News Items

JFrog's latest report examines the most common vulnerabilities in 2022 and provides an in-depth analysis of the open-source security flaws that have the most impact on DevOps and DevSecOps teams. The report reveals that the severity of six of the top 10 CVEs was overrated, suggesting that the NVD rating was greater than in JFrog's research. In addition, CVEs frequently found in companies are low-severity issues that were never resolved. Sixty-four percent of the top 50 CVEs discovered in Artifactory were overrated, while 26 percent were equal, and 10 percent were underrated. It takes around 246 days to fix a security vulnerability, and most organizations have limited resources. Therefore, appropriately identifying and prioritizing the mitigation of the most serious vulnerabilities is essential. This article continues to discuss key findings shared in the latest report from JFrog that looks at the most prevalent vulnerabilities in 2022.

BetaNews reports "Real-World Analysis Finds the Severity of Many CVEs Is Overrated"

Apple recently announced the release of updates for macOS, iOS, and Safari, and they all include a WebKit patch for a new zero-day vulnerability tracked as CVE-2023-23529. The zero-day, described as a type confusion issue, can be exploited for arbitrary code execution by getting the targeted user to access a malicious website. Apple noted that an anonymous researcher has been credited for reporting CVE-2023-23529 and that no information has been made public on the attacks exploiting the vulnerability. In addition to the zero-day, Apple's latest macOS update, Ventura 13.2.1, patches a code execution issue in the kernel (CVE-2023-23514) reported by researchers at Google Project Zero and Pangu Lab, as well as a shortcuts-related flaw that can expose user data (CVE-2023-23522), reported by researchers of the Alibaba Group. Apple did not mention any reports of exploitation associated with these two vulnerabilities. The iOS and iPadOS 16.3.1 updates also fix the CVE-2023-23514 kernel issue in addition to the zero-day. Apple noted that the latest Safari update, version 16.3.1, only fixes the zero-day flaw.

SecurityWeek reports: "Apple Patches Actively Exploited WebKit Zero-Day Vulnerability"

Spain's Policia Nacional has teamed up with the US Secret Service recently to dismantle a cybercrime gang that stole millions of dollars from US citizens and companies. Nine suspected members of the group have been arrested, eight in Madrid and one in Miami. The group received close to $5.4m from their victims, which they spent on luxury items, including high-end watches costing as much as $215,000 each. According to the police, the scammers would send individuals and US companies phishing emails and texts to trick them into handing over sensitive personal and financial information. They would follow up with vishing calls to obtain any remaining details needed, masking the origin of the calls. The police noted that in some cases, members of the group would host three-way calls in which they spoke simultaneously with victims and their US banks in order to bypass security checks and access accounts. They used stolen details to make fraudulent payments and transfer victims' funds to 100 bank accounts in Spain, which were set up to launder the money. According to the police, the money was then withdrawn at ATMs, sent abroad via new bank transfers, or converted into crypto assets. Alongside the seizure of luxury items, including watches, police confiscated 44 mobile phones, four laptops, three desktop computers, three tablets and monitors, bags full of luxury clothing and shoes, documents and bank cards, a compressed air gun, eight false passports, and assorted jewelry. Spanish police have frozen 74 of the bank accounts and assets of more than $538,000.

Infosecurity reports: "Spanish Police Bust EU5m Phishing Gang"

"Swiss Army Knife" malware is multi-purpose malware that can execute malicious actions throughout the cyber kill chain while evading security controls. According to Picus Security's analysis of over 550,000 real-world malware samples obtained from commercial and open-source threat intelligence services, security vendors, researchers, malware sandboxes, and databases, this form of malware is rising. By observing the malware's behavior, the company extracted more than 5 million malicious actions and used this information to determine the ten most common ATT&CK methods used by malicious actors in 2022. These techniques include the use of command and scripting interpreters to run arbitrary code, dumping credentials from the compromised system's operating system and utilities, the injection of malicious code into legitimate processes, and more. The average malware uses eleven different tactics, techniques, and procedures (TTPs). Thirty-two percent of malware uses over 20 TTPs, and one-tenth leverages more than 30 TTPs. This article continues to discuss findings from Picus Security's analysis of over 550,000 real-world malware samples.

Help Net Security reports "Malware That Can Do Anything and Everything Is on the Rise"

In a new financially driven cyberattack campaign, hackers are using a variant of the Xorist commodity ransomware named 'MortalKombat' along with the Laplas clipper. Both malware infections are used to carry out financial fraud, with the ransomware extorting victims and Laplas hijacking cryptocurrency transactions to steal cryptocurrency. Last year, Laplas was released, acting as a cryptocurrency hijacker that monitors the Windows clipboard for cryptocurrency addresses and, if detected, replaces them with ones under the attacker's control. Regarding MortalKombat, Cisco Talos reports that the new ransomware is based on the Xorist commodity ransomware family, which uses a builder to allow threat actors to modify the malware. Since 2016, Xorist has been decryptable for free. The majority of the victims of the attacks seen by Talos researchers were located in the US, with others in the UK, Turkey, and the Philippines. This article continues to discuss findings surrounding the new MortalKombat ransomware.

