CYBERSECURITY / DEFENSE / INTELLIGENCE

  • GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting the growing, widespread use and potential of Web3 user security data to aid in risk management.

    The report’s findings reveal a clear and growing demand for more advanced security tools that can effectively safeguard digital assets, verify the authenticity of nonfungible tokens (NFTs), and monitor decentralized applications for threats.Β 

    The report, “Uncharted Consensus: The Widespread Use and Potential of User Security Data in Web3”, showcases the rapid adoption of GoPlus’s API suite, which provides Web3 industry stakeholders with unparalleled insights into the health and vulnerability of various cryptocurrencies, NFTs and decentralized applications.

    At the same time, it also underscores the unique role GoPlus plays in addressing Web3’s most pressing security challenges.

    GoPlus is the developer of an API suite designed to address the multifaceted challenges of Web3 user security. The suite enables targeted data analysis across key industry aspects.

    Its modules include a Token RIsk API and NFT Risk API that evaluate the risk associated with different cryptocurrencies and non-fungible tokens; a Malicious address API for monitoring and reporting malicious address; a dApp Security API for real-time monitoring and threat detection in decentralized applications; and an Approval API for checking malicious approval of an address.

    The report shows rising demand for better Web3 security solutions. GoPlus revealed that its Token Risk API saw a rapid increase in utilization from November 2023, with some months witnessing peaks of over 20 million calls per day.

    This suggests that the crypto industry is collectively shifting towards pre-emptive risk identification and mitigation, driven by the evolving and intensifying landscape of security threats.Β 

    These increases were mirrored by similar usage spikes in GoPlus’s other API modules. For instance, usage of its NFT API spiked between Dec. 2022 and Feb. 2023 and then several times again between March and May 2023 before stabilizing, followed by a sustained period of much steadier growth.

    These usage trends mirror the growing adoption of NFTs and the corresponding need for tools to assess the risks associated with these digital assets.

    Evolving Threat Landscape

    A closer analysis of the API usage data illustrated a significant fluctuation in the presence of “high-risk” tokens, reflecting a threat landscape that’s just as volatile as the crypto industry itself.

    The majority of these high-risk tokens were identified as being either “blacklisted” or “honeypots”. However, many other kinds of threats were identified, illustrating the evolving tactics used by hackers and scammers in the industry. The report also found an exponential increase in threats associated with NFTs, such as privileged operations (burn and minting), restricted approvals, self-destruct mechanisms, and unauthorized transfers.

    The threat-related insights demonstrate the need for Web3 projects to employ more dynamic, robust, and adaptable security strategies and countermeasures to deal with the evolving threat landscape. They also highlight the need for education and collaboration to increase awareness of these threats and find better ways to mitigate them.

    Top Ecosystems & Threats

    The comprehensive study also highlighted the differing levels of user engagement and security concerns across blockchains, providing perspective on the unique challenges and risks faced by each ecosystem. 

    BNB Chain emerged as the most prominent user of GoPlus’s APIs, being queried more than 92.7 million times during the research period. This reflects Binance’s laudable achievement in fostering a large community that’s united in its determination to identify and proactively mitigate security risks such as token vulnerabilities and scams.

    Ethereum was the second-most popular chain to leverage GoPlus, with users querying its APIs 84 million times, highlighting both the extent of its user base and its vigilance against vulnerabilities and scams. Meanwhile, Polygon also stood out with almost 9.8 million queries during the period. This high level of adoption in the much smaller Polygon community illustrates the strong emphasis it places on scaling security solutions for the Web3 industry. 

    Other insights from the report include the top ten token risks faced by the crypto industry today, with further analysis uncovering ten tokens with characteristics that mark them out as being “particularly malicious”, and also the top ten NFT collections that could be perceived as risky, due to their close association with phishing scams.  

    The Importance Of User Security Insights

    The GoPlus report provides valuable insights into aspects such as user engagement, preferences and the nature of the evolving threats in Web3, which can be essential for stakeholders to make more informed decisions and mitigate the risks they face. 

    Perhaps the most significant finding is that the report underlines the critical importance Web3 security data can play in helping the industry to address the evolving risk landscape. As the Web3 ecosystem grows and evolves, the need for comprehensive security data will become all the more vital, helping dApp developers protect their users, while educating users on how to protect themselves.  

    About GoPlus Labs

    GoPlus Labs is revolutionizing Web3 security by offering a transparent, User Security Network with permissionless security data. It provides User Security Module as a Service to any blockchain, utilizing advanced AI for comprehensive threat detection.

    Notably, its security data infrastructure has seen a massive usage increase, the user security data usage has grown 5000x from 2022 to now, with daily data API calls 21M.

