Amid a rising tide of adversary drones and missile attacks, laser weapons are finally poised to enter the battlefield.

The age of the laser weapon is finally upon us.

The United States Army has officially sent a pair of high-energy laser weapons overseas to defend American troops and US allies against enemy drones, the service recently revealed, marking the first publicly known deployment of a directed-energy system for air defense in military history. And, according to a top official, those weapons are actively blasting threats out of the sky.

The weapon, known as the Palletized High Energy Laser (P-HEL) and developed by the American defense contractor BlueHalo based on the company’s 20-kilowatt Locust Laser Weapon System, first arrived in an unspecified location overseas and “commenced operational employment” in November 2022, according to an April press release from the company. A second system arrived overseas “earlier this year.”

While the Army initially declined to indicate where the P-HEL systems were sent and whether they had achieved a “kill” against an adversary drone, citing operational security concerns, the service’s top acquisition official recently confirmed that the new laser weapons had in fact succeeded in neutralizing incoming threats in the Middle East.

“They've worked in some cases,” Doug Bush, the Army’s assistant secretary for acquisition, logistics, and technology, told _Forbes_ this month. “In the right conditions, they're highly effective against certain threats.”

News of the P-HEL’s deployment comes as the US military seeks to aggressively bolster its air defense capabilities amid a dramatic increase in drone and missile attacks against US troops by Iran-backed militias in the Middle East, as well as against US Navy warships operating in the Red Sea by Houthi rebels in Yemen following the October 7 attack in Israel by Hamas.

Since the beginning of the Israel-Hamas conflict, the US Defense Department has been slowly but surely hinting at the use of laser weapons downrange. But the arrival of the P-HEL in the Middle East for operational use is a technological victory for the US military, which has actively pursued research related to directed-energy weapons since the 1970s. Even more significantly, it may also represent a tipping point for the development and use of laser weapons more broadly by militaries around the world.

BlueHalo’s LOCUST Laser Weapon System (LWS) combines precision optical and laser hardware with advanced software, artificial intelligence (AI), and processing to enable and enhance the directed energy “kill chain”.Photograph: BlueHalo

**Light at the End of the Tunnel**

Following its creation in 1960 by American engineer and physicist Theodore Maiman, the laser—technically an acronym for “light amplification by stimulated emission of radiation”—almost immediately became a futuristic weapon of choice among both science fiction writers and military planners. This wasn’t surprising: While Maiman touted the potential scientific applications of his discovery when he first unveiled it to the country later that year, the laser immediately conjured up visions in the public consciousness of the Martian “heat ray” from H. G. Wells’ _War of the Worlds_, so much so that many of the contemporary headlines from its debut were variations of the _Los Angeles Herald_’s “L.A. Man Discovers Science Fiction Death Ray,” according to Jeff Hecht’s book _Beam: The Race to Make the Laser_. “In reality, the laser was more of a Life Ray than a Death Ray,” Maiman would later recall thinking of his invention’s medical applications, according to his memoir.

The Pentagon began exploring the military applications of lasers almost immediately, from relatively practical uses like designators for laser-guided bombs to more far-fetched concepts like the Strategic Defense Initiative of the 1980s, also known as “Star Wars.” But only in the past few decades has the underlying technology advanced to the point where laser weapons are effective against their intended targets.

In the mid-2000s, the Air Force successfully used its Boeing 747-based YAL-1 airborne laser to defeat ballistic missiles in flight during tests, while the Army’s Humvee-mounted Zeus-HMMWV Laser Ordnance Neutralization System system deployed to Afghanistan and Iraq to zap landmines, improvised explosive devices, and unexploded ordnance. By 2014, the Navy’s AN/SEQ-3 Laser Weapon System (LaWS) was successfully disabling drones and small boats during testing from the bow of the Austin-class amphibious transport dock USS _Ponce_ in what the service billed at the time as the world’s first “active laser weapon.” (When the _Ponce_ was decommissioned in 2017, the LaWS’s successor system, the Technology Maturation Laser Weapon System Demonstrator, was installed on the San Antonio-class amphibious transport dock USS _Portland_, which successfully tested it in 2020 and 2021).

Apart from intermittent attempts at developing a non-lethal “laser rifle” over the decades, the Pentagon has generally envisioned employing modern directed-energy weapons primarily for defensive purposes. If successfully developed, high-energy lasers in particular could prove highly effective at short-range air defense missions against helicopters and low-flying attack aircraft, as well as blasting incoming rockets, artillery, and mortars out of the sky, according to a 2023 Congressional Research Service report on the US military’s directed-energy weapons programs. With enough power, a sustained laser beam could neutralize fast-moving hardened threats like cruise missiles and, eventually, even ballistic missiles.

After decades of technological progress, the US military is finally making the dream of laser weapons an operational reality: Not only has the Pentagon increasingly poured money into research and development, spending roughly $1 billion a year on at least 31 directed-energy programs since 2020, but the department has also finally deployed several mature laser weapons alongside US forces abroad in recent years for testing.

Those laser weapons include the Air Force’s High-Energy Laser Weapon System, a Raytheon-developed dune-buggy-mounted system developed for air base defense that saw testing overseas in 2021; the Marine Corps’ Compact Laser Weapon System, which Marines have been training on in the Middle East since 2021; Lockheed Martin’s 60-kilowatt High Energy Laser with Integrated Optical-dazzler and Surveillance (HELIOS), which currently adorns the bow of the Navy’s Arleigh Burke-class destroyer USS _Preble_; and the Army’s 50-kilowatt Stryker-mounted Directed Energy Maneuver-Short Range Air Defense (DE M-SHORAD) system, or “Guardian,” which consists of a laser turret mounted on a Stryker infantry carrier, a platoon of which arrived in the Middle East in February for “real world testing.” The Army also recently took receipt of a 300-kilowatt “Valkyrie” laser system designed explicitly to deal with incoming cruise missiles.

The adoption of BlueHalo’s Locust laser weapon system in particular likely won’t stop with the P-HEL. In 2023, the company received contracts not just to develop the new 20-kilowatt Army Multi-Purpose High Energy Laser (AMP-HEL) system that’s designed to integrate with the service’s next-generation Infantry Squad Vehicle light utility vehicle, but also a potential laser system for the Marine Corps’ Joint Light Tactical Vehicle that’s set to replace the service’s aging Humvee fleet.

The US military isn’t the only conventional fighting force pushing for a directed-energy element of its air defenses. The UK Royal Navy in April announced that it planned to fast-track the installation of its new 50-kilowatt “DragonFire” high-powered laser onto a warship by 2027 instead of 2032 as originally planned “as the need for weapons to counter drone and missile threats—like those fired by Houthi rebels—grows,” the service said in a statement. Less than a week later, US House Republicans unveiled their long-delayed security assistance package for Israel that included $1.2 billion for the development of the Israeli military’s “Iron Beam” laser air defense system “to counter short-range rocket threats” amid attacks from Hamas militants. Meanwhile, countries like Russia, China, France, India, and Turkey, among others, have all invested heavily in the development of laser systems in recent years, according to the Rand Corporation.

During a trial at the MOD’s Hebrides Range, the DragonFire laser directed energy weapon (LDEW) system achieved the UK’s first high-power firing of a laser weapon against aerial targets. The range of DragonFire is classified, but it is a line-of-sight weapon and can engage with any visible target.Photograph: UK.gov

**Cheap Threats**

The development and fielding of directed-energy weapons like lasers has taken on such new urgency among world governments in recent years due to the rapid proliferation of relatively cheap one-way attack drones among both professional militaries (see: the 2020 conflict between Armenia and Azerbaijan and Russia’s ongoing invasion of Ukraine) and irregular forces like Yemen’s Houthis in the Red Sea, ISIS cells in Iraq and Syria, and Iran-backed militias across the Middle East. In 2021, then-Central Command chief Marine General Frank McKenzie Jr. warned US lawmakers that weaponized commercial off-the-shelf drones have become the greatest threat to US forces in the region since the advent of the improvised explosive device during the early years of the Global War on Terror.

That threat is very real. In January, three US service members were killed and more than 40 others were injured in a drone attack conducted by an Iran-backed militia on a military outpost in Jordan near the Syrian border. As of mid-February, more than 140 additional service members had been injured in attacks launched against American forces in Iraq and Syria since mid-October, according to the Pentagon, 130 of whom were suffering from traumatic brain injuries. That more American troops weren’t killed in these attacks was essentially a matter of luck, according to Army General Michael "Erik" Kurilla, the current head of Central Command.

"There are several incidents where \[drones\] coming into a base hit another object, got caught up in a netting or other incidents where, had they hit the appropriate target that they were targeting, it would have injured or killed service members," Kurilla told lawmakers during a Senate Armed Services Committee hearing in March.

