Joint Secrecy and Covert Communication (JSACC): An Enhanced Physical Layer Security Approach

In this paper, we propose an enhanced physical layer security approach, named joint secrecy and covert communication JSACC, which aims to improve the performance of physical layer security PLS. The JSACC system can dynamically switch between secrecy mode and covert mode according to the channel...

Steganographic Information Hiding Via Symmetric Numerical Semigroups

We introduce a steganographic information hiding scheme based on structural properties of numerical semigroups arising from the Frobenius coin problem. Instead of encoding data through representable integers, the proposed protocol embeds information into the gap structure of carefully chosen...

Exploring AI in Steganography and Steganalysis: Trends, Clusters, and Sustainable Development Potential

Steganography and steganalysis are strongly related subjects of information security. Over the past decade, many powerful and efficient artificial intelligence AI - driven techniques have been designed and presented during research into steganography as well as steganalysis. This study presents a...

EUVD-2008-3861

Malware in sbrugna...

Topology Generation of UAV Covert Communication Networks: a Graph Diffusion Approach with Incentive Mechanism

With the growing demand for Uncrewed Aerial Vehicle UAV networks in sensitive applications, such as urban monitoring, emergency response, and secure sensing, ensuring reliable connectivity and covert communication has become increasingly vital. However, dynamic mobility and exposure risks pose...

Whispering Agents: an Event-Driven Covert Communication Protocol for the Internet of Agents

The emergence of the Internet of Agents IoA introduces critical challenges for communication privacy in sensitive, high-stakes domains. While standard Agent-to-Agent A2A protocols secure message content, they are not designed to protect the act of communication itself, leaving agents vulnerable t...

Network-Centric Countermeasures against Integrated Sensing Enabled Jamming Adversaries

Recent developments in Integrated Sensing and Communication have led to new adversarial models in wireless security through Integrated Sensing and Jamming ISAJ adversaries. ISAJ adversaries, owing to their sensing capabilities, are known to inject jamming energy over the victim's frequency band,...

QuickResponseC2 - A Command & Control Server That Leverages QR Codes To Send Commands And Receive Results From Remote Systems

QuickResponseC2 is a stealthy Command and Control C2 framework that enables indirect and covert communication between the attacker and victim machines via an intermediate HTTP/S server. All network activity is limited to uploading and downloading images, making it an fully undetectable by IPS/IDS...

China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices

A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal...

Security Vulnerabilities in Covert CIA Websites

Back in 2018, we learned that covert system of websites that the CIA used for communications was compromised by--at least--China and Iran, and that the blunder caused a bunch of arrests, imprisonments, and executions. Were now learning that the CIA is still "using an irresponsibly secured system...

What is Steganography, and how can we Avoid it?

What is steganography? Steganography is, broadly, a type of covert communication involving the use of any medium to hide messages. Steganography is a relatively old technique of hiding ‘secret’ data in plain sight to avoid detection. Seeing a resurgence of late, bad actors are taking advantage of...

Pulsar - Data Exfiltration And Covert Communication Tool

Pulsar is a tool for data exfiltration and covert communication that enable you to create a secure data transfer, a bizarre chat or a network tunnel through different protocols, for example you can receive data from tcp connection and resend it to real destination through DNS packets. Setting up...

Live Cybersecurity Webinar — Deconstructing Cobalt Strike

Organizations' cybersecurity capabilities have improved over the past decade, mostly out of necessity. As their defenses get better, so do the methods, tactics, and techniques malicious actors devise to penetrate their environments. Instead of the standard virus or trojan, attackers today will...

New Pingback Malware Using ICMP Tunneling to Evade C&C Detection

Researchers on Tuesday disclosed a novel malware that uses a variety of tricks to stay under the radar and evade detection, while stealthily capable of executing arbitrary commands on infected systems. Called 'Pingback,' the Windows malware leverages Internet Control Message Protocol ICMP tunneli...

Malware Steals Data From Air-Gapped Network via Security Cameras

Proof-of-concept malware called aIR-Jumper can be used to defeat air-gapped network protections and send data in and out of a targeted network. The technique uses security cameras and infrared LED lights that can blink back and forth to each other transmitting data that has been converted into da...

Hacking Air-Gapped Computers Using Heat

An air-gapped computer system isolated from the Internet and other computers that are connected to external networks believes to be the most secure computers on the planet -- Yeah?? You need to think again before calling them 'safe'. A group of Israeli security researchers at the Cyber Security...

Acoustical Mesh Network Used to Infect Air-Gapped Computers

The soundest security advice managers of critical computing systems have been given is to air gap those machines. Don’t network them and don’t expose them to the Internet, and there’s no way hackers reach them from the Web and no way a direct infection replicates. Recently, there’s been reason fo...

Design/Logic Flaw

The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv90 allows local users to bypass chroot, zones, and the Solaris Trusted Extensions multi-level security policy, and establish a covert communication channel, via unspecified vectors involving system calls...

CVE-2008-3875

The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv90 allows local users to bypass chroot, zones, and the Solaris Trusted Extensions multi-level security policy, and establish a covert communication channel, via unspecified vectors involving system calls...

CVE-2008-3875

CVE-2008-3875 describes a local privilege escalation in the Solaris/OpenSolaris kernel (8–10, prior to snv_90) allowing bypass of chroot, zones, and Trusted Extensions, enabling a covert communication channel via system calls. The provided sources confirm the affected platforms and kernel-level e...