    SecwareX, launched in March 2024, quickly gained significant traction, showcasing high user trust. Within its first two weeks, it attracted over 400,000 users, including more than 30,000 premium (paid) users, highlighting its immediate impact and user trust.

    GoPlus enhances Web3 user security through broad support for over 20 chains, collaboration with RaaS and Layer2 partners like Altlayer, zkSync, and Manta, and the introduction of innovative products like the “Secscan” security engine and Secware Middleware. These advancements facilitate a more open data and computing layer, moving towards gradual decentralization.

    GoPlus enhances Web3 user security and promotes decentralization by motivating user participation with its token system. The GoPlus Token will act as a “gas fee,” necessary to reinforce the user security network and expand its utility. Moreover, it encourages users to become SecWare Service Providers, Data Providers, and Computing Node Providers. By contributing to the network, these participants can earn GoPlus Tokens.

    Contact
    Dasi Kaplan
    pr@marketacross.com

    The post GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • A Linux version of a multi-platform backdoor called DinodasRAT has been detected in the wild targeting China, Taiwan, Turkey, and Uzbekistan, new findings from Kaspersky reveal. DinodasRAT, also known as XDealer, is a C++-based malware that offers the ability to harvest a wide range of sensitive data from compromised hosts. In October 2023, Slovak cybersecurity firm ESET&nbsp

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • The Police of Finland (aka Poliisi) has formally accused a Chinese nation-state actor tracked as APT31 for orchestrating a cyber attack targeting the country’s Parliament in 2020. The intrusion, per the authorities, is said to have occurred between fall 2020 and early 2021. The agency described the ongoing criminal probe as both demanding and time-consuming, involving extensive analysis of a ”

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • In 2023, C2A Security added multiple OEMs and Tier 1s to its portfolio of customers, successful evaluations, and partnerships such as BMW Group, Daimler Truck AG, Marelli, NTT Data, Siemens, and Valeo, among others.

    C2A Security’s DevSecOps Platform, β€˜EVSec’, has gained widespread traction as the automotive industry strives to meet cybersecurity regulations and industry standards, such as UN Regulation No. 155, ISO/SAE 21434, Chinese GB Standards, and others.

    2024 is a pivotal year for cybersecurity regulations in the automotive industry, as UN Regulation No. 155 goes into full effect. C2A Security’s EVSec risk-driven product security platform allows developers to focus on creative features and manage software and operations at scale, in an automated manner.

    EVSec automates archaic manual processes and enables cross-functional sharing and collaboration between teams, customers, and supply chains while offering full digital twin capabilities. EVSec applies continuous feedback from product operations and vulnerabilities to improve development and design, as part of agile software development.

    In 2023, C2A Security added multiple OEMs and Tier 1s to its portfolio of customers, successful evaluations, and partnerships such as Daimler Truck AG, BMW Group, Marelli, NTT Data, Siemens, and Valeo, among others.

    The collaboration with C2A Security supports the customers on the applicable standards and best practices for regulatory compliance.

    EVSec maps and automates the relevant standards and regulations, like ISO/SAE 21434 and UN Regulation No. 155, to simplify compliance efforts, which are essential to business success, as companies forge new grounds for their vehicles, develop innovative EV-powered vehicles, and plan for the EV infrastructure that supports them.

    β€œWe’re thrilled that EVSec has proven so popular and effective, as companies like Daimler Truck AG choose it as its product security platform.

    Dealing with current and emerging regulatory demands, software development at scale and overall product security operations can be a limitation on the business continuity of a company if not automated,” notedΒ Roy Fridman, CEO, C2A Security. β€œAt the end of 2023, we witnessed the first case of a premium car maker that stopped the sale of their most popular model in the European Union because it failed to comply with the regulation.

    To stay competitive, companies must utilize advanced product security automation in their development and operations and we are excited to support them in achieving this goal.”

    About C2A Security

    C2A Security is the only risk-driven DevSecOps Platform vendor that addresses the specific needs of car makers, Tier 1 suppliers, and mobility companies. Founded in 2016, C2A Security’s customers and technology partners include top-tier global players including Daimler Truck AG, BMW Group, Siemens, Valeo, ThunderSoft, Marelli, NTT Data, and Evvo Labs, among others.

    C2A Security transforms cybersecurity from being a company-wide limitation to a business value multiplier through advanced security automation and compliance to shorten software release times and decrease costs.

    Our vision is to turn product security into a seamless, automated, and transparent process, reducing time to deployment and costs of managing automotive software products and resources. C2A Security was founded by NDS/Cisco veteran Michael Dick, with its global headquarters in Jerusalem, Israel.Β www.c2a-sec.com.