This rising tide of adversary drones has prompted US military commanders to clamor for more directed-energy options, as has the increased threat of missile attacks. As the rate of Houthi potshots at American warships and merchant vessels in the Red Sea began to spike in January, the Navy’s current surface warfare boss publicly emphasized that the service needed to rapidly accelerate the rate of development and fielding of its directed-energy assets not just to deal with drones but also incoming cruise and ballistic missiles.

“What we’re facing in the Red Sea is more than just drones. We’re looking at land-attack cruise missiles, we’re looking at anti-ship ballistic missiles that are getting shot in the Red Sea by the Houthis. And our ships are dealing with all of those,” the Naval Surface Forces commander, vice admiral Brendan McLane, told reporters in early January. “One of the things that I think we really need to get after quicker is we need to accelerate the development of directed-energy weapons, whether it’s a laser, whether it’s a microwave.” Navy Secretary Carlos Del Toro echoed McClane’s comments the next day, telling reporters that he was “very, very excited” to boost investments in laser weapon research and development for the service.

Developing and fielding laser weapons isn’t just a matter of practicality, but price tag. Rather than force warships and ground troops to expend costly munitions like the $2.1 million-a-shot Standard Missile-2 naval missile and $480,000-a-shot FIM-92 Stinger missile on comparatively inexpensive drones, a laser weapon can defeat incoming threats with a basically negligible cost-per-shot ($1 to $10, per an April 2023 Government Accountability Office assessment) and, with a suitable power source, a near-infinite magazine. Given the fact that the US military has already expended nearly $1 billion in munitions since October to defend against Iran-backed attacks in the Red Sea and elsewhere (at an average of $100,000 per shot, per officials), lasers and other directed-energy weapons may prove far more cost-effective in the long run for a Pentagon explicitly looking to keep counter-drone costs down.

“I would love to have the Navy produce more directed energy that can shoot down a drone, so I don't have to use an expensive missile to shoot it down,” as Kurilla put it in his testimony before lawmakers in March.

The confluence of technological advancements and the urgent need posed by the rise of weaponized drones has created circumstances that may induce the US and its allies to even more rapidly develop and employ laser weapons around the world.

But challenges remain. Chief among them is ensuring that laser weapons systems actually produce a coherent laser beam as expected outside the controlled setting of a lab in the real world, where "substances in the atmosphere—particularly water vapor, but also sand, dust, salt particles, smoke, and other air pollution—absorb and scatter light, and atmospheric turbulence can defocus a laser beam," according to the Congressional Research Service. While atmospheric problems are particularly pronounced for shipboard lasers, the CRS report notes that these systems can be engineered to hit a “sweet spot” in the electromagnetic spectrum to overcome the atmospheric absorption inherent to maritime operations. Time will tell with the operational deployment of the P-HEL and testing of the DE M-SHORAD in the Middle East whether those systems can adjust to more inhospitable conditions.

Beyond functional issues, there’s also the question of teaching service members to operate a laser effectively in a combat setting. The CRS report notes that “thermal blooming”—where a sustained laser beam heats up the air it’s passing through, which in turn defocuses the beam—makes head-on (or “down-the-throat”) shots against incoming targets less effective, a problem that will require a training and doctrinal fix in order to compensate. And while many of the US military laser weapons in development require minimal training to use (the BlueHalo Locust on which the P-HEL is based runs on an Xbox controller), the 2023 GAO assessment indicated that the US military will need to develop brand new “tactics, techniques, and procedures” for operating the novel systems in complex combat environments. The laser may work, but it’s up to service members to get the most out of it.

“What we don’t know yet for directed-energy systems necessarily is how to fight \[with\] them,” said Army lieutenant general Robert Rasch, head of the service’s Rapid Capabilities and Critical Technologies Office, which manages its directed-energy portfolio, in August. “How to fight lasers on the battlefield, how to integrate kinetic and non-kinetic effectors, like directed energy, and our traditional air-defense missiles into the battle space.”

**A Problem in Search of a Solution**

Even with additional training, evolving threats like rapidly moving drones or cruise missiles hardened against interception will require a significant boost in power that most existing systems simply can’t generate yet. Take the Navy’s shipborne 60-kilowatt HELIOS laser weapon: While the service wants to scale the system to 300 kilowatts to burn through the nose cones of incoming cruise missiles, the Navy’s surface warfare boss at the time, Rear Admiral Ron Boxall, previously stated in 2019 that the fleet’s new Flight III Arleigh Burke-class destroyers are already maxed out on juice (or “out of Schlitz,” as Boxall put it) due to the requirements of operating the warships’ brand-new AN/SPY-6 Air and Missile Defense Radar. As laser weapons become more robust to counter increasingly complex threats, those power requirements are only going to increase.

And even if laser weapons actually do end up operating effectively downrange with the right technology and training, US service members are then faced with complicated logistics considerations when it comes to keeping them up and running. Laser weapons are extremely complex machines, which makes their repair and maintenance in austere environments a significant challenge for deployed service members who may not have the right tool or facilities on hand. Indeed, the GAO assessment noted that many of the internal mechanisms critical to directed-energy weapons are so sensitive that they typically require a specialized “clean room” for repairs; in one recent case, a laser weapon sent to an operational environment for testing “had to be returned to the manufacturer in the United States” for maintenance after encountering battery and cooling challenges.

“Lasers are complicated. This is not a Humvee that’s sitting in the motor pool,” as Lieutenant General Daniel Karbler, the head of the Army’s Space and Missile Defense Command, reportedly said in August 2023. “Many of the some of the main \[laser\] components … you’re not going to have a supply room or maintenance office full of repair parts.”

Taken together, all of these challenges could pose a serious potential roadblock to the widespread proliferation of laser weapons across the US military. As the GAO report notes, many promising military technologies too often fall into the so-called “valley of death”—a limbo between ongoing R&D and the actual acquisition and operational use of a new system—because the various military branches “may require a higher level of technology maturity than the science and technology community is able to fund and develop.” While military commanders may clamor for laser technology today, challenges like beam coherence and thermal blooming may prove insurmountable regardless of how much time and patience the Pentagon pours into development, a prospect that could relegate laser weapons to an R&D graveyard alongside other ambitious projects like the Navy’s electromagnetic railgun. The P-HEL may represent a new beginning for laser weapons, but it could also end up as an exception that proves they aren’t ready for prime time yet.

Maiman, the physicist who invented the laser, once famously derided his creation as “a solution in search of a problem,” an idiom often used to describe innovations that don’t address any real issue and, in turn, don’t offer any real value. But more than a half-century after the laser’s introduction into America’s modern technological vocabulary, the rise of deadly drones and missile threats has presented the laser weapon with a pressing issue worth solving. And while the laser is still far from becoming a ubiquitous piece of military technology, it holds the potential to revolutionize how US troops counter airborne threats overseas—and, in time, change the face of modern warfare as we know it.

Welcome to the Laser Wars

The Security Explorations team has come up with two attack scenarios that make it possible to extract private ECC keys used by a PlayReady client (Windows SW DRM scenario) for the communication with a license server and identity purposes. Proof of concept included.

