Quantum Secure Blind Decryption with Two Users

We propose two types of protocols for quantum secure blind decryption, involving two users and servers. User 1 holds the encrypted ciphertext. The servers store several indexed keys including the key encrypting the ciphertext. User 2 aims to obtain the decrypted text. The protocols are designed t...

Quantum AI for Cybersecurity: A Hybrid Quantum-Classical Models for Attack Path Analysis

Modern cyberattacks are increasingly complex, posing significant challenges to classical machine learning methods, particularly when labeled data is limited and feature interactions are highly non-linear. In this study we investigates the potential of hybrid quantum-classical learning to enhance...

Defining a new methodology for modeling and tracking compartmentalized threats

In the evolving cyberthreat landscape, Cisco Talos is witnessing a significant shift towards compartmentalized attack kill chains, where distinct stages -- such as initial compromise and subsequent exploitation -- are executed by multiple threat actors. This trend complicates traditional threat...

Outlaw cybergang attacking targets worldwide

Introduction In a recent incident response case in Brazil, we dealt with a relatively simple, yet very effective threat focused on Linux environments. Outlaw also known as "Dota" is a Perl-based crypto mining botnet that typically takes advantage of weak or default SSH credentials for its...

Update: CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware

Introduction Recently, Imperva Threat Research reported on attacker activity leveraging the new PHP vulnerability, CVE-2024-4577. From as early as June 8th, we have detected attacker activity leveraging this vulnerability to deliver malware, which we have now identified to be a part of the...

CVE-2023-2868

A remote command injection vulnerability exists in the Barracuda Email Security Gateway appliance form factor only product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file tape archives. The vulnerability ste...

Trellix Global Defenders: BlackCat Ransomware as a Service - The Cat is certainly out of the bag!

Trellix Global Defenders: BlackCat Ransomware as a Service - The Cat is certainly out of the bag! By Trellix · February 8, 2022 Research Contributions and Analysis: Filippo Sitzia This story was written by Arnab Roy Threat Summary Blackcat also known as ALPHV/Noberus is a Ransomware as a Service...

Want to stay ahead of emerging threats? Here’s how.

Are you working with good information? A key question security organizations might ask themselves with regard to emerging — or imminent — threats: Are the systems we have logging the correct information? They may need that information to hunt threats or to reconstruct what an attacker did while...

CVE-2018-4878 case: for a Hong Kong Telecommunications Company website is intrusion investigations-vulnerability and early warning-the black bar safety net

! Earlier, a researchers found that a Hong Kong Telecommunications Company website hacking attack, 3 May 21, Morphisec laboratory on the site of attack to carry out the investigation, investigators eventually found that the telecommunications company of the Group's official website was hacked, th...

DefenseMatrix - Full security solution for Linux Servers

Full security solution for Linux Servers. SCUTUM is to be added into DefenseMatrix Project After consideration, SCUTUM, as a nice firewall controller, is to be added into DefenseMatrix. It will soon replace the iptables controller and arptables controller in DefenseMatrix. Expect lots of...

For the Node. js in the node-serialize module deserialization vulnerability the subsequent analysis-vulnerability warning-the black bar safety net

Of the Node. js serialization remote command execution vulnerabilities of a number of follow-up found and how to develop the attack load. A few days ago I was in opsecx blog found an article How to use a named node-serialize nodejs module in the RCE remote code execution error blog. The article...

Active Defense Can Give Pause to Threats

SAN FRANCISCO – Disrupting hackers on your own network has become sort of a parlor trick for enterprises with enough resources and desire to dive into those waters. Today at RSA Conference, one expert explained how most organizations can leverage networking tools they’ve already invested in to pu...

A little of Arp attack and Defense combat-website security-the black bar safety net

Frankly, I'm a noob, that is the big hackers and security vendors said the target groups, the former is to attack me, which is likely to protect me. But in any case, the times should also very helpless--I encountered the legendary Arp attack. In a continuous one week time, I found I could not...

Attackers Targeting MS13-055 IE Vulnerability

Attackers are using an Internet Explorer vulnerability, which Microsoft patched yesterday, in targeted attacks that also employ a malicious Flash file installed through a drive-by download launched by compromised Web pages. The exploit that’s being used is capable of bypassing both ASLR and DEP...

DARPA Seeking Help With Targeted Attack Analysis

The networks of government agencies and the military are under constant attack from a variety of sources, and the U.S., like most other countries, relies on those networks to not just run daily operations, but to support missions around the world. In the face of those attacks, the Department of...

Volume of Malware Targeting Java CVE-2012-1723 Flaw Spikes

It’s been nearly two months since Oracle patched the CVE-2012-1723 Java vulnerability, a serious remote pre-authentication flaw that’s present in the Java Runtime Environment. It’s taken a little time, but the attacker community has decided that this bug deserves some serious attention, and as a...

Inside the PlayStation 3 Exploit

The recent attack on the PlayStation 3 hypervisor has gotten a tremendous amount of attention, but there has not been much in the way of detailed analysis of the actual exploit itself. However, a prominent cryptographer and security researcher has looked at the exploit and found that it is a...

DoS against Windows and other systems

A number of fragmented packet cause host to freeze during the attack...