    The post C2A Security’s EVSec Risk Management and Automation Platform Gains Automotive Industry Favor as Companies Pursue Regulatory Compliance appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • A sophisticated phishing-as-a-service (PhaaS) platform called Darcula has set its sights on organizations in over 100 countries by leveraging a massive network of more than 20,000 counterfeit domains to help cyber criminals launch attacks at scale. “Using iMessage and RCS rather than SMS to send text messages has the side effect of bypassing SMS firewalls, which is being used to great

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and education.

    The latest update, Wireshark 4.2.4, includes a host of fixes and updates to further cement its position as the go-to tool for network professionals and enthusiasts alike.

    This release underscores the Wireshark Foundation’s commitment to advancing protocol analysis education, a mission supported by contributions from the global community.

    Addressing Vulnerabilities and Enhancements

    Fixed Vulnerabilities

    The Wireshark team has diligently addressed several vulnerabilities in this release, notably:

    • wnpa-sec-2024-06 T.38 Dissector Crash (CVE-2024-2955): A critical fix that prevents crashes related to the T.38 protocol dissection, enhancing the stability and security of the application.

    Contested CVEs

    Wireshark has also been the subject of CVEs assigned without coordination with the project, specifically CVE-2024-24478, CVE-2024-24479, and CVE-2024-24476.

    The Wireshark team has contested these, stating they are based on invalid assumptions, and has requested their rejection, showcasing the team’s proactive stance on security matters.

    Bug Fixes

    The 4.2.4 update addresses a variety of bugs, improving user experience and software reliability:

    • Issues with Extcap configuration not starting and TLS secrets injection causing crashes on Windows have been resolved.
    • To ensure smoother operation and analysis, fixes have been made for packet dissection CSV export, HTTP dissector port addition, and various fuzz job issues.
    • An error related to adding new rows to tables has been corrected alongside the ‘–export-objects’ functionality in shark versions later than 3.2.10.

    Protocol and Feature Updates

    While this release does not introduce new features or protocols, it significantly updates support for many existing protocols, including but not limited to 5GLI, BGP, DHCPv6, and ZigBee ZCL.

    This comprehensive update ensures that Wireshark remains at the forefront of protocol analysis, capable of handling the latest network communication standards.

    Installation and Support

    Wireshark 4.2.4 can be downloaded from the official Wireshark website, and detailed instructions for installation across various platforms are available.

    Manual installation of this update is required for users upgrading from versions 4.2.0 or 4.2.1 on Windows.

    Most Linux and Unix distributions provide Wireshark packages through their native package management systems, making installation or upgrade seamless.

    For specific file locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries, users can refer to the Help section within Wireshark or use the tshark -G folders command.

    Wireshark 4.2.4 exemplifies the ongoing dedication of the Wireshark Foundation and its global community to enhance the utility and security of the world’s premier network protocol analyzer.

    This release ensures that Wireshark remains an indispensable tool for network professionals and enthusiasts by addressing critical vulnerabilities, fixing bugs, and updating protocol support.

    As the project continues to evolve, the support and contributions from the community remain vital to its success.

    Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

    The post Wireshark 4.2.4 Released: What’s New! appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered platform designed to redefine how we work.

    This innovative solution aims to streamline communication, enhance collaboration, and boost productivity. It addresses the challenges of dispersed teams and the overload of information that has become all too common in today’s work environment.

    Recent studies, including a 2023 Morning Consult report commissioned by Zoom, highlight a growing concern among knowledge workers.

    More than half report spending significant time each week on tasks such as sharing notes and action items, contributing to what has been dubbed the “collaboration paradox.”

    This paradox refers to the increased effort in collaboration that, paradoxically, hampers effective teamwork and engagement.

    Furthermore, an OpenText study found that 80% of global workers experience information overload, exacerbating the issue.

    Introducing Zoom Workplace

    Zoom Workplace emerges as a beacon of innovation, designed to combat these challenges head-on.

    Zoom aims to simplify tasks, foster engagement, and enhance productivity by integrating AI capabilities across its platform.

    This comprehensive solution combines Zoom’s trusted communication tools with added features for employee engagement, workspace optimization, and productivity, all underpinned by AI technology.

    Welcome to Zoom Workplace, your AI-powered collaboration platform

    AI Companion: A Game-Changer

    At the heart of Zoom Workplace is the Zoom AI Companion, an AI assistant that promises to revolutionize productivity.

    With capabilities such as summarizing meeting and chat threads, brainstorming assistance, and rapid composition of chats and email drafts, the AI Companion is designed to save valuable time and enhance the quality of work.

    Notably, a GigaOm study commissioned by Zoom highlights the AI Companion’s transcription accuracy at 95%, and its ability to deliver results four times faster than its predecessors.

    Ask AI Companion will be able to gather, synthesize, and share information across Zoom Workplace, help you prepare for meetings, and more.
    Ask AI Companion will be able to gather, synthesize, and share information across Zoom Workplace, help you prepare for meetings, and more.

