Analyzing the 2021 Kaseya Ransomware Attack: Combined Spearphishing Through SonicWall SSLVPN Vulnerability by Suman Bhunia, Matthew Blackert, Henry Deal, Andrew DePero, Amar Patra

“…The attack was conducted through specially crafted hypertext transfer protocol (HTTP) requests to circumvent authentication and allow hackers to upload malicious payloads through Kaseya’s virtual system administrator (VSA). …”
Get full text

Analysis of cyber incidents in Senegal from 2005 to 2023 by Ciré Sall

“…The study found that cyber incidents are increasing in frequency in the country; that the most common incident types are cybercrimes and compromised websites; that the most frequent perpetrators are cybercriminals and hackers; that state/political organisations are slightly more likely than non-state/political entities to be attacked; that the most common incident type experienced by state/political entities is a compromised website; that the most frequent incident type for non-state/political organisations is cybercrime; and that insider attacks are much less common than external attacks, but still occur at a level that is a cause for concern. …”
Get full text

Staff Attendance Management System: A Case Study of Kinyamaseke Town Council Kasese District. by Munono, Edson

“…The study recommends that the system should be well maintained and protected from unauthorized users by creating strong passwords. which are hard to guess by hackers. Any upgrading needed on the system should be unless otherwise done by the system administrator or system designer. …”
Get full text

Vulnerability identification technology research based on project version difference by Cheng HUANG, Mingxu SUN, Renyu DUAN, Susheng WU, Bin CHEN

“…The open source code hosting platform has brought power and opportunities to software development, but there are also many security risks.The open source code has poor quality, the dependency libraries of projects are complex and vulnerability collection platforms are inadequate in collecting vulnerabilities.All these problems affect the security of open source projects and complex software with open source complements and most security patches can't be discovered and applied in time.Thus, the hackers could be easily found such vulnerable software.To discover the vulnerability in the open source community fully and timely, a vulnerability identification system based on project version difference was proposed.The update contents of projects in the open source community were collected automatically, then features were defined as security behaviors and code differences from the code and log in patches, 40 features including comment information feature group, page statistics feature group, code statistics feature group and vulnerability type feature group were proposed to build feature set.And random forest model was built to learn classifiers for vulnerability identification.The results show that VpatchFinder achieves a precision rate of 0.844, an accuracy rate of 0.855 and a recall rate of 0.851.Besides, 68.07% of community vulnerabilities can be early discovered by VpatchFinder in real open source CVE vulnerabilities.This research result can improve the current issue in software security architecture design and development.…”
Get full text

Hacking Exposed: Leveraging Google Dorks, Shodan, and Censys for Cyber Attacks and the Defense Against Them by Abdullah Alabdulatif, Navod Neranjan Thilakarathne

“…While these tools can be leveraged by professional hackers, they have also empowered “Script Kiddies”, who are low-skill, inexperienced attackers who use readily available exploits and scanning tools without deep technical knowledge. …”
Get full text

EN-Bypass: a security assessment method on e-mail user interface notification by Jingyi YUAN, Zichuan LI, Guojun PENG

“…Email plays an important role in people’s daily communications, while also attracts the attention of hackers.Email is frequently used in phishing attacks, with email sender spoofing being a key step.To prevent sender-spoofing attacks, email vendors often deploy email security protocols such as SPF, DKIM, and DMARC to verify the sender’s identity.Moreover, some vendors add email UI notification mechanism on email clients to help users identify the real sender.However, there is no uniform standard in the implementation of the email UI notification mechanism, which varies among vendors.Whether the mechanism effectively prevents sender-spoofing attacks still needs verification.In this paper, the security evaluation of the email UI notification mechanism was studied to gain better understanding of its efficacy and to eventually protect users from sender-spoofing attacks.Ten world-famous email services were researched and evaluated, of which seven deployed the email UI notification mechanism.Consequently, a new type of sender-spoofing attack was proposed which was called EN-Bypass, aiming to bypass the email UI notification mechanism by forging the “From” and “Sender” fields in the email header.To verify the email UI notification mechanism’s security and reliability, EmailSenderChecker was implemented, which can automatically evaluate the existence of the EN-Bypass attack.The result shows that all seven email service vendors suffer from EN-Bypass attack.Attackers could bypass the email UI notification mechanism by constructing special email headers and spoofing the sender.Finally, to improve the mail service security, three suggestions about the email UI notification mechanism were proposed for the mail service vendors.…”
Get full text

IoT intrusion detection method for unbalanced samples by ANTONG P, Wen CHEN, Lifa WU

“…In recent years, network traffic increases exponentially with the iteration of devices, while more and more attacks are launched against various applications.It is significant to identify and classify attacks at the traffic level.At the same time, with the explosion of Internet of Things (IoT) devices in recent years, attacks on IoT devices are also increasing, causing more and more damages.IoT intrusion detection is able to distinguish attack traffic from such a large volume of traffic, secure IoT devices at the traffic level, and stop the attack activity.In view of low detection accuracy of various attacks and sample imbalance at present, a random forest based intrusion detection method (Resample-RF) was proposed, which consisted of three specific methods: optimal sample selection algorithm, feature merging algorithm based on information entropy, and multi-classification greedy transformation algorithm.Aiming at the problem of unbalanced samples in the IoT environment, an optimal sample selection algorithm was proposed to increase the weight of small samples.Aiming at the low efficiency problem of random forest feature splitting, a feature merging method based on information entropy was proposed to improve the running efficiency.Aiming at the low accuracy problem of random forest multi-classification, a multi-classification greedy transformation method was proposed to further improve the accuracy.The method was evaluated on two public datasets.F1 reaches 0.99 on IoT-23 dataset and 1.0 on Kaggle dataset, both of which have good performance.The experimental results show that the proposed model can effectively identify the attack traffic from the massive traffic, better prevent the attack of hackers on the application, protect the IoT devices, and thus protect the related users.…”
Get full text

