leveraged to escalate privileges if a DHCP server role is installed on a domain controller. The attack technique abuses a legitimate feature: by modifying DHCP options, an attacker logged in as a DHCP administrator can make a DHCP server authenticate to their machine, mount a Kerberos relay attack to gain code execution on the DHCP server, and “compromise the entire domain by taking over the DC machine account”.

Related: In Other News: CISA Hacked, Chinese Lock Backdoors, Exposed Secrets

Related: In Other News: Google AI Hacking, Font Vulnerabilities, IBM Training Facility

Written By

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Cody Barrow has been appointed the new CEO of threat intelligence company EclecticIQ.

Shay Mowlem has been named CMO of runtime and application security company Contrast Security.

Attack detection firm Vectra AI has appointed Jeff Reed to the newly created role of Chief Product Officer.

More People On The Move

Expert Insights

Related Content

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Artificial Intelligence

Microsoft and Mitre release Arsenal plugin to help cybersecurity professionals emulate attacks on machine learning (ML) systems.

Application Security

Thinking through the good, the bad, and the ugly now is a process that affords us “the negative focus to survive, but a positive...

Artificial Intelligence

Exposed data includes backup of employees workstations, secrets, private keys, passwords, and over 30,000 internal Microsoft Teams messages.