Typosquatting is a perfect use case because when people look at URLs and internalize their own misspellings, they are more likely to confuse the website the user visits in the email with the website they associate with the brand. — Typosquatting, or URLs hijacking, is a form of cybersquatting aimed at people who misenter web page addresses in their web browser URL fields. Compared to the typosquatting practice, cybersquatting involves the purchase of domain names to make money on the popularity or reputation of a particular brand or company. The…

Mandiant and FireEye reported that they discovered the APT29 group supported by the Russian nation-state that has been using domain fronting for over two years. Mandiant has been observing for at least two years how Russian nation-state attackers use domain-fronting techniques and clandestine backdoor access in victim environments. — Domain fronting is a relatively new (ish) technique that allows attackers to conceal command and control traffic on infected computers by disguising themselves as traffic from trusted servers hosted on content delivery networks (CDNs).

Pegasus Spyware has recently hit the headlines because it is used to target devices of critical people in various sectors of the country including journalists, activists, politicians, and business leaders. — Last week we saw a story after another on a company called NSO Group and a piece of software called Pegasus. These include shocking claims that updated smartphones can be hacked using a single text message. At our Security Analyst Summit, researchers from Lookout discovered that Pegasus Spyware, which…

Malware has become more sophisticated and attacks vulnerabilities in countless ways. It includes new and dangerous species, including worms (named after the human parasitic worm), trojans, and ransomware which are not by strict definitions computer viruses and should be designated as such. In general, malware, worms, and Trojan horses can cause billions of dollars in damage and disrupt critical infrastructure in real life.

The US Department of Defense has introduced the Cybersecurity Maturity Model Certification (CMMC) to normalize and standardize cybersecurity for the Federal Government and Defense Industrial Base (DIB). The CMMC is a unified standard that implements cybersecurity across the DIB, including over 300,000 companies in the supply chain. It is DoD’s response to a significant compromise of sensitive defense information contained in contractors’ information systems.

The RATs themselves should consider using threat information to detect new digital threats and implement defenses and precautions. RATs play a prominent role in the execution of advanced persistent threats (APT). — A Remote Access Trojan (RAT) is a type of malware that allows attackers to remotely control your system. It is an application that allows hackers to get in the door and have administrative access to a computer. Given that RAT is a malware program that tries to open a back…

X11 for Windows systems is a graphical window system common to Unix and Linux implementations and found in Windows software such as Hummingbird and surpassed by X Server. Several vulnerabilities have been found in X11 (xinput, evi, mit, shm, xfree86, misc extensions), Solaris X11 display server (xorg-1, xsun-1), and Solaris x11 print server (XPRT-1). — Multiple vulnerabilities allow a local or remote, unprivileged user to execute arbitrary code with root privileges on the Solaris X11 display server from XHost [1] or XAuth [1] to access arbitrary memory and X server address space and crash the X11 display server process. Vulnerabilities have been found in Xorg…

The Trusted Execution Environments are one of the technologies that help manufacturers, service providers, and consumers protect their devices and sensitive data. TEE protects the area of the hardware where the code is executed in isolation. The code executed in the trusted execution environment cannot be viewed or modified, so an attacker would only be able to execute malicious code with full privileges on the same processor.

Zero-knowledge proof systems that have received a lot of attention since their introduction are those that use a single message, such as proof of the existence of zero-knowledge or proof against a certain type of proof. — What is it? A zero-knowledge proof protocol is a way for a prover to convince a verifier that a statement containing classified information is true without revealing even a single bit of information (or a fraction thereof) about that knowledge. This is because the prover can prove the accuracy of the claim…