    Seamless Collaboration and Engagement

    Zoom Workplace introduces several key features aimed at improving the collaboration experience:

    • Meetings Tab: Streamlines the entire meeting lifecycle, from preparation to collaboration during the meeting and follow-up actions.
    • Team Chat Innovations: Includes shared spaces and new tabs to organize channel-related assets, enhancing team collaboration.
    • Employee Engagement: Integrated with Workvivo, Zoom Workplace offers tools for creating a sense of belonging through shoutouts, team spaces, and surveys.
    • Optimized In-Person and Flexible Work: Features such as Workspace Reservation and Visitor Management help optimize the in-office experience, addressing the challenges of flexible work arrangements.

    Open Platform and Integration

    Zoom Workplace stands out not only for its AI capabilities but also for its openness and flexibility.

    With over 2,500 integrations available in the Zoom App Marketplace, including those with Microsoft and Google, Zoom Workplace enables seamless experiences. It empowers customers to tailor the platform to their specific needs.

    Zoom’s introduction of Zoom Workplace marks a significant milestone in the evolution of digital workspaces.

    By leveraging AI to address the collaboration paradox and streamline the work experience, Zoom sets a new standard for productivity and engagement in the modern workplace.

    As businesses continue to navigate the challenges of dispersed teams and information overload, Zoom Workplace offers a promising solution that could redefine the future of work.

    Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

    The post Zoom Unveils AI-Powered All-In-One AI Work Workplace appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information and grant unauthorized access.

    It’s an effective social engineering technique that can bypass even robust technical security measures. 

    Phishing kits and services provide a low-cost, low-effort way to conduct widespread attacks, which makes them attractive options for threat actors seeking financial gains and access to valuable data.

    Recently, cybersecurity analysts at Netcraft discovered that threat actors are actively exploiting the Dracula phishing service to attack USPS and global postal services via iMessage.

    iPhone Darcula Phishing Attack

    ‘Dracula’ is a sophisticated Phishing-as-a-Service (PhaaS) platform leveraging modern web technologies like JavaScript, React, Docker, and Harbor.

    It has been used for over 20,000 phishing domains conducting high-profile campaigns. 

    A key tactic is using iMessage and RCS instead of SMS to bypass filters and leverage user trust for “smishing” attacks impersonating postal services across more than 100 countries.Β 

    This enables uniquely effective data extraction by exploiting messaging platforms’ perceived legitimacy and evading typical SMS-based scam defenses. 

    The Dracula platform was developed by a Telegram user and it offers easy deployment of constantly updatable phishing sites with hundreds of templates targeting global brands.

    Phishing landing pages (Source – Netcraft)

    Unlike typical phishing kits, darcula websites can update in-place with new features and anti-detection measures like changing malicious content paths for obfuscation.

    The group monetizes through paid monthly subscriptions for other threat actors, reads the report.

    The Darcula PhaaS offers around 200 phishing templates targeting over 100 brands across more than 100 countries, primarily postal services and trusted institutions like utilities, banks, and governments.

    Phishing landing pages targeting postal services (Source – Netcraft)

    It uses purpose-registered domains spoofing brand names, favoring .top, .com, and other low-cost TLDs, with 32% on Cloudflare. Over 20,000 darcula domains across 11,000 IPs have been detected, with 120 new ones daily in 2024. 

    Front pages cloaked with fake domain sale pages, previously redirecting bots to cat breed searches – aligning with darcula’s cat-themed branding.

    Anti-detection tactics demonstrate the platform’s sophistication.

    darcula anti-monitoring redirecting site crawlers to a cat breed (Source – Netcraft)

    Unlike traditional SMS phishing, darcula leverages the encrypted messaging platforms RCS (on Android) and iMessage (Apple) to bypass spam filters and leverage user trust.

    darcula phishing messages targeting iMessage users (Source – Netcraft)

    RCS/iMessage provides encryption bypassing recent anti-SMS spam legislation, incurs no per-message costs, and overcomes platform security controls through tactics like reply-prompting and device farms. 

    While aiding user privacy, end-to-end encryption obfuscates message content from network-level filtering.

    Threat actors exploit these advantages for widespread “smishing” campaigns impersonating trusted brands while evading typical SMS defenses. 

    Researchers urged users to stay vigilant against unsolicited messages from unrecognized senders and said that anti-phishing tools remain key protection measures.

    Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us onΒ LinkedInΒ &Β Twitter.

    The post iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • Considering the ever-changing state of cybersecurity, it’s never too late to ask yourself, “am I doing what’s necessary to keep my organization’s web applications secure?” The continuous evolution of technology introduces new and increasingly sophisticated threats daily, posing challenges to organizations all over the world and across the broader spectrum of industries striving to maintain

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