It is a common hack to stretch a balloon out to make it easier to inflate. When the balloon stretches, the width crosswise shrinks to the size of a string. Noah Stocek, a Ph.D. student collaborating with Western physicist Giovanni Fanchini, has developed a new nanomaterial that demonstrates the opposite of this phenomenon. Read more ..read more

Quantum computers, systems that process and store information leveraging quantum mechanical phenomena, could eventually outperform classical computers on numerous tasks. Among other things, these computers could allow researchers to tackle complex optimization problems, speed up drug discovery and better protect users against cyber-security threats. Read more ..read more

GMA provides economic and litigation support to companies and U.S. government agencies, including the U.S. Department of Justice, bringing civil litigation. According to its data breach notice, GMA told affected individuals that their personal information “was obtained by the U.S. Department of Justice (“DOJ”) as part of a civil litigation matter” supported by GMA. The reasons and target of the DOJ’s civil litigation are not known. A spokesperson for the Justice Department did not respond to a request for comment. GMA said that individuals notified of the data breach are “not the subject of t ..read more

A national security expert predicts practical quantum computing tools are just three to five years away from integration into the workforce, NextGov is reporting. Neal Ziring, the Technical Director of the National Security Agency’s (NSA) Cybersecurity Directorate, made the forecast during a recent public sector cybersecurity event hosted by Palo Alto Networks in Palo Alto. As reported by NextGov, Ziring expects the devices to be accessible predominantly through cloud-based platforms. Ziring added that the impracticality and cost-prohibitive nature of would put on-premise installations for qu ..read more

‘Latrodectus’ strikes via phishing emails. This powerful downloader can execute commands, evade detection, and pave the way for further attacks. Read more ..read more

Latin America targeted in new phishing attack. Emails contain malicious HTML files disguised as invoices. Read more ..read more

Almost 2,000 hacked WordPress sites now display fake NFT and discount pop-ups to trick visitors into connecting their wallets to crypto drainers that automatically steal funds. Website security firm Sucuri disclosed last month that hackers had compromised approximately 1,000 WordPress sites to promote crypto drainers, which they promoted via malvertising and YouTube videos. It is believed that the threat actors were unsuccessful with their original campaign and began deploying news scripts on the compromised sites to turn visitors’ web browsers into tools for brute-forcing the admin passwords ..read more

The Notepad++ project is seeking the public’s help in taking down a copycat website that closely impersonates Notepad++ but is not affiliated with the project. Although, at the time of writing, the lookalike website takes visitors to the official Notepad++ downloads page, there is some concern that it could pose security threats—for example, if it starts pushing malicious releases or spam someday either deliberately or as a result of a hijack. Read more ..read more

A relatively new malware called Latrodectus is believed to be an evolution of the IcedID loader, seen in malicious email campaigns since November 2023. The malware was spotted by researchers at Proofpoint and Team Cymru, who worked together to document its capabilities, which are still unstable and experimental. IcedID is a malware family first identified in 2017 that was originally classified as a modular banking trojan designed to steal financial information from infected computers. Over time, it became more sophisticated, adding evasion and command execution capabilities. Read more ..read more

The U.S. Department of Homeland Security’s Cyber Safety Review Board (CSRB) has released a scathing report on how Microsoft handled its 2023 Exchange Online attack, warning that the company needs to do better at securing data and be more truthful about how threat actors stole an Azure signing key. Microsoft believes that last May’s Exchange Online hack is linked to a threat actor known as ‘Storm-0558’ stealing an Azure signing key from an engineer’s laptop that was previously compromised by the hackers at an acquired company. Storm-0558 is a cyberespionage actor affiliated with China that has ..read more