    Hello All,We have come up with two attack scenarios that make it possible toextract private ECC keys used by a PlayReady client (Windows SW DRMscenario) for the communication with a license server and identitypurposes.More specifically, we successfully demonstrated the extraction of thefollowing keys:- private signing key used to digitally sign license requests issuedby PlayReady client,- private encryption key used to decrypt license responses received bythe client (decrypt license blobs carrying encrypted content keys).A proof for the above (which Microsoft should be able to confirm) isavailable at this link:https://security-explorations.com/samples/wbpmp_id_compromise_proof.txtWhile PlayReady security is primary about security of content keys,ECC keys that make up client identity are even more important. Uponcompromise, these keys can be used to mimic a PlayReady client outsideof a Protected Media Path environment and regardless of the imposedsecurity restrictions.In that context, extraction of ECC keys used as part of a PlayReadyclient identity constitute an ultimate compromise of a PlayReadyclient on Windows ("escape" of the PMP environment, ability to requestlicenses and decrypt content keys).Content key extraction from Protected Media Path process (through XORkey or white-box crypto data structures) in a combination with thislatest identity compromise attack means that there is nothing left tobreak when it comes to Windows SW DRM implementation.Let this serve as a reminder that PlayReady content protectionimplemented in software and on a client side has little chances of a“survival” (understood as a state of not being successfully reverseengineered and compromised). In that context, this is vendor’sresponsibility to constantly increase the bar and with the use of allavailable technological means.Thank you.Best Regards,Adam Gowdiak----------------------------------Security Explorations -AG Security Research Labhttps://security-explorations.com----------------------------------Packet Storm Editor Note - below is wbpmp_id_compromise_proof.txtc:\_MNT\PROJECTS\WBPMP\code\toolkit>shell# MS Play Ready / Canal+ VOD toolkit# (c) Security Explorations    2016-2019 Poland# (c) AG Security Research     2019-2022 Polandloaded cdn      [CDN helper]loaded mspr     [MS Play Ready toolkit]loaded vod      [CANALP VOD toolkit]loaded cgaweb   [CANALP CGAWeb toolkit]msprcp> set CDM_DIR cdm\w10msprcp> identity0C86330B0E98CD7C586F336088DAFA0E4F72F3CBDC81C849F635AE556A73679F902B255736B6E891F3AF30F98B0A5DBAD9A5C7A90F8DEA029AA8FB1C95887BE3E82DFAE7A9DB21FC1ECF33C1DADC54B7msprcp> identity 0C86330B0E98CD7C586F336088DAFA0E -v[0C86330B0E98CD7C586F336088DAFA0E]PRKF version: 3   attr: 100c Unknown   data     0000:  00 04 00 00                                      ....   attr: 1000 Unknown   data     0000:  00 01 10 01 00 00 00 2c 00 02 00 80 00 01 00 00  .......,........     0010:  ea 3c 67 da 4e 43 de e0 00 00 00 10 30 e1 4c db  .<g.NC......0.L.     0020:  9d 23 9e 97 f7 1d ac 03 13 c2 2b 69 00 01 10 02  .#........+i....     0030:  00 00 00 7c 00 01 01 00 00 00 00 40 cb 27 6f 9f  ...|.......@.'o.     0040:  9f 76 46 64 54 23 19 ef 9c c7 69 0f 9c 3b e3 75  .vFdT#....i..;.u     0050:  8b d3 78 2a 8d 03 fb a8 bf 9e 1c 6d f7 10 1c 69  ..x*.......m...i     0060:  94 2c 4d 07 d9 68 8b 61 09 85 bb d3 4e e8 58 20  .,M..h.a....N.X.     0070:  e2 0c c9 bc a9 a8 1e b7 f6 59 65 7d 00 62 e4 7a  .........Ye}.b.z     0080:  4a 93 87 21 00 00 00 20 93 de eb 4b ab b4 b2 c1  J..!.......K....     0090:  71 9b 3c fc cf a8 b9 7e f2 a9 4f e1 07 39 17 fd  q.<.......O..9..     00a0:  23 10 72 8a 29 95 bf d8 00 01 10 11 00 00 00 3c  #.r.)..........<     00b0:  00 02 00 80 2d 82 c1 90 50 2c e7 55 00 00 00 10  ....-...P,.U....     00c0:  8f 03 13 45 06 c3 b4 3e fb 7f 1d 77 e8 ca 2d 07  ...E...>...w..-.     00d0:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................     00e0:  00 00 00 00                                      ....   attr: 1009 Identities     IdentityInfo       pubkey         0000:  f0 34 a0 f4 28 79 dc a4 73 88 c8 fa a6 46 40 94  .4..(y..s....F@.         0010:  ef 10 f7 4b f4 42 5e 2e 51 c1 08 67 9d 9a 4b 2e  ...K.B^.Q..g..K.         0020:  af 2b ed 89 8e dd bb eb 1b ad 68 df 9c 33 d2 8b  .+........h..3..         0030:  1d f3 a5 77 1a d2 a0 a3 b9 4d 83 6d 24 a4 2a 03  ...w.....M.m$.*.       prvkey         0000:  31 d5 b7 ab dd 28 44 52 3b 8a ac 6c e2 c5 4e 34  1....(DR;..l..N4         0010:  61 1d 97 8f e1 4f 63 e9 c0 14 8a 83 6c 5f 3f cc  a....Oc.....l_?.     IdentityInfo       pubkey         0000:  42 b2 a0 ff 38 1c 34 cc 67 06 3b 50 e1 2e 0d de  B...8.4.g.;P....         0010:  74 49 55 29 38 ef 66 0c 60 5c 90 9f 8c b0 49 43  tIU)8.f.......IC         0020:  0f e7 a8 1f 2f 67 5a b2 90 5c 3e 2e 99 62 19 b4  ..../gZ...>..b..         0030:  4a 39 8b 23 64 5e 4c d7 cc 95 38 bd 3c d3 2b f7  J9.#d^L...8.<.+.       prvkey         0000:  d7 60 5c 71 57 a0 01 7c 58 e2 e7 79 a8 b1 12 55  ...qW..|X..y...U         0010:  1d 72 14 f0 d9 2c ef 04 6c cc 57 c1 2e 9b e3 b4  .r...,..l.W.....     IdentityInfo       pubkey         0000:  cb 27 6f 9f 9f 76 46 64 54 23 19 ef 9c c7 69 0f  .'o..vFdT#....i.         0010:  9c 3b e3 75 8b d3 78 2a 8d 03 fb a8 bf 9e 1c 6d  .;.u..x*.......m         0020:  f7 10 1c 69 94 2c 4d 07 d9 68 8b 61 09 85 bb d3  ...i.,M..h.a....         0030:  4e e8 58 20 e2 0c c9 bc a9 a8 1e b7 f6 59 65 7d  N.X..........Ye}       prvkey         0000:  4c 33 c6 8e 0e f1 b6 f1 0c d5 31 6b 40 94 aa 68  L3........1k@..h         0010:  32 cc 68 1b 00 3b fc 65 8b c4 3c e3 cb 62 de fc  2.h..;.e..<..b..         0020:  11 ef 51 7b 92 73 a1 84 24 ac 71 33 cf 76 d3 05  ..Q{.s..$.q3.v..         0030:  44 2d 4e 12 79 3f 3f 09 7a 4e 4d 51 ac 78 a7 3c  D-N.y??.zNMQ.x.<         0040:  6b                                               k   IdentityCertChain     CERT CHAIN:       ### CERT         - random           0000:  07 80 59 24 9a b6 7e 48 c3 7f 6d 38 30 af f0 b6  ..Y$...H..m80...         - seclevel 2000         - uniqueid           0000:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................         - pubkey_sign           0000:  42 b2 a0 ff 38 1c 34 cc 67 06 3b 50 e1 2e 0d de  B...8.4.g.;P....           0010:  74 49 55 29 38 ef 66 0c 60 5c 90 9f 8c b0 49 43  tIU)8.f.......IC           0020:  0f e7 a8 1f 2f 67 5a b2 90 5c 3e 2e 99 62 19 b4  ..../gZ...