KillBaitMay 24

CDN Vulnerability 'Underminr' Enables Hidden Malicious Traffic via Trusted Domains

📰 Original title: 'Underminr' CDN Vulnerability Hides Malicious Traffic Behind Trusted Domains

🤖 IA: It's not clickbait ✅
👥 Users: It's not clickbait ✅

View full AI summary: https://en.killbait.com/cdn-vulnerability-underminr-enables-hidden-malicious-traffic-via-trusted-domains.html?utm_source=mastodon_social&utm_medium=social&utm_campaign=killbait.mastodon_social

#computing #cdnvulnerability #cybersecur...

CDN Vulnerability 'Underminr' Enables Hidden Malicious Traffic via Trusted Domains

Security researchers have disclosed a serious vulnerability in shared content delivery network (CDN) infrastructure dubbed “Underminr,” which allows attackers to conceal malicious communications behind legitimate, trusted domains. The flaw affects an estimated 88 million domains and undermines key security mechanisms such as DNS filtering and protective DNS services. At the core of the issue is a mismatch between the Server Name Indication (SNI) and HTTP Host headers versus the actual IP address being contacted. In practice, attackers can present a legitimate domain in the SNI and HTTP Host fields while routing traffic to the IP address of a different tenant hosted on the same shared CDN edge infrastructure. This behavior effectively enables traffic to appear trustworthy while being redirected to malicious or unintended destinations. Security analysts note that the exploit resembles and expands on earlier domain fronting techniques, which were historically used to bypass censorship and network restrictions. However, “Underminr” goes further by exploiting shared CDN edge configurations, making detection significantly harder for traditional network security tools. Reports indicate that the vulnerability has already been leveraged in real-world attacks targeting large hosting providers, even those that have deployed mitigations against similar abuse patterns. Beyond immediate exploitation, researchers warn of broader implications, especially as threat actors increasingly integrate artificial intelligence into malware development. Experts suggest that once techniques like Underminr are incorporated into AI-generated attack chains, they could become widespread in malware designed specifically to evade protective DNS systems and other network defenses. This raises concerns about large-scale stealth command-and-control infrastructures that are difficult to detect or block using conventional security approaches.

KillBait
CyberNetsecIOMay 18

📰 Russian APT Turla Evolves Kazuar Backdoor into Stealthy P2P Botnet

🇷🇺 Russian APT Turla has upgraded its Kazuar backdoor into a modular P2P botnet. The new architecture enhances stealth and resilience, making it harder to detect and disrupt. The focus remains on long-term espionage. #Turla #APT #Kazuar #CyberSecur...

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/russian-apt-turla-upgrades-kazuar-backdoor-into-p2p-botnet/?utm_source=mastodon&utm_…

KillBait NewsApr 24

Researchers Discover Fast16 Malware That Could Have Sabotaged Iran’s Nuclear Efforts Before Stuxnet

📰 Original title: Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet

🤖 IA: It's not clickbait ✅
👥 Usuarios: It's not clickbait ✅

View full AI summary: https://killbait.com/en/researchers-discover-fast16-malware-that-could-have-sabotaged-irans-nuclear-efforts-before-stuxnet/?redirpost=b98f0813-a1ad-40a9-9ac0-93995cfd1321

#technology #cybersecur...

Researchers Discover Fast16 Malware That Could Have Sabotaged Iran’s Nuclear Efforts Before Stuxnet

Newly discovered malware known as Fast16, which dates back to 2005, may have been used in an early cyberattack against Iran’s nuclear program, possibly predating the infamous Stuxnet attack.

KillBait Archive
KillBaitApr 24

Researchers Discover Fast16 Malware That Could Have Sabotaged Iran’s Nuclear Efforts Before Stuxnet

📰 Original title: Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet

🤖 IA: It's not clickbait ✅
👥 Usuarios: It's not clickbait ✅

View full AI summary: https://killbait.com/en/researchers-discover-fast16-malware-that-could-have-sabotaged-irans-nuclear-efforts-before-stuxnet/?redirpost=b98f0813-a1ad-40a9-9ac0-93995cfd1321

#technology #cybersecur...

