Tag: network
-
NDSS 2025 LADDER: Multi-Objective Backdoor Attack Via Evolutionary Algorithm
Session 12D: ML Backdoors Authors, Creators & Presenters: Dazhuang Liu (Delft University of Technology), Yanqi Qiao (Delft University of Technology), Rui Wang (Delft University of Technology), Kaitai Liang (Delft University of Technology), Georgios Smaragdakis (Delft University of Technology) PAPER LADDER: Multi-Objective Backdoor Attack via Evolutionary Algorithm Current black-box backdoor attacks in convolutional neural networks formulate…
-
Cyber attacks enabled by basic failings, Palo Alto analysis finds
Changing the paradigm: Unit 42’s answer to this endless cycle of attackers always being one step ahead of defenders is to change the paradigm: cybersecurity has become so specialized, it says, that the answer is to use a managed service built from the ground up to counter real rather than abstract threats.With that in mind,…
-
Businesses may be caught by government proposals to restrict VPN use
Labour proposals to restrict social media use to people aged 16 and under could have unintended consequences for businesses using virtual private networks First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639234/Businesses-may-be-caught-by-government-proposals-to-restrict-VPN-use
-
Elon Musk’s AI Bot Snared in New Irish, European Probes
GrokAI Non-Consensual Sexual Imagery Raises Official Hackles. European regulatory pressure on Elon Musk’s X social media network intensified this week with new probes into potential breaches of privacy roles by Grok AI chatbot. X claims to have stopped Grok from outputting the offending images, but apparently the chatbot still generates them. First seen on govinfosecurity.com…
-
Palo Alto Networks’ Koi acquisition is all about keeping AI agents in check
The company says it will integrate Koi’s technology into its security offerings to improve visibility into AI-driven activity on workplace devices. First seen on cyberscoop.com Jump to article: cyberscoop.com/palo-alto-networks-acquires-koi-agentic-ai-security/
-
NDSS 2025 Defending Against Membership Inference Attacks On Iteratively Pruned Deep Neural Network
Session 12C: Membership Inference Authors, Creators & Presenters: Jing Shang (Beijing Jiaotong University), Jian Wang (Beijing Jiaotong University), Kailun Wang (Beijing Jiaotong University), Jiqiang Liu (Beijing Jiaotong University), Nan Jiang (Beijing University of Technology), Md Armanuzzaman (Northeastern University), Ziming Zhao (Northeastern University) PAPER Defending Against Membership Inference Attacks on Iteratively Pruned Deep Neural Networks Model…
-
Palo Alto Networks To Acquire ‘Agentic Endpoint’ Security Startup Koi
Palo Alto Networks announced Tuesday it has reached a deal to acquire Koi, a startup offering capabilities for boosting visibility and protection for AI agent usage on endpoint devices. First seen on crn.com Jump to article: www.crn.com/news/security/2026/palo-alto-networks-to-acquire-agentic-endpoint-security-startup-koi
-
Palo Alto Networks To Acquire ‘Agentic Endpoint’ Security Startup Koi
Palo Alto Networks announced Tuesday it has reached a deal to acquire Koi, a startup offering capabilities for boosting visibility and protection for AI agent usage on endpoint devices. First seen on crn.com Jump to article: www.crn.com/news/security/2026/palo-alto-networks-to-acquire-agentic-endpoint-security-startup-koi
-
OT teams are losing the time advantage against industrial threat actors
In many industrial environments, internet-facing gateways, remote access appliances, and boundary systems sit close enough to production networks that attackers can move from … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/17/ot-cybersecurity-threats-2026-research/
-
Side-Channel Attacks Against LLMs
Tags: access, attack, chatgpt, credit-card, data, defense, exploit, LLM, monitoring, network, open-source, openai, phone, side-channelHere are three papers describing different side-channel attacks against LLMs. “Remote Timing Attacks on Efficient Language Model Inference”: Abstract: Scaling up language models has significantly increased their capabilities. But larger models are slower models, and so there is now an extensive body of work (e.g., speculative sampling or parallel decoding) that improves the (average case)…
-
My Day Getting My Hands Dirty with an NDR System