>..b..           0030:  4a 39 8b 23 64 5e 4c d7 cc 95 38 bd 3c d3 2b f7  J9.#d^L...8.<.+.         - pubkey_enc           0000:  cb 27 6f 9f 9f 76 46 64 54 23 19 ef 9c c7 69 0f  .'o..vFdT#....i.           0010:  9c 3b e3 75 8b d3 78 2a 8d 03 fb a8 bf 9e 1c 6d  .;.u..x*.......m           0020:  f7 10 1c 69 94 2c 4d 07 d9 68 8b 61 09 85 bb d3  ...i.,M..h.a....           0030:  4e e8 58 20 e2 0c c9 bc a9 a8 1e b7 f6 59 65 7d  N.X..........Ye}         - digest           0000:  c5 c4 33 e5 4e b0 c5 b3 5b e9 89 9b de 89 b4 cd  ..3.N...[.......           0010:  e5 e1 c3 bb 80 c3 88 87 17 40 95 0b 3a 82 cc 89  .........@..:...         - signature           0000:  23 ce 2a 20 50 24 8f 32 3d 5a 08 5c 88 dd 65 dd  #.*.P$.2=Z....e.           0010:  93 66 be ec 7a d5 c6 39 80 66 c1 f5 36 4e b7 08  .f..z..9.f..6N..           0020:  9d 7b 59 05 79 3b 49 08 4f 94 af 7f b8 96 4e 81  .{Y.y;I.O.....N.           0030:  bd ff fe 38 61 d8 08 90 96 2c b6 32 ee ba 75 5f  ...8a....,.2..u_         - signkey           0000:  59 86 b7 a2 a9 d6 b3 06 1f 5d 20 08 f6 97 ee f5  Y........]......           0010:  bc c6 15 cb e6 4e f9 60 7a 83 55 3d c0 3a 21 b6  .....N..z.U=.:!.           0020:  d4 c7 33 e2 71 7e 1c ad 00 e5 20 70 87 64 66 9e  ..3.q......p.df.           0030:  ee 5f 4d 78 b1 c6 42 3a f9 6f af 6a 44 cf ef 3d  ._Mx..B:.o.jD..=         - sig status: BAD SIGNATURE       ### CERT         - names           * Microsoft           * Windows           * 6.4.9.000         - random           0000:  28 37 b2 3d a4 70 a4 7f f0 8c 69 78 3c 6c 38 cd  (7.=.p....ix<l8.         - seclevel 2000         - uniqueid           0000:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................         - pubkey_sign           0000:  59 86 b7 a2 a9 d6 b3 06 1f 5d 20 08 f6 97 ee f5  Y........]......           0010:  bc c6 15 cb e6 4e f9 60 7a 83 55 3d c0 3a 21 b6  .....N..z.U=.:!.           0020:  d4 c7 33 e2 71 7e 1c ad 00 e5 20 70 87 64 66 9e  ..3.q......p.df.           0030:  ee 5f 4d 78 b1 c6 42 3a f9 6f af 6a 44 cf ef 3d  ._Mx..B:.o.jD..=         - digest           0000:  68 d5 b6 78 9c 6c c4 63 36 50 62 4a cc 20 c0 08  h..x.l.c6PbJ....           0010:  16 1b 0a e9 31 0c 68 97 dc eb 1a 41 1b df 6b 75  ....1.h....A..ku         - signature           0000:  c2 a3 13 ec e8 a9 f0 77 70 df 3d 8b 2b ed 08 68  .......wp.=.+..h           0010:  b0 79 c9 d2 40 84 26 a9 1d 16 00 4a 73 76 81 c7  .y..@.&....Jsv..           0020:  aa 1f 75 78 6d 17 20 6e 15 e1 8f 2d 39 c8 db 05  ..uxm..n...-9...           0030:  00 0d b5 6f 88 27 04 ed a4 8f 24 7f c7 f7 da b4  ...o.'....$.....         - signkey           0000:  e7 3a 1b a7 c0 65 9e 6d 2f 45 5c 9d 80 91 cc da  .:...e.m/E......           0010:  96 c9 63 6b 4f 63 a1 78 18 f5 54 e4 bd 19 97 14  ..ckOc.x..T.....           0020:  81 07 fe d9 8a bf 0e 6b 8e 96 81 58 e6 90 7c a7  .......k...X..|.           0030:  df 1d 66 cf a3 58 f7 7b 1c 4e 62 d0 28 11 56 9c  ..f..X.{.Nb.(.V.         - sig status: OK       ### CERT         - names           * Microsoft           * PlayReady SL2000 Device Port- Windows Lib Codebase Version CA           * 1.0.0.4         - random           0000:  db 51 85 24 63 ac 07 0b aa c9 91 f9 c4 0a 07 2a  .Q.$c..........*         - seclevel 2000         - uniqueid           0000:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................         - pubkey_sign           0000:  e7 3a 1b a7 c0 65 9e 6d 2f 45 5c 9d 80 91 cc da  .:...e.m/E......           0010:  96 c9 63 6b 4f 63 a1 78 18 f5 54 e4 bd 19 97 14  ..ckOc.x..T.....           0020:  81 07 fe d9 8a bf 0e 6b 8e 96 81 58 e6 90 7c a7  .......k...X..|.           0030:  df 1d 66 cf a3 58 f7 7b 1c 4e 62 d0 28 11 56 9c  ..f..X.{.Nb.(.V.         - digest           0000:  63 70 b4 92 33 b1 cf 78 7f 9e 36 01 29 e0 29 b2  cp..3..x..6.).).           0010:  f7 cf b1 cc 0b 71 5d 6a 02 24 df 01 75 d2 2f 0e  .....q]j.$..u./.         - signature           0000:  99 f3 5b 4b 55 a8 8d a8 bd 18 db 94 8e b0 31 1f  ..[KU.........1.           0010:  14 a4 43 41 64 f7 fd 81 cd 1e 57 68 0e f1 2c 40  ..CAd.....Wh..,@           0020:  c4 c2 19 20 78 37 41 07 c1 e3 54 ec fb 64 19 18  ....x7A...T..d..           0030:  13 5b 2c 5a 34 7f 1f 48 7a 88 5a 02 33 e5 b9 76  .[,Z4..Hz.Z.3..v         - signkey           0000:  7d 91 d4 6d 44 f0 29 2a bd b9 72 d7 9b dc bc f8  }..mD.)*..r.....           0010:  35 ad 17 27 cb c8 35 37 7e 91 43 58 44 f9 1b 3f  5..'..57..CXD..?           0020:  71 be 7c 6b 04 0d bf d4 f7 80 8b 7a 0c 47 f7 82  q.|k.......z.G..           0030:  30 2b 9c 29 5f 05 eb c3 92 71 f5 47 88 41 fd 1b  0+.)_....q.G.A..         - sig status: OK       ### CERT         - names           * Microsoft           * PlayReady SL2000 Device Port - Windows Platform CA for x86/amd64           * 1.0.0.3         - random           0000:  4a ee c4 a0 0d c9 57 ab 14 52 de 28 54 42 f3 84  J.....W..R.(TB..         - seclevel 2000         - uniqueid           0000:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................         - pubkey_sign           0000:  7d 91 d4 6d 44 f0 29 2a bd b9 72 d7 9b dc bc f8  }..mD.)*..r.....           0010:  35 ad 17 27 cb c8 35 37 7e 91 43 58 44 f9 1b 3f  5..'..57..CXD..?           0020:  71 be 7c 6b 04 0d bf d4 f7 80 8b 7a 0c 47 f7 82  q.|k.......z.G..           0030:  30 2b 9c 29 5f 05 eb c3 92 71 f5 47 88 41 fd 1b  0+.)_....q.G.A..         - digest           0000:  2f ad a9 0e 8f 7e 82 47 7a 2e 82 c3 6d 0c 20 c7  /......Gz...m...           0010:  0b 58 95 d7 2e 85 21 28 83 b1 9c 27 0b 49 dc 21  .X....!(...'.I.!         - signature           0000:  9e fb bf 14 68 cc 5e 0f db 21 7d 11 dc 67 4a 23  ....h.^..!}..gJ#           0010:  71 c7 ac 34 73 bb 48 ee a3 33 c3 c9 55 62 2e c2  q..4s.H..3..Ub..           0020:  bb 36 01 af cd dc 88 48 01 fa d2 2b 4b 3f e3 75  .6.....H...+K?.u           0030:  48 44 98 40 9d db 53 0f 44 25 a5 65 fd 29 61 7e  HD.@..S.D%.e.)a.         - signkey           0000:  a1 87 e3 42 5c 05 f7 a4 52 85 d6 fe c8 17 f7 3b  ...B....R......;           0010:  69 64 74 e2 b9 e1 61 4b a3 fa 51 b9 ad fe 9d 27  idt...aK..Q....'           0020:  3f 6a 4e 50 75 e0 1d f2 ab 18 61 e7 c2 e1 9b d2  ?jNPu.....a.....           0030:  87 99 86 8f 97 f7 cb a2 1d 97 73 19 ba b8 be 92  ..........s.....         - sig status: OK       ### CERT         - names           * Microsoft           * PlayReady SL2000 Device Port + Link CA           * 1.0.0.1         - random           0000:  ec aa b6 cd 0b 16 ca df e9 a8 82 52 b4 58 9c a9  ...........R.X..         - seclevel 2000         - uniqueid           0000:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................         - pubkey_sign           0000:  a1 87 e3 42 5c 05 f7 a4 52 85 d6 fe c8 17 f7 3b  ...B....R......;           0010:  69 64 74 e2 b9 e1 61 4b a3 fa 51 b9 ad fe 9d 27  idt...aK..Q....'           0020:  3f 6a 4e 50 75 e0 1d f2 ab 18 61 e7 c2 e1 9b d2  ?jNPu.....a.....           0030:  87 99 86 8f 97 f7 cb a2 1d 97 73 19 ba b8 be 92  ..........s.....         - digest           0000:  ed 0f 33 d6 b4 ab f0 8d c0 1a 47 1f d0 13 68 0e  ..3.......G...h.           0010:  0c 12 e3 a9 ce d3 00 f9 9b 45 af 61 f1 68 4d 64  .........E.a.hMd         - signature           0000:  31 60 bc 8c 1f 0e 5e fe ea 80 83 79 b4 ad 02 74  1.....^....y...t           0010:  f1 c9 20 f9 c8 93 f0 ca 5c c7 72 e6 5c 97 8e 88  ..........r.....           0020:  a8 9f c5 b0 7b b6 d0 8f 50 33 20 fa 34 03 4a ea  ....{...P3..4.J.           0030:  68 91 01 d2 f0 cb 0f fa 4d 51 5c 25 93 c8 c2 12  h.......MQ.%....         - signkey           0000:  86 4d 61 cf f2 25 6e 42 2c 56 8b 3c 28 00 1c fb  .Ma..%nB,V.<(...           0010:  3e 15 27 65 85 84 ba 05 21 b7 9b 18 28 d9 36 de  >.'e....!...(.6.           0020:  1d 82 6a 8f c3 e6 e7 fa 7a 90 d5 ca 29 46 f1 f6  ..j.....z...)F..           0030:  4a 2e fb 9f 5d cf fe 7e 43 4e b4 42 93 fa c5 ab  J...]...CN.B....         - sig status: OK   attr: 1010 Unknown   data     0000:  00 02 00 80 2d 82 c1 90 50 2c e7 55 00 00 00 10  ....-...P,.U....     0010:  9e 53 d0 8b 82 43 90 08 bb f4 25 2d 06 1d 79 0e  .S...C....%-..y.     0020:  b1 ff 09 8d 5a 7c 52 4d ae 22 40 b0 5e c8 4d 33  ....Z|RM."@.^.M3     0030:  00 05 00 00                                      ....   attr: 1013 Unknown   data     0000:  00 00 00 01 00 00 00 10 30 b3 3e b8 a1 31 ae 42  ........0.>..1.B     0010:  ab 0d 43 74 c5 15 cd e0                          ..Ct....   attr: 1014 Unknown   data     0000:  19 ec 66 7f 93 64 89 46 95 47 89 1d a5 37 12 f1  ..f..d.F.G...7..   SignerCertChain     CERT CHAIN:       ### CERT         - names           * Microsoft           * Microsoft KeyFileSigner           * 1.0.0.1         - random           0000:  f0 6a b7 09 88 a4 c7 c8 1d f9 5c 6d cd e4 ab 52  .j.........m...R         - seclevel 2000         - uniqueid           0000:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................         - pubkey_sign           0000:  97 41 fa 59 bd 5e b8 22 80 b2 a9 e2 dd e5 70 87  .A.Y.^."......p.           0010:  ce 91 07 e4 3b 12 81 69 fb a9 94 48 37 f4 9e 46  ....;..i...H7..F           0020:  bb b7 11 b9 8f 4e c8 17 96 50 9d 05 f5 98 f7 a7  .....N...P......           0030:  5c 44 56 2d 4d 2a c3 4d 48 1a c7 4a 1d 48 16 c4  .DV-M*.MH..J.H..         - digest           0000:  b9 e0 29 a8 59 21 9c de c1 b5 75 58 4c e6 6d e3  ..).Y!....uXL.m.           0010:  08 8c 3e 43 05 14 26 fa 8d c0 3e a5 df f3 df bc  ..>C..&...>.....         - signature           0000:  c8 b0 b2 4d 59 da e8 2b a5 b1 ac 61 95 54 85 ea  ...MY..+...a.T..           0010:  32 a1 19 5f 45 9c 0d 54 a0 cf 43 86 54 64 41 c0  2.._E..T..C.TdA.           0020:  8a 02 e7 0d e1 49 aa 40 26 61 a9 e0 b8 77 d9 ac  .....I.@&a...w..           0030:  1e 2d 3f 2c 7f 7c 29 82 74 c3 74 f9 11 5d f0 81  .-?,.|).t.t..]..         - signkey           0000:  af 6f af 3a 41 e4 a2 b9 eb cd 8c 95 a5 05 9b 11  .o.:A...........           0010:  38 a3 97 2a 1e c0 72 e3 24 52 78 b9 b5 49 28 f3  8..*..r.$Rx..I(.           0020:  e0 28 3e 78 51 5d eb 6f 56 93 1a 5a 28 f3 aa b3  .(>xQ].oV..Z(...           0030:  04 c7 1f b5 b4 c7 f4 92 59 ed 21 f8 65 14 ec 33  ........Y.!.e..3         - sig status: OK       ### CERT         - names           * Microsoft           * PlayReady SL2000 KeyFileSigner Root CA           * 1.0.0.1         - random           0000:  d6 ac 35 b4 d8 5d b4 30 74 0c ac 05 ea 0c 1e 86  ..5..].0t.......         - seclevel 2000         - uniqueid           0000:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................         - pubkey_sign           0000:  af 6f af 3a 41 e4 a2 b9 eb cd 8c 95 a5 05 9b 11  .o.:A...........           0010:  38 a3 97 2a 1e c0 72 e3 24 52 78 b9 b5 49 28 f3  8..*..r.$Rx..I(.           0020:  e0 28 3e 78 51 5d eb 6f 56 93 1a 5a 28 f3 aa b3  .(>xQ].oV..Z(...           0030:  04 c7 1f b5 b4 c7 f4 92 59 ed 21 f8 65 14 ec 33  ........Y.!.e..3         - digest           0000:  71 01 a1 dd 80 f2 79 7a 2e 3c f2 f6 b9 bf 78 b0  q.....yz.<....x.           0010:  ed 65 93 d5 42 cf 17 d4 0a c7 fa b0 18 82 3b 2f  .e..B.........;/         - signature           0000:  af 18 1d 1a 7d 98 92 c5 df 3e ac b3 2a 17 d2 29  ....}....>..*..)           0010:  92 e9 7f 4c 0f b1 5a 3d bd 91 d9 e2 bb b9 34 87  ...L..Z=......4.           0020:  e7 9b 00 bb 78 02 1f 5c a8 e0 f2 e0 0b d3 f9 b5  ....x...........           0030:  1a c5 e6 fe dd cd b4 1c 3f d7 89 d1 62 6a 5a 0b  ........?...bjZ.         - signkey           0000:  86 4d 61 cf f2 25 6e 42 2c 56 8b 3c 28 00 1c fb  .Ma..%nB,V.<(...           0010:  3e 15 27 65 85 84 ba 05 21 b7 9b 18 28 d9 36 de  >.'e....!...(.6.           0020:  1d 82 6a 8f c3 e6 e7 fa 7a 90 d5 ca 29 46 f1 f6  ..j.....z...)F..           0030:  4a 2e fb 9f 5d cf fe 7e 43 4e b4 42 93 fa c5 ab  J...]...CN.B....         - sig status: OKmsprcp> identity 0C86330B0E98CD7C586F336088DAFA0E -e 0C86330B0E98CD7C586F336088DAFA0E0C86330B0E98CD7C586F336088DAFA0E.enc.pub (public encryption key)0C86330B0E98CD7C586F336088DAFA0E.enc.prv (private encryption key)0C86330B0E98CD7C586F336088DAFA0E.sig.pub (public signing key)0C86330B0E98CD7C586F336088DAFA0E.sig.prv (private signing key)msprcp> checkkeypair 0C86330B0E98CD7C586F336088DAFA0E.enc.prv.plain 0C86330B0E98CD7C586F336088DAFA0E.enc.pubKEY CHECK:- prv: 7704db9c130887d60a2c61b1891bbad64676ba56fe146fc6ecc2be993c1cb53d- pub:  X: cb276f9f9f764664542319ef9cc7690f9c3be3758bd3782a8d03fba8bf9e1c6d  Y: f7101c69942c4d07d9688b610985bbd34ee85820e20cc9bca9a81eb7f659657dKEY CHECK OKmsprcp>