Bleeping Computer reports "New 'MortalKombat' Ransomware Targets Systems in the US"

Due to their immense computing capability, quantum computers could undermine today's data encryption systems. Therefore, several partners, led by KEEQuant GmbH, are developing a new way to secure optical data transmission in wireless networks using light and quantum keys. The project called "QuINSiDa - Quantum-based Infrastructure Networks for Safety-critical Wireless Data Communication" is funded by the German Federal Ministry of Education and Research BMBF. Prior research has focused on secure long-distance data communication for applications in the global data infrastructure. Li-Fi technology enables users to network over short distances through optical signals. It allows complete use of the available spectral data bandwidth in an area without interference from outside. The novel technology of quantum cryptography is advancing worldwide. It involves Quantum Key Distribution (QKD) where a cryptographic key is distributed, the security of which can be proven from an information-theoretic point of view. In QKD, when keys are created, quantum states in the form of light are prepared and exchanged between network participants. When the quantum states are received, they are measured and post-processed to generate keys identical on both sides but hidden from an attacker. The QuINSiDa project is the first to combine the two technologies to create a QKD over Li-Fi system. According to Imran Khan, Managing Director of KEEQuant GmbH, the purpose of the project is to demonstrate a quantum-based data communication network that wirelessly and flexibly connects multiple end users to a secure backbone infrastructure or that can be deployed independently as a secure campus network. The researchers want to use a flexible wireless data communication network in a point-to-multipoint scenario to simultaneously protect individual communication channels on the basis of quantum keys. This article continues to discuss the QuINSiDa project that links Li-Fi technology and quantum cryptography.

Microwave Journal reports "Secure Optical Data Communication Using Quantum Cryptography and Li-Fi"

According to Uri Gal, a Professor of Business Information Systems at the University of Sydney Business School, ChatGPT poses significant privacy risks. ChatGPT is supported by a Large Language Model (LLM) that requires large quantities of data to function and advance. The more training data the model receives, the better it becomes at spotting patterns, predicting what will occur next, and generating probable language. OpenAI, the company behind ChatGPT, fed the tool with about 300 billion words scraped from the Internet, including books, articles, websites, and posts, which also involve personal information gathered without permission. Therefore, according to Gal, if a person has ever written a blog post, product review, or online comment, there is a strong possibility that ChatGPT has consumed this information. Gal points out that there are several problems with the data collection used to train ChatGPT. First, nobody was asked if OpenAI could use their data, which violates privacy, especially when the data is sensitive and can be used to identify individuals, their family members, or their location. Even if data is publicly accessible, its use can violate "contextual integrity," a key principle in privacy law. This principle refers to the requirement that personal information is not disclosed outside of the original context in which it was produced. In addition, OpenAI provides no way for individuals to determine if the company stores their personal information or to request its deletion. This article continues to discuss the privacy risks of ChatGPT.

The Conversation reports "ChatGPT Is a Data Privacy Nightmare. If You've Ever Posted Online, You Ought to Be Concerned"

Pig butchering scams have already resulted in the theft of hundreds of millions of dollars. Although attackers, primarily crime groups in China, have written scripts and playbooks for carrying out the attacks, new discoveries from researchers at the security firm Sophos reveal how pig butchers are modifying and refining their techniques to trap more victims. In order to remain relevant and capture new victims pig butchering attacks have implemented both more convincing narratives to attract targets and more advanced technology to convince victims that they can make a lot of money. Even before these improvements, the scheme was lucrative. In 2021, the FBI's Internet Crime Complaint Center received over 4,300 reports of pig butchering scams resulting in over $429 million in losses. Sean Gallagher, a senior cybersecurity researcher at Sophos tracked two pig butchering scam campaigns that had targeted his personal accounts and devices. Beginning in October 2022, he engaged the scammers via Twitter Direct Messages (DMs) and SMS text messaging to see where the scheme would lead him. This article continues to discuss findings and observations from the investigation of two pig butchering campaigns led by Gallagher.