My objectiveThe role of NDR in SOC workflowsStarting up the NDR systemHow AI complements the human responseWhat else did I try out?What could I see with NDR that I wouldn’t otherwise?Am I ready to be a network security analyst now?My objectiveAs someone relatively inexperienced with network threat hunting, I wanted to get some hands-on experience…
-
Unit 42: Nearly two-thirds of breaches now start with identity abuse
Palo Alto Network’s incident response firm said identity-based attacks are exploding as poor security controls stretch across a widening mosaic of integrated tools and systems. First seen on cyberscoop.com Jump to article: cyberscoop.com/attackers-abuse-identity-unit42-palo-alto-networks-incident-response-report/
-
New ‘ClickFix’ Malware Payload Targets Browser Cache, Warns Cybersecurity Experts
Threat actors on underground forums are now promoting a new “ClickFix” payload-delivery technique that hides malware in the browser cache to evade endpoint detection and response (EDR) tools. The seller pitches the method as an evolution of existing ClickFix/FileFix social”‘engineering chains, claiming it can execute malicious code via Windows File Explorer without generating obvious network…
-
NDSS 2025 SiGuard: Guarding Secure Inference With Post Data Privacy
Session 12C: Membership Inference Authors, Creators & Presenters: Xinqian Wang (RMIT University), Xiaoning Liu (RMIT University), Shangqi Lai (CSIRO Data61), Xun Yi (RMIT University), Xingliang Yuan (University of Melbourne) PAPER SIGuard: Guarding Secure Inference with Post Data Privacy Secure inference is designed to enable encrypted machine learning model prediction over encrypted data. It will ease…
-
Over 500,000 VKontakte accounts hijacked through malicious Chrome extensions
Researchers said they identified a network of five Chrome extensions, marketed as tools to change themes and enhance the VK user experience, that took control of infected accounts and manipulated settings without users’ consent. First seen on therecord.media Jump to article: therecord.media/500000-vkontakte-accounts-hijacked-chrome-extensions
-
NDSS 2025 A Method To Facilitate Membership Inference Attacks In Deep Learning Models
Session 12C: Membership Inference Authors, Creators & Presenters: Zitao Chen (University of British Columbia), Karthik Pattabiraman (University of British Columbia) PAPER A Method to Facilitate Membership Inference Attacks in Deep Learning Models Modern machine learning (ML) ecosystems offer a surging number of ML frameworks and code repositories that can greatly facilitate the development of ML…
-
Leaky Chrome extensions with 37M installs caught divulging your browsing history
Encrypted exfiltration made detection difficult: The researcher said in a blog post that several of these extensions attempted to hide the nature of transmitted data. Outbound payloads were frequently encrypted or encoded before transmission, preventing automated inspection.”Manual inspection of the captured traffic revealed a variety of obfuscation schemes: base64, ROT47, LZ-String compression, and full AES-256…
-
Top Security Incidents of 2025: Lazarus Group’s Cryptocurrency Heist
Tags: apt, attack, breach, crypto, cyber, data-breach, group, korea, lazarus, network, north-korea, security-incident, supply-chainEvent Summary In February 2025, the North Korea-linked APT group Lazarus launched a highly sophisticated supply chain attack against the prominent cryptocurrency exchange Bybit, successfully stealing over 400,000 ETH and stETH”, valued at approximately $1.5 billion. This incident marks the largest single security breach in the global cryptocurrency sector to date. The attack exposed critical…
-
Leaky Chrome extensions with 37M installs caught shipping your browsing history
Encrypted exfiltration made detection difficult: The researcher said in a blog post that several of these extensions attempted to hide the nature of transmitted data. Outbound payloads were frequently encrypted or encoded before transmission, preventing automated inspection.”Manual inspection of the captured traffic revealed a variety of obfuscation schemes: base64, ROT47, LZ-String compression, and full AES-256…
-
Firewall Penetration Testing: Definition, Process and Tools
Firewall penetration testing examines the firewall as a security control and identifies the weaknesses that allow unwanted traffic to reach internal systems. It helps to make the network secure by checking that inbound and outbound filtering rules block unwanted traffic correctly. It also protects the perimeter by keeping internal-to-external boundaries intact and preventing external probes……
-