Microsoft PlayReady Complete Client Identity Compromise

Debian Linux Security Advisory 5682-2 - The update for glib2.0 released as DSA 5682-1 caused a regression in ibus affecting text entry with non-trivial input methods. Updated glib2.0 packages are available to correct this issue.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5682-2                   security@debian.org  
https://www.debian.org/security/                     Salvatore Bonaccorso  
May 09, 2024                          https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : glib2.0  
Debian Bug     : 1070730 1070736 1070743 1070745 1070749 1070752

The update for glib2.0 released as DSA 5682-1 caused a regression in  
ibus affecting text entry with non-trivial input methods. Updated  
glib2.0 packages are available to correct this issue.

For the oldstable distribution (bullseye), this problem has been fixed  
in version 2.66.8-1+deb11u3.

For the stable distribution (bookworm), this problem has been fixed in  
version 2.74.6-2+deb12u2.

We recommend that you upgrade your glib2.0 packages.

For the detailed security status of glib2.0 please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/glib2.0

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmY8V7JfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2  
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND  
z0RJGA/+IOsDXWcvXMOYEueKNZ+pIFVXLbT4GVMBvUIBf0wqJFbnmwaTXaEojqNR  
HKFcCLIBKzhHkJvCmhaEsaZXj05GxI0jIKV0CULuEl1PeYpXaypIF0BIbtH7Jd0j  
Q7/3qQgafewuJgqwn7e3CG9mF8oZv/QfwH4VPaJMkMd7cdRNytKOiJosg2ZEl3FK  
ycO/t58SMPxApzY5eebAU/u37UKAzI7PeCIz9FaCUQdwMUFuUeJvsYD21PwxYN/R  
LK79UsnHiw6sr3cpNirOhm7F3HXSh7WFBqQdcLGrTaix3X+RKW7NymNhIW8m7qWg  
kJ7w6JArMuvxj2Y2RiBF0eqVVkYcTHOe964+nvDHjzFIUkLU0yhw2GLhK4GzbWjl  
VpXc/+Rv1I9OsFF4SiKNSbi728NM4GUS3ziew//1l9EPM281UrCDoFRkwi1FP2jT  
KVWB0CZacqLmo62cT49HBb1rSxDXSEi0qc0yMKus+Jk+NT8H1k+cpjrK5hy0flJt  
JJWTOJMJ2Ph7LvLbrfsVoeuxeIz+taoLz6JW5dkpk1/LkxSmZkIKztdolirONMqF  
vBCTyz7IvBxqro5+vRsBnSFPJdw4pCVxhfgI/BFIUe8dA2Sh8bE+o69wTgcGDst5  
ZHf28D3hClhMSc/SgotNTUf8KycA15VjxhvNtAeFL0HpOvAKiKI=T+EA  
-----END PGP SIGNATURE-----

Debian Security Advisory 5682-2

By Waqas
Discover the future of phishing email training, including personalized simulations, gamification, AI, and realistic scenarios. Empower your employees to combat evolving cyber threats and protect your organization.
This is a post from HackRead.com Read the original post: The Future of Phishing Email Training for Employees in Cybersecurity

In today’s world, cybersecurity is a worry for businesses across various sectors. As technology progresses, cybercriminals also refine their strategies. One common method they use is through phishing emails. These deceptive messages aim to deceive recipients into disclosing details or downloading files, and their complexity continues to grow.

To counter this changing threat, companies must give importance to providing phishing email training for employees on identifying and responding properly to phishing attempts. So, what lies ahead for training employees on recognizing phishing emails?

****1\. Personalized and Precise Simulations****

Standard training methods no longer suffice in the fight against phishing attacks. Each company confronts obstacles and needs tailored remedies. In the future, we can anticipate simulations that target employee training.

By assessing a company’s weaknesses and developing phishing operations that mirror the tactics likely used against them, businesses can offer employees experience in a controlled setting. This strategy enables employees to hone their ability to detect signs of phishing emails to their sector or role.

****2\. Incorporation of Game Elements and Interactive Teaching****

Conventional teaching techniques often lack engagement and fail to captivate employees. To tackle this problem, incorporating gamification and interactive learning components is likely to become more common in phishing email training.

Gamification involves integrating game features into the training process, making it more engaging and enjoyable for participants. By incorporating exercises, quizzes, competitions, and reward systems, employees can enhance their awareness of phishing attacks while also having time during the learning process.

****3\. Continuous Training Initiatives****

Given that phishing attacks are constantly evolving, it makes sense for employee training to be a process rather than a one-time event. The future of cybersecurity awareness lies in training programs.

Rather than just holding classroom sessions or online tutorials, organizations will shift towards providing ongoing educational programs that offer regular updates on emerging threats and reinforce the best practices for identifying email scams.

Continuous training helps foster a culture of cybersecurity vigilance where employees are informed, alert, and ready to detect and report phishing attempts promptly.

****4\. Integration of Artificial Intelligence (AI)****

Advancements in artificial intelligence (AI) promise to transform phishing email training. AI algorithms can recognize patterns, analyze amounts of data, and pinpoint phishing emails with greater accuracy compared to traditional tools.

Looking ahead, we can anticipate the incorporation of AI-driven solutions into employee training initiatives. These smart systems will keep an eye on emails and offer immediate feedback, flag any suspicious messages, and guide employees on how to handle them.

****5\. Practice with Realistic Scenarios****

Simulated real-world attacks are beneficial for employees as they can hone their response skills in a controlled setting. It’s equally important for them to draw lessons from situations.

In the future, training sessions might involve simulated attacks that replicate breaches or recent phishing incidents. By examining case studies and analyzing phishing emails circulated within the organization or industry, employees gain hands-on experience in dealing with emerging threats.

By staying informed about the evolving tactics used by cybercriminals, organizations can equip their employees to navigate the shifting landscape of security.

****6\. Using Behavioral Analysis and Machine Learning****

Apart from the advancements, behavioral analysis, and machine learning will be pivotal in training employees in cybersecurity to recognize phishing emails. By studying employee behaviour patterns like email interactions, browsing habits, and response times, machine learning algorithms can pinpoint irregularities that could signal a phishing attempt. This proactive strategy enables organizations to pinpoint weaknesses before they become targets.

By including analysis in training sessions, workers can enhance their awareness of their actions and learn to spot changes that may signal potential security threats. Moreover, the incorporation of machine learning allows systems to adjust and develop in response to emerging attack methods, enhancing the effectiveness of training over time.

****Conclusion** **

As the risk of cyber threats grows, companies must prioritize offering comprehensive email phishing training to their staff. The future holds prospects such as tailored simulations, interactive gaming features for engagement, training efforts, AI-supported monitoring tools, and immersive learning scenarios based on real-world situations.

Empower your team with the knowledge and capabilities needed to counter these threats. Remember- ensuring defence against phishing attacks begins with having informed human resources who seamlessly integrate secure practices into their daily routines!

1.  Phishing Scam Drops Byakugan Malware via Fake PDF
2.  Dropbox Abused in Phishing, Malspam Scam to Steal SaaS Logins
3.  Employee Duped by AI-Generated CFO in $25.6M Deepfake Scam
4.  Nespresso Domain Hacked in Phishing Attack for Microsoft Logins
5.  HiBoB Experts Reveal: Top Cybersecurity Threats for Employee Data

The Future of Phishing Email Training for Employees in Cybersecurity

Two vulnerabilities in this group — one in the Tinyroxy HTTP proxy daemon and another in the stb_vorbis.c file library — could lead to arbitrary code execution, earning both issues a CVSS score of 9.8 out of 10.

Wednesday, May 8, 2024 12:00

Cisco Talos’ Vulnerability Research team recently disclosed three zero-day vulnerabilities that are still unpatched as of Wednesday, May 8. 

Two vulnerabilities in this group — one in the Tinyroxy HTTP proxy daemon and another in the stb\_vorbis.c file library — could lead to arbitrary code execution, earning both issues a CVSS score of 9.8 out of 10. While we were unable to reach the maintainers, the Tinyroxy maintainers have since patched the issue.  

Another zero-day exists in the Milesight UR32L wireless router. 

These vulnerabilities have all been disclosed in adherence to Cisco’s third-party vulnerability disclosure timeline after the associated vendors did not meet the 90-day deadline for a patch or communication.  

For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website.  

**Use-after-free vulnerability in Tinyproxy daemon **

_Discovered by Dimitrios Tatsis._ 

The Tinyproxy HTTP proxy daemon contains a vulnerability that could lead to arbitrary code execution. 

Tinyproxy is meant to be used in smaller networking environments. It was originally released more than a dozen years ago.  

A use-after-free vulnerability, TALOS-2023-1889 (CVE-2023-49606), exists in the \`Connection\` header provided by the client. An adversary could make an unauthenticated HTTP request to trigger this vulnerability, setting off the reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. This issue has been patched, though Talos initially released it as a zero-day when no patch was available.

**Milesight UR32L firmware update vulnerability **

_Discovered by Francesco Benvenuto._ 

The Milesight UR32L wireless router contains a vulnerability that could force the device to implement any firmware update, regardless of its legitimacy.  

TALOS-2023-1852 (CVE-2023-47166) exists because the UR32L, an industrial cellular router, never checks the validity of the uploaded firmware. This could allow an adversary to upgrade the router with arbitrary firmware they created. 

Talos has previously covered how an adversary could chain together several other vulnerabilities in the UR32L to completely take over the device. Talos released 22 security advisories in July 2023, nine of which have a CVSS score greater than 8. 

_Discovered by Emmanuel Tacheau._ 

A heap-based buffer overflow vulnerability exists in the comment functionality of stb \_vorbis.c, an open-source, single-header file library used to decode Ogg Vorbis non-proprietary audio files. Ogg Vorbis is an open-source, patent- and royalty-free, general-purpose compressed audio format. 

TALOS-2023-1846 (CVE-2023-47212) is triggered if an adversary sends the target a specially crafted .ogg file, which can lead to an out-of-bounds write. With enough heap grooming, an adversary could use this vulnerability to achieve arbitrary code execution.

Talos discloses multiple zero-day vulnerabilities, two of which could lead to code execution

The iPhone maker has detected spyware attacks against people in more than 150 countries. Knowing if your device is infected can be tricky—but there are a few steps you can take to protect yourself.

All that needs to happen is, the victim receives an iMessage with an attachment containing a zero-click exploit. “Without any further interaction, the message triggers a vulnerability, leading to code execution for privilege escalation and providing full control over the infected device,” says Boris Larin, principal security researcher at Kaspersky's Global Research & Analysis Team.

Once the attacker establishes their presence on the device, he says, the message is automatically deleted.

**Rise of Pegasus**

The most prominent and well-known spyware is Pegasus, made by Israeli firm NSO Group to target vulnerabilities in iOS and Android software.