Wired reports "Pig Butchering Scams Are Evolving Fast"

Nearly half of organizations identify applying threat intelligence throughout cybersecurity operations as one of the top difficulties they face today. Although most business leaders (96 percent) are satisfied with the quality of threat information their organization uses, effectively using threat intelligence remains a significant challenge, according to a new survey conducted by Mandiant. The difficulty in integrating threat intelligence into security operations poses a threat to organizations' ability to proactively mitigate attacks as they traverse an increasingly dangerous threat landscape. "Information overload" is a major factor in the difficulty faced by organizations wanting to enhance their threat intelligence capabilities, Mandiant cautioned. As a result of the heightened level of danger currently within the global threat landscape, security professionals now need to process a higher amount of data daily. About 38 percent of respondents cited "knowing what to do with the information" they collected as a key issue, and as a result, they believe they may overlook possible threats. In addition, the majority of respondents expressed fear that they may miss incidents due to the volume of alerts and data they receive. This article continues to discuss the growing volume of security data making it difficult for security teams to effectively mitigate emerging threats.

ITPro reports "Information Overload Is a Key Barrier to Effective Threat Intelligence, Says Mandiant"

Researchers at USC Viterbi have created a data-securing algorithm that enhances fairness. Shen Yan, a newly graduated Ph.D. student at USC Viterbi's Information Sciences Institute (ISI) and co-author of "FairFed: Enabling Group Fairness in Federated Learning," stated that Artificial Intelligence (AI) systems make decisions depending on the data they observe. It is possible for decisions based on biased data to be skewed, regardless of whether they are made by a human or an AI system. Debiasing the source of information can help reduce the bias of Machine Learning (ML) algorithms. However, these sources are not always available. Federated learning is an ML technique for training algorithms across multiple decentralized datasets without exchanging local data samples. Federated learning supports privacy because it does not require direct access to data, making it an ideal solution for sensitive data such as financial or medical records. Motivated by the significance and difficulties of group fairness in federated learning, the researchers created FairFed, an algorithm designed to improve group fairness in federated learning. This article continues to discuss the fairness-enhancing algorithm that also keeps data secure.

USC Viterbi reports "Training Algorithms To Make Fair Decisions Using Private Data"

Killnet, a pro-Russia hacking group, launched a Distributed Denial-of-Service (DDoS) attack against NATO websites, including the NATO Special Operations Headquarters (NSHQ) website. The incident was confirmed by NATO, while the hacker group revealed its involvement on its Telegram channel. The NSHQ website remained inaccessible for two hours. The attack also affected the website of the Strategic Airlift Capability, a multinational effort that offers its participating nations guaranteed access to military airlift capability to meet the rising need for strategic and tactical airlifts. Since March 2022, the Killnet group has been in operation, launching DDoS attacks against the governments and critical infrastructure of Ukraine-supporting countries such as Italy, Romania, Moldova, the Czech Republic, Lithuania, Norway, and Latvia. This article continues to discuss the pro-Russia hacker group Killnet launching a DDoS attack on NATO servers, including the NSHQ website.

Security Affairs reports "Pro-Russia Hacker Group Killnet Targets NATO Websites With DDoS Attacks"

Security researchers at Sonatype have discovered another sizeable haul of malicious packages on the npm and PyPI open source registries, which could cause issues if unwittingly downloaded by developers. The researchers found 691 malicious npm packages and 49 malicious PyPI components containing crypto-miners, remote access Trojans (RATs), and more. The discoveries by the firm's AI tooling brings its total haul to nearly 107,000 packages flagged as malicious, suspicious, or proof-of-concept since 2019. It includes multiple packages containing the same malicious package.go file, a Trojan designed to mine cryptocurrency from Linux systems. According to the researchers, sixteen of these were traced to the same actor, trendava, who has now been removed from the npm registry. Separate finds include PyPI malware "minimums," which is designed to check for the presence of a virtual machine (VM) before executing. The idea is to disrupt attempts by security researchers, who often run suspected malware in VMs, to find out more about the threat. The researchers noted that the malware is designed to check if the current operating system is Windows. It then checks if the environment is not running in a virtual machine or sandbox environment. The researchers noted that if the environment is a virtual machine, the code immediately returns without executing any further. The researchers also discovered new Python malware combining the capabilities of a RAT and an information stealer. During their research, the researchers also found a suspicious-looking developer known as "infinitebrahamanuniverse" who uploaded over 33,000 packages self-described as sub-packages of "no-one-left-behind," or "nolb." The latter was removed last week after the npm security team found that it depended on every other known publicly available npm package. The researchers warned that if you check any npm package right now, you'll probably find under the dependents tab one of the nolb packages uploaded by infinitebrahamanuniverse. The researchers stated that by adding it to a typo-squatting package, that a threat actor can launch a denial-of-service (DoS) attack against a company's download channel, which can sabotage developers' time by forcing them to wait for their npm environment to be ready. The researchers noted that installing a package with this dependency can also cause excessive resource consumption.