Researchers Discover Fast16 Malware That Could Have Sabotaged Iran’s Nuclear Efforts Before Stuxnet

Newly discovered malware known as Fast16, which dates back to 2005, may have been used in an early cyberattack against Iran’s nuclear program, possibly predating the infamous Stuxnet attack.

KillBait Archive
Stephen McMasterApr 17

🚨 Finance ministers and top bankers are raising the alarm over Anthropic's new 'Mythos' AI model.

Described as an 'unknown unknown,' this powerful model has already exposed critical vulnerabilities in operating systems, web browsers, and core financial infrastructure. The Bank of England and US Treasury are urging banks to test and patch their systems before its public release.

Is business ready for this new world of AI-driven cyber threats?

Read more: https://bbc.in/4taGD8O

#AI #CyberSecur

jobRxivMar 1

Postdoctoral Fellow positions in Computer Science
Helsinki Institute for Information Technology

Come join us as a #computerscience postdoc fellow in #finland

See the full job description on jobRxiv: https://jobrxiv.org/job/helsinki-institute-for-information-technology-27778-postdoctoral-fellow-positions-in-computer-science/

#AI #algorithms #cybersecur...
https://jobrxiv.org/job/helsinki-institute-for-information-technology-27778-postdoctoral-fellow-positions-in-computer-science/?fsp_sid=9961

Postdoctoral Fellow positions in Computer Science

Post a job in 3min, or find thousands of job offers like this one at jobRxiv!

jobRxiv
jobRxivFeb 27

Postdoctoral Fellow positions in Computer Science
Helsinki Institute for Information Technology

Come join us as a #computerscience postdoc fellow in #finland

See the full job description on jobRxiv: https://jobrxiv.org/job/helsinki-institute-for-information-technology-27778-postdoctoral-fellow-positions-in-computer-science/

#AI #algorithms #cybersecur...
https://jobrxiv.org/job/helsinki-institute-for-information-technology-27778-postdoctoral-fellow-positions-in-computer-science/?fsp_sid=9905

Postdoctoral Fellow positions in Computer Science

Post a job in 3min, or find thousands of job offers like this one at jobRxiv!

jobRxiv
IT FinanzmagazinFeb 5
2025 erlebten Banken eine Verdopplung der Cyberangriffe: Koordinierte Kampagnen, Hacktivismus und Ransomware-as-a-Service dominieren die neue, hochprofessionelle Bedrohungslage. Besonders auffällig: DDoS-Attacken auf kritische Finanzdienste stiegen um 105 % und sind zunehmend geopolitisch motiviert.
#Aktuell #Anwendung #StudienUmfragen #CheckPoint #Cybersecur...
https://www.it-finanzmagazin.de/von-hacktivismus-bis-ransomware-as-a-service-die-neue-bedrohungslage-fuer-banken-239534/?fsp_sid=21071
Von Hacktivismus bis Ransomware-as-a-Service: Die neue Bedrohungslage für Banken

Der Finanzsektor erlebte 2025 eine Intensivierung der Bedrohungslage. Die Zahl der Angriffe auf Finanzinstitute hat sich mehr als verdoppelt.

IT Finanzmagazin
Crisis MonitorJan 28

Τον Νοέμβριο του 2025 άρχισαν να κυκλοφορούν πληροφορίες ότι η Under Armour, ένα από τα πιο αναγνωρίσιμα brands αθλητικής ένδυσης παγκοσμίως, έπεσε θύμα επίθεσης ransomware που αποδόθηκε στην ομάδα Everest. #BusinessRisk #cyberattack #cyberrisk #Cybersecur

https://www.crisismonitor.gr/2026/01/27/hackers-egdysan-tin-under-armour-ston-aera-dedomena-72-ekat-pelaton/

Crisis MonitorJan 27

Τον Νοέμβριο του 2025 άρχισαν να κυκλοφορούν πληροφορίες ότι η Under Armour, ένα από τα πιο αναγνωρίσιμα brands αθλητικής ένδυσης παγκοσμίως, έπεσε θύμα επίθεσης ransomware που αποδόθηκε στην ομάδα Everest. #BusinessRisk #cyberattack #cyberrisk #Cybersecur

https://www.crisismonitor.gr/2026/01/27/hackers-egdysan-tin-under-armour-ston-aera-dedomena-72-ekat-pelaton/