Spyware only exists because of vendors such as NSO Group, which claims it sells exploits to governments only to hunt criminals and terrorists. “Any customers, including governments in Europe and North America, agree not to disclose those vulnerabilities,” says Richard Werner, cybersecurity advisor at Trend Micro.

Despite NSO Group’s claims, spyware has continued to target journalists, dissidents, and protesters. Saudi journalist and dissident Jamal Khashoggi’s wife, Hanan Elatr, was allegedly targeted with Pegasus before his death. In 2021, _New York Times_ reporter Ben Hubbard learned his phone had been targeted twice with Pegasus.

Pegasus was silently implanted onto the iPhone of Claude Magnin, the wife of the political activist Naama Asfari, who was jailed and allegedly tortured in Morocco. Pegasus has also been used to target pro-democracy protesters in Thailand, Russian journalist Galina Timchenko, and UK government officials.

In 2021, Apple filed a lawsuit against NSO Group and its parent company to hold it accountable for “the surveillance and targeting of Apple users.”

The case is still ongoing, with NSO Group attempting to dismiss the lawsuit, but experts say the problem is not going to go away as long as spyware vendors are able to operate.

David Ruiz, senior privacy advocate at security firm Malwarebytes, blames “the obsessive and oppressive operators behind spyware, who compound its danger to society.”

**The Spyware Drain**

If you think you may be targeted by spyware, there are only a few useful things you can do. First, enable Apple's Lockdown Mode, which disables certain features but is surprisingly usable and can protect your iPhone from getting infected in the first place. Second, if you suspect your device is already infected, helplines are available to aid you in removing spyware, such as Access Now’s Digital Security Helpline and Amnesty International’s Security Lab.

Detecting spyware can be extremely challenging—and for sophisticated spyware like Pegasus, discovering an infection on your own is all but impossible. There are less-sophisticated types of spyware that can cause unusual behavior, such as your battery draining quickly, unexpected shutdowns, or high data usage could be indicative of some types of infections, says Javvad Malik, lead security awareness advocate at security training organization KnowBe4. While specific apps claim to spot spyware, their effectiveness can vary, and professional assistance is often necessary for reliable detection, he says.

Apple’s iPhone Spyware Problem Is Getting Worse. Here’s What You Should Know

By Uzair Amir
Remember Minesweeper? It's not just a game - it's a hidden training ground for work skills! Sharpen your decision-making, focus, and strategic thinking with every click.
This is a post from HackRead.com Read the original post: A Mind at Play: Rediscovering Minesweeper in the Professional Arena

Do you remember the first time you stumbled upon Minesweeper online? It could be during a lazy afternoon at a school computer lab or a quick break at your first job. Something about that grid of grey squares beckons like a puzzle waiting to be solved—a momentary escape that, surprisingly, could be one of your best tools for professional growth today.

****The Puzzle of Decision-Making****

Imagine you’re back in that chair, the mouse under your fingertips. Each click in Minesweeper isn’t just a guess; it’s a decision with risks and rewards that are not unlike the choices you face in your career.

Like navigating through a particularly tricky business dilemma, each square you uncover on the Minesweeper grid teaches you more about the landscape, helping you make the next decision more informed. It’s a dance of logic and anticipation—skills that, when refined, translate into a sharp acumen for analyzing complex professional scenarios.

Remember that feeling when you correctly predict a mine’s location? That’s your analytical skills growing more strong, one click at a time.

****A Masterclass in Focus****

Now, think about the intense concentration Minesweeper demands. Each square could mean triumph or game over, akin to the high stakes of missing a critical detail in a client report or a coding error in a software launch.

This game hones your ability to focus and pay attention to the minutiae—skills that elevate the quality of your work and your productivity. The game’s grid challenges you to spot inconsistencies and patterns, just as in a complex dataset or a crucial project blueprint.

****Strategizing Several Steps Ahead****

Strategic foresight in Minesweeper involves planning several moves, assessing potential outcomes, and managing risks—essential for effective project management and long-term planning in the professional realm. Playing Minesweeper cultivates a mindset that values strategic preparation and adaptability, preparing you to steer projects and negotiations toward success.

****Unwind and Adapt****

Beyond sharpening your technical skills, Minesweeper is a refuge from the daily grind. The familiar grid offers a structured yet soothing distraction that can help clear your mind, akin to meditation. It’s not just about escaping stress but about adapting to it and managing it—key for sustaining performance during crunch times at work.

Moreover, the mental flexibility needed to toggle between strategies in the game mirrors the rapid switching between tasks that’s common in today’s workplace, enhancing your cognitive agility.

****Ready at Your Fingertips****

One of the most significant benefits of Minesweeper is its accessibility. Whether you have a ten-minute break or just a few moments between meetings, it can engage your brain without a substantial time investment. These short bursts of cognitive exercise can strengthen mental agility, fostering a strong cognitive reserve that enhances career longevity and success.

****Conclusion: More Than Just a Game****

As you integrate Minesweeper into your daily routine, you’ll find it’s more than nostalgic play; it’s a deliberate practice in cognitive enhancement. Each game is a step towards becoming a sharper, more attentive, and strategic professional. So, next time you need a break, consider spending it with Minesweeper—not just for fun but also for your professional development.

Rediscovering Minesweeper in this light might change how you view every click—as clearing mines and planting seeds for a more robust professional future.

1.  4 Best War Games You Should Play
2.  12 Classic Games You Can Play on Your Smartphone
3.  The Best FPS Games on Android: Popular by Demand
4.  5 Casual Games You Can Play on Your Mobile Browser Now
5.  Run Windows 95 on your Mac, Linux and Windows 10 devices

A Mind at Play: Rediscovering Minesweeper in the Professional Arena

Plus: An assassination plot, an AI security bill, a Project Nimbus revelation, and more of the week’s top security news.

This week, WIRED reported that a group of prolific scammers known as the Yahoo Boys are openly operating on major platforms like Facebook, WhatsApp, TikTok, and Telegram. Evading content moderation systems, the group organizes and engages in criminal activities that range from scams to sextortion schemes.

On Wednesday, researchers published a paper detailing a new AI-based methodology to detect the “shape” of suspected money laundering activity on a blockchain. The researchers—composed of scientists from the cryptocurrency tracing firm Elliptic, MIT, and IBM—collected patterns of bitcoin transactions from known scammers to an exchange where dirty crypto could get turned into cash. They used this data to train an AI model to detect similar patterns.

Governments and industry experts are sounding the alarm about the potential for major airline disasters due to increasing attacks against GPS systems in the Baltic region since the start of the war in Ukraine. The attacks can jam or spoof GPS signals, and can result in serious navigation issues. Officials in Estonia, Latvia, and Lithuania blame Russia for the GPS issues in the Baltics. Meanwhile, WIRED went inside Ukraine’s scrappy and burgeoning drone industry, where about 200 companies are racing to build deadlier and more efficient autonomous weapons.

An Australian firm that provided facial recognition kiosks for bars and clubs appears to have exposed the data of more than 1 million records of patrons. The episode highlights the dangers of giving companies your biometric data. In the United States, the Biden administration is asking tech companies to sign a voluntary pledge to make “good-faith” efforts to implement critical cybersecurity improvements. This week we also reported that the administration is updating its plan for protecting the country’s critical infrastructure from hackers, terrorists, and natural disasters.

And there’s more. Each week, we highlight the news we didn’t cover in depth ourselves. Click on the headlines below to read the full stories. And stay safe out there.

**How Israeli Weapons Firms Use Amazon and Google**

A government procurement document unearthed by The Intercept reveals that two major Israeli weapons manufacturers are required to use Google and Amazon if they need any cloud-based services. The reporting calls into question repeated claims from Google that the technology it sells to Israel is not used for military purposes—including the ongoing bombardment of Gaza that has killed more than 34,000 Palestinians. The document contains a list of Israeli companies and government offices “required to purchase” any cloud services from Amazon and Google. The list includes Israel Aerospace Industries and Rafael Advanced Defense Systems, the latter being the manufacturer of the infamous “Spike” missile, reportedly used in the April drone strike that killed seven World Central Kitchen aid workers.

In 2021, Amazon and Google entered into a contract with the Israeli government in a joint venture known as Project Nimbus. Under the arrangement, the tech giants provide the Israeli government, including its Israel Defense Forces, with cloud services. In April, Google employees protested Project Nimbus by staging sit-ins at offices in Silicon Valley, New York City, and Seattle. The company fired nearly 30 employees in response.

A mass surveillance tool that eavesdrops on wireless signals emitted from smartwatches, earbuds, and cars is currently being deployed at the border to track people’s location in real time, a report from Notus revealed on Monday. According to its manufacturer, the tool, TraffiCatch, associates wireless signals broadcast by commonly used devices with vehicles identified by license plate readers in the area. A captain from the sheriff’s office in Webb County, Texas—whose jurisdiction includes the border city of Laredo—told the publication that the agency uses TraffiCatch to detect devices in areas where they shouldn’t be, for instance, to find trespassers.