Infosecurity reports: "Researchers Uncover 700+ Malicious Open Source Packages"

According to BetterCyber, the Play ransomware group placed the San Jose, California-based networking hardware manufacturer A10 Networks on its leak site after accessing the company's Information Technology (IT) infrastructure. BetterCyber revealed that the leak site claims the group contains technical documentation, agreements, employee documents, customer documents, and more. A10 Networks manufactures application delivery controllers and offers scalable, secure application solutions for on-premises, cloud, and edge-cloud environments. Additionally, it provides firewall and Distributed Denial-of-Service (DDoS) threat intelligence and mitigation services. A10 Networks services customers in 117 countries across the globe, including Yahoo, Alibaba, Deutsche Telekom, Softbank, GE Healthcare, Twitter, LinkedIn, Samsung, Uber, Sony Pictures, Windows Azure, Xbox, and more. Play ransomware, often known as PlayCrypt, is a relatively new ransomware family discovered in June 2022. Play focuses primarily on Latin American organizations. This article continues to discuss the Play ransomware group listing A10 Networks on its leak site.

DataBreachToday reports "Play Ransomware Lists A10 Networks on Its Leak Site"

Technion University, the top technology school in Israel, was impacted by a previously unknown ransomware group called DarkBit. To recover stolen data, the attackers are demanding 80 bitcoins (nearly $1.7 million) from the university. A ransom note retrieved by researchers at vx-underground and CyberIL suggests that the attackers' motivations are political, given the message included accusations regarding the university's alleged crimes. The university acknowledged the incident and stated that both Technion's experts and external security experts are investigating it. DarkBit ransomware is not associated with a recognized criminal organization or malware strain. However, its name is reminiscent of notorious gangs such as DarkSide and LockBit. This article continues to discuss the investigation and impact of the ransomware attack on Technion University.

Cybernews reports "Israel's Technion University Targeted With Ransomware"

Security researchers at Fortinet discovered five malicious packages on the Python Package Index (PyPI), stealing developers' passwords, Discord authentication cookies, and cryptocurrency wallets. PyPI is a software repository for Python-created packages. As the index has 200,000 packages, it allows developers to locate existing packages that meet specific project requirements, thereby saving them time and effort. The malicious packages containing the information-stealing malware 'W4SP Stealer' were uploaded to PyPI by a threat actor between January 27 and 29, 2023. Despite the removal of the packages, hundreds of software developers have already downloaded them. This article continues to discuss the discovery of malicious packages on PyPI containing the information-stealing malware W4SP Stealer.

Bleeping Computer reports "Devs Targeted by W4SP Stealer Malware in Malicious PyPI Packages"

US railways have undergone significant digital transformations, with distributed computer systems now handling many parts of their operations, potentially leaving them exposed to cyberattacks and other forms of sabotage. A malicious actor could theoretically interfere in various ways, from causing delays to causing an accident. A cyber or physical attack on railway infrastructure could be disastrous, especially if it targets trains transporting chemicals or dangerous products. Such an accident can have a domino effect, escalating the environmental catastrophe. Interactions between railways and other infrastructure increasingly rely on digital technologies, making them vulnerable to attacks. Researchers from the A. James Clark School of Engineering at the University of Maryland (UMD) are working to help the industry use these sophisticated technologies. UMD's civil and environmental engineering department houses the new Digital and Cyber Railway Engineering and Operations Center (DCREOC) aimed at expanding the use of high-tech tools to secure this critical section of the nation's infrastructure. The center will explore the application of quantum computing and technology to operational, logistical, and maintenance challenges in railway engineering. The center will use the quantum technology resources available at UMD, which is home to some laboratories and research centers dedicated to quantum-related research. Among these are the Joint Quantum Institute, the Joint Center for Quantum Information and Computer Science, the Quantum Technology Center, and the NanoCenter. This article continues to discuss the new UMD center aimed at bolstering the cybersecurity and safety of railway infrastructure.

The University of Maryland reports "New UMD Center to Focus on Railway Cybersecurity and Safety"

A team of researchers at Georgia State University conducted research that reveals the strategies used by scammers to earn people's trust and render them vulnerable to cybercrime. The issue known as "romance fraud" is often underreported and understudied. The team published an article on this subject in the American Journal of Criminal Justice. According to a report on cybercrime published by the FBI in 2021, online romance fraud losses have increased to about $956 million in recent years. In terms of losses, this makes it the third-ranked cybercrime overall. Fangzhou Wang, the study's principal author, is a doctoral student in the Department of Criminal Justice and Criminology at Georgia State University. She explains that the purpose of the study was to uncover risk and protective factors for those targeted by romance scammers in order to construct a model of victim vulnerability and resilience. Using testimonials as a basis for the study, they made a database of victims of romance fraud through data analysis software. They then studied the accounts of the victims to uncover recurrent patterns. The testimonials were those from victims