10 years later, Bangladesh Bank cyberheist still offers cyber-resiliency lessons
Tags: access, ai, application-security, attack, automation, backdoor, banking, ceo, cisco, ciso, compliance, control, credentials, crypto, cyber, cybercrime, cybersecurity, data-breach, defense, detection, endpoint, exploit, finance, fintech, firewall, framework, infrastructure, intelligence, international, malware, monitoring, network, north-korea, oracle, password, risk, service, software, theft, threat, tool, vulnerabilitySecurity shortcomings: Adrian Cheek, senior cybercrime researcher at threat exposure management firm Flare, said the Bangladesh Bank heist was possible because of a number of security shortcomings, including a failure to air gap critical infrastructure.”The Bank of Bangladesh had four servers and the same number of desktops connected to SWIFT,” Cheek says. “This infrastructure, however,…
-
CISA Issues Alert on ZLAN ICS Flaws Enabling Full Device Takeover
Tags: advisory, cisa, cyber, cybersecurity, flaw, infrastructure, network, technology, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory regarding significant security flaws discovered in industrial networking equipment manufactured by ZLAN Information Technology Co. The alert, identified as ICSA-26-041-02, focuses on the ZLAN5143D serial-to-Ethernet device server, a component widely utilized to bridge legacy serial devices with modern network infrastructure. These vulnerabilities pose…
-
NDSS 2025 Diffence: Fencing Membership Privacy With Diffusion Models
Session 12C: Membership Inference Authors, Creators & Presenters: PAPER Yuefeng Peng (University of Massachusetts Amherst), Ali Naseh (University of Massachusetts Amherst), Amir Houmansadr (University of Massachusetts Amherst) Deep learning models, while achieving remarkable performances across various tasks, are vulnerable to membership inference attacks (MIAs), wherein adversaries identify if a specific data point was part of…
-
NDSS 2025 Diffence: Fencing Membership Privacy With Diffusion Models
Session 12C: Membership Inference Authors, Creators & Presenters: PAPER Yuefeng Peng (University of Massachusetts Amherst), Ali Naseh (University of Massachusetts Amherst), Amir Houmansadr (University of Massachusetts Amherst) Deep learning models, while achieving remarkable performances across various tasks, are vulnerable to membership inference attacks (MIAs), wherein adversaries identify if a specific data point was part of…
-
NDSS 2025 Black-Box Membership Inference Attacks Against Fine-Tuned Diffusion Models
Session 12C: Membership Inference Authors, Creators & Presenters: Yan Pang (University of Virginia), Tianhao Wang (University of Virginia) PAPER Black-box Membership Inference Attacks against Fine-tuned Diffusion Models With the rapid advancement of diffusion-based image-generative models, the quality of generated images has become increasingly photorealistic. Moreover, with the release of high-quality pre-trained image-generative models, a growing…
-
Zscaler-SquareX Deal Boosts Zero Trust, Secure Browsing Capabilities
Zscaler’s acquisition of SquareX comes as competitors like CrowdStrike and Palo Alto Networks are also investing in secure browser technologies. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/zscaler-squarex-deal-boosts-zero-trust-secure-browsing-capabilities
-
Zscaler-SquareX Deal Boosts Zero Trust, Secure Browsing Capabilities
Zscaler’s acquisition of SquareX comes as competitors like CrowdStrike and Palo Alto Networks are also investing in secure browser technologies. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/zscaler-squarex-deal-boosts-zero-trust-secure-browsing-capabilities
-
Critical BeyondTrust RS vulnerability exploited in active attacks
remote access.exe and others.”The attackers also managed to create domain accounts using the net user command and then added them to administrative groups such as “enterprise admins” or “domain admins.”The AdsiSearcher tool was used to search the Active Directory environment for other computers and PSexec was used to install SimpleHelp on multiple devices.The researchers also…
-
NDSS 2025 Automated Mass Malware Factory
Session 12B: Malware Authors, Creators & Presenters: Heng Li (Huazhong University of Science and Technology), Zhiyuan Yao (Huazhong University of Science and Technology), Bang Wu (Huazhong University of Science and Technology), Cuiying Gao (Huazhong University of Science and Technology), Teng Xu (Huazhong University of Science and Technology), Wei Yuan (Huazhong University of Science and Technology),…