Framework to analyze and exploit the smart home IoT firmware by Keshav Kaushik, Akashdeep Bhardwaj, Susheela Dahiya

“…Since operating system (OS) and hardware security have improved recently, researchers and hackers now seek vulnerabilities in other areas, such as firmware. …”
Get full text

DIFUZIA PUTERII DE LA ACTORII STATALI LA CEI NON-STATALI by Octavian-Alexandru-Ștefan BROȘTEANU

“…Specifically, the case study method will be used, analysing terrorist organizations, cross-border criminal organizations, hackers/hacktivists, respectively the so-called "empowered individuals" and the street movements they can cause. …”
Get full text

Identification of Attack on Data Packets Using Rough Set Approach to Secure End to End Communication by Banghua Wu, Shah Nazir, Neelam Mukhtar

“…Different network devices are linked to route, compute, monitor, and communicate various real-time developments. The hackers are trying to attack the network and want to draw the organization’s significant information for its own profits. …”
Get full text

Neural Networks Application for the Data of PID Controller for Acrobot by Nguyen Cong Danh

“…The purpose of this method is to increase the security of the system against the attack of hackers on facilities of the automatic control system. …”
Get full text

Hybrid dung beetle optimization based dimensionality reduction with deep learning based cybersecurity solution on IoT environment by Amal K. Alkhalifa, Nuha Alruwais, Wahida Mansouri, Munya A. Arasi, Mohammed Alliheedi, Fouad Shoie Alallah, Alaa O. Khadidos, Abdulrhman Alshareef

“…Cybersecurity analysts often refer to this as increasing the attack surface from which hackers can benefit. Implementing the proper security measures is crucial since IoT devices can be vulnerable to cyberattacks and are often built with limited security features. …”
Get full text

Gamification Application for Promoting and Encouraging Physical Activity in the Elderly by Narmin Mohammed Noori, Awaz Naaman Saleem, Muhammed Anwar

“…However, when an application crashes or is infected with a virus, it can provide patients with false information, exposing users to attacks from hackers when they are using it. Incorrect diagnosis poses a risk to a patient's life as risks and ethical considerations due to using gamification applications in physical activity. …”
Get full text

Detection method of mixed coin transaction based on CoinJoin——take the Wasabi platform as an example by Hu LI, Yunfang CHEN, Wei ZHANG

“…Designed to enhance the privacy of user transactions, mixed coin technology has created disruptions to the address clustering rules typically used for cryptocurrency regulation.Consequently, hackers have begun utilizing mixed coin technology as a tool for money laundering and fund evasion, which has raised concerns among financial regulators regarding the detection of mixed coin transactions.Currently, most detection methods for mixed coin transactions rely on data analysis and statistics, lacking a comprehensive understanding of the internal workings of these transactions.This lack of knowledge may undermine the credibility and effectiveness of detection methods due to the absence of reliable verification data.CoinJoin, a decentralized mixed coin concept, represents one approach, and commercial implementations like Wasabi have gained popularity.Drawing from the characteristics of CoinJoin and its restriction on the size of anonymous transaction sets and mixed coin amounts, a general detection method for CoinJoin mixed coin transactions was devised.Such transactions typically involved multiple inputs and outputs, with more output items than UTXOs in the input, and a high occurrence of duplicate values among the output amounts.A basic detection method for Wasabi was developed by combining the generic detection method for CoinJoin with specific features of Wasabi, as identified in related studies, to complete the detection process.A trusted validation dataset was acquired from the Wasabi platform service interface, and this dataset was analyzed to achieve two objectives.First, the alignment of rule parameters in the Wasabi base detection method was accomplished.Second, a new metric was proposed, measuring the ratio of the highest frequency of duplicate values in the output amount of transactions to the number of UTXOs in the input.This metric assessed the level of user participation in mixed coin transactions, providing a measure of user freedom.Using these two approaches, significant progress is made in the detection of mixed coin transactions.The experiments show that the recall rate of Wasabi’s basic detection method is 94.2% and the accuracy rate is 67.2%.After the analytical feedback from the credible validation dataset, the recall rate of the improved detection method reaches 100% and the accuracy rate is above 99%.The total market size of the entire CoinJoin type of mixed coin transactions was evaluated and predicted based on a common test methodology.It is concluded that the number of CoinJoin mixed coin transactions in today’s mixed coin market represents 1.9 per 1 000 of all Bitcoin transactions and 3.7 per 1 000 of the transaction value at most.…”
Get full text

Explainable artificial intelligence in web phishing classification on secure IoT with cloud-based cyber-physical systems by Sultan Refa Alotaibi, Hend Khalid Alkahtani, Mohammed Aljebreen, Asma Alshuhail, Muhammad Kashif Saeed, Shouki A. Ebad, Wafa Sulaiman Almukadi, Moneerah Alotaibi

“…This fraudulent act includes identity hackers utilizing clever approaches to deceive individuals into revealing sensitive data. …”
Get full text

Lightweight Cryptographic Algorithms for Guessing Attack Protection in Complex Internet of Things Applications by Mohammad Kamrul Hasan, Muhammad Shafiq, Shayla Islam, Bishwajeet Pandey, Yousef A. Baker El-Ebiary, Nazmus Shaker Nafi, R. Ciro Rodriguez, Doris Esenarro Vargas

“…However, it is essential to note that this convenience comes with a price that involves security vulnerabilities as IoT networks are prone to be interfered with by hackers who can access the sensor/communication data and later utilize it for malicious purposes. …”
Get full text