AI Pulse: The Good from AI and the Promise of Agentic

Credit to Author: AI Team| Date: Sun, 01 Dec 2024 00:00:00 +0000

The perils of AI get a lot of airtime, but what are the upsides? This issue of AI Pulse looks at some of the good AI can bring, from strengthening cybersecurity to driving health breakthroughs—and how the coming wave of agentic AI is going to take those possibilities to a whole new level.

Read more

AI Pulse: Election Deepfakes, Disasters, Scams & more

Credit to Author: AI Team| Date: Thu, 31 Oct 2024 00:00:00 +0000

In the final weeks before November’s U.S. election, cybersecurity experts were calling October 2024 the “month of mischief”—a magnet for bad actors looking to disrupt the democratic process through AI-generated misinformation. This issue of AI Pulse looks at what can be done about deepfakes and other AI scams, and why defense-in-depth is the only way to go.

Read more

Attacks on 5G Infrastructure From User Devices: ASN.1 Vulnerabilities in 5G Cores

Credit to Author: Salim S.I.| Date: Fri, 20 Oct 2023 00:00:00 +0000

In the second part of this series, we will examine how attackers can trigger vulnerabilities by sending control messages masquerading as user traffic to cross over from user plane to control plane.

Read more

Exposing Infection Techniques Across Supply Chains and Codebases

Credit to Author: Aliakbar Zahravi| Date: Thu, 05 Oct 2023 00:00:00 +0000

This entry delves into threat actors’ intricate methods to implant malicious payloads within seemingly legitimate applications and codebases.

Read more

Attacks on 5G Infrastructure From Users’ Devices

Credit to Author: Salim S.I.| Date: Wed, 20 Sep 2023 00:00:00 +0000

Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations depend on the speed, efficiency, and productivity brought by 5G. This entry describes CVE-2021-45462 as a potential use case to deploy a denial-of-service (DoS) attack to private 5G networks.

Read more

Stealthy Android Malware MMRat Carries Out Bank Fraud Via Fake App Stores

Credit to Author: Trend Micro Research| Date: Tue, 29 Aug 2023 00:00:00 +0000

The Trend Micro Mobile Application Reputation Service (MARS) team discovered a new, fully undetected Android banking trojan, dubbed MMRat, that has been targeting mobile users in Southeast Asia since late June 2023.

Read more

The Journey to Zero Trust with Industry Frameworks

Credit to Author: Alifiya Sadikali| Date: Wed, 09 Aug 2023 00:00:00 +0000

Discover the core principles and frameworks of Zero Trust, NIST 800-207 guidelines, and best practices when implementing CISA’s Zero Trust Maturity Model.

Read more

Zero Trust Frameworks for Industry

Credit to Author: Alifiya Sadikali| Date: Wed, 09 Aug 2023 00:00:00 +0000

Discover the core principles and frameworks of Zero Trust, NIST 800-207 guidelines, and best practices when implementing CISA’s Zero Trust Maturity Model.

Read more

Related CherryBlos and FakeTrade Android Malware Involved in Scam Campaigns

Credit to Author: Trend Micro Research| Date: Fri, 28 Jul 2023 00:00:00 +0000

Trend Micro’s Mobile Application Reputation Service (MARS) team discovered two new related Android malware families involved in cryptocurrency-mining and financially-motivated scam campaigns targeting Android users.

Read more

Lemon Group’s Cybercriminal Businesses Built on Preinfected Devices

Credit to Author: Fyodor Yarochkin| Date: Wed, 17 May 2023 00:00:00 +0000

An overview of the Lemon Group’s use of preinfected mobile devices, and how this scheme is potentially being developed and expanded to other internet of things (IoT) devices. This research was presented in full at the Black Hat Asia 2023 Conference in Singapore in May 2023.

Read more