Several states require law enforcement agencies to obtain warrants before deploying devices that mimic cell towers to obtain data from the devices tricked into connecting to it. But in the case of TraffiCatch, a technology that passively siphons ambient wireless signals out of the air, the courts haven’t yet weighed in. The report highlights how signals intelligence technology, once exclusive to the military, is now available for purchase by both local governments and the general public.

**An Indian Assassination Plot in America**

_The Washington Post_ reports that an officer in India's intelligence service, the Research and Analysis Wing, was allegedly involved in a botched plan to assassinate one of Indian prime minister Narendra Modi's top critics in the United States. The White House said Monday that it was taking the matter "very, very seriously," while India's foreign ministry blasted the _Post_ report as "unwarranted" and "not helpful." The alleged plot to murder the Sikh separatist, Gurpatwant Singh Pannun, a dual citizen of the United States and Canada, was first disclosed by US authorities in November.

Canadian authorities previously announced having obtained "credible" intel allegedly linking the Indian government to the death of another separatist leader, Hardeep Singh Nijjar, who was shot to death outside a Sikh temple in a Vancouver suburb last summer.

**An AI Security Bill Emerges**

US lawmakers have introduced a bill aimed at establishing a new wing of the National Security Agency dedicated to investigating threats aimed at AI systems—or "counter-AI." The bipartisan bill, introduced by Mark Warner and Thom Tillis, a Senate Democrat and Republican, respectively, would further require agencies including the National Institute of Standards and Technology (NIST) and the Cybersecurity and Infrastructure Security Agency (CISA) to track breaches of AI systems, whether successful or not. (The NIST currently maintains the National Vulnerability Database, a repository for vulnerability data, while the CISA oversees the Common Vulnerabilities and Exposures Program, which similarly identifies and catalogues publicly disclosed malware and other threats.)

The Senate bill, known as the Secure Artificial Intelligence Act, aims to expand the government's threat monitoring to include "adversarial machine learning"—a term that is essentially synonymous with "counter-AI"—which serves to subvert AI systems and “poison” their data using techniques vastly dissimilar to traditional modes of cyberwarfare.

A New Surveillance Tool Invades Border Towns

Microsoft is rolling out passkey support for all devices. Here's a quick guide on how to create one.

Microsoft is rolling out passkey support for all consumer accounts.

Passkeys are a very secure replacement for passwords that can’t be cracked, guessed or phished, and let you log in easily, without having to type a password every time.

After enabling them in Windows 11 last year, Microsoft account owners can now generate passkeys across multiple platforms including Windows, Android, and iOS. You can create passkeys for your Microsoft account, and you can choose your face, fingerprint, PIN, or a security key to secure it.

**How to set up a passkey**

To create a passkey for your Microsoft account, follow these steps on the device where you’d like to create a passkey:

*   Sign in to your Microsoft account.
*   Navigate to **Security**  > **Advanced Security Options**.

*   Click on **Get started**.
*   Choose **Add a new way to sign in or verify**.

Note: Under certain circumstances, somewhere along the way you may end up in this screen which basically offers you the same choices in a prompt.

*   To create a passkey: Select **Face, fingerprint, PIN, or security key**.
*   Follow the instructions on your device.
*   During this process, you can choose to save the passkey to different devices like your Android, iPad, or iPhone, or a hardware key.
*   You’ll be presented with a QR code to scan with the selected device.
*   On the selected device you’ll be asked to authenticate.
*   When the procedure is successful, you’ll be asked to provide a name for the passkey. A good choice is to use a name that gives away the location where you stored the passkey.

Where is you passkey saved? Give this passkey a name to easily manage it later.

*   After confirming the name you’ll see this confirmation.

Passkey added. You can now use this passkey to sign in to your account.

**Removing a passkey**

Should you have second thoughts and want to remove a passkey, follow these steps:

*   Visit the **Advanced Security Options**.
*   From the list under **Ways to prove who you are**, select the passkey you’d like to remove.
*   Choose **Remove**.

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

 You get a passkey, you get a passkey, everyone should get a passkey 

Outabox, an Australian firm that scanned faces for bars and clubs, suffered a breach that shows the problems with giving companies your biometric data.

Police and federal agencies are responding to a massive breach of personal data linked to a facial recognition scheme that was implemented in bars and clubs across Australia. The incident highlights emerging privacy concerns as AI-powered facial recognition becomes more widely used everywhere from shopping malls to sporting events.

The affected company is Australia-based Outabox, which also has offices in the United States and the Philippines. In response to the Covid-19 pandemic, Outabox debuted a facial recognition kiosk that scans visitors and checks their temperature. The kiosks can also be used to identify problem gamblers who enrolled in a self-exclusion initiative. This week, a website called “Have I Been Outaboxed” emerged, claiming to be set up by former Outabox developers in the Philippines. The website asks visitors to enter their name to check whether their information had been included in a database of Outabox data, which the site alleges had lax internal controls and was shared in an unsecured spreadsheet. It claims to have more than 1 million records.

The incident has rankled privacy experts who have long set off alarm bells over the creep of facial recognition systems in public spaces such as clubs and casinos.

“Sadly, this is a horrible example of what can happen as a result of implementing privacy-invasive facial recognition systems,” Samantha Floreani, head of policy for Australia-based privacy and security nonprofit Digital Rights Watch, tells WIRED. “When privacy advocates warn of the risks associated with surveillance-based systems like this, data breaches are one of them.”

According to the Have I Been Outaboxed website, the data includes “facial recognition biometric, driver licence \[sic\] scan, signature, club membership data, address, birthday, phone number, club visit timestamps, slot machine usage.” It claims Outabox exported the “entire membership data” of IGT, a supplier of gambling machines. IGT vice president of global communications Phil O’Shaughnessy tells WIRED that “the data affected by this incident has not been obtained from IGT,” and that the firm would work with Outabox and law enforcement.

The website’s owners posted a photo, signature, and redacted driver license belonging to one of Outabox’s founders, as well as a redacted screenshot of the alleged internal spreadsheet. WIRED was unable to independently verify the identity of the website’s owners or the authenticity of the data they claimed to have. An email sent to an address on the website was not returned.

"Outabox is aware and responding to a cyber incident potentially involving some personal information,” an Outabox spokesperson tells WIRED. “We have been in communication with a group of our clients to inform them and outline our strategy to respond. Due to the ongoing Australian police investigation, we are not able to provide further information at this time.”

The New South Wales police force confirmed to WIRED that it was investigating a data breach on Wednesday, but a spokesperson declined to share further details. On Thursday, the force announced that it, working alongside federal and state agencies, had arrested an unnamed 46-year-old man in a Sydney suburb. He is expected to be charged with blackmail.

Clubs that used Outabox’s technology posted announcements about the incident and notified clients this week. One person who posted a breach notification from a club they visited recounted their experience with the facial recognition system. “My fondest memory of this system is visiting a club and having it confidently match my face to a member that was clearly 20+ years older than me, and looked nothing like me,” they wrote in a post on X. The club did not respond to a request for comment.

The Have I Been Outaboxed website, which is still online at the time of writing, alleges that Outabox stopped paying its developers in the Philippines. AI companies frequently employ low-cost overseas labor, including in the Philippines, to power their systems. The website encourages anybody whose data is included in the breach to contact venues and ask that they remove Outabox’s system. The site, which was set up last week according to online records, lists 19 venues. WIRED searched the database for prominent Australians including politicians, and it returned redacted results listing their name and the venues they allegedly attended.

“We are aware of a malicious website carrying a number of false statements designed to harm our business and defame our senior staff,” the Outabox spokesperson says. “We believe this is linked and urge people not to repeat false and reputationally damaging misinformation.” Outabox declined to specify which statements are false, citing the police investigation.

It’s unclear how much of the story told on the website is true, or whether the perpetrators even have the claimed biometric data. Australian cybersecurity expert Troy Hunt, founder of the breach notification website Have I Been Pwned, tells WIRED that there is little reason to doubt it at this time.

“I haven’t seen any reason not to take this at face value, which means they have exactly what they say they have,” he says. In posts on X, Hunt speculated that the website’s posting may have been preceded by demands that were not met, and that the perpetrators’ actions now “clearly land” in the realm of criminality.

“Offshoring is a messy discussion between the legalities of data sovereignty, perceived shortcomings of foreign labor, and frankly, a big dose of xenophobia,” Hunt says. “It’s not like Aussie developers doing exactly the same thing would have made this OK.”

Floreani of Digital Rights Watch says that the incident illustrates the “significant negative consequences” that can arise from collecting sensitive biometric data. “We need bold privacy reform and strict limitations on facial recognition technology,” she says. “As always, surveillance isn’t safety.”

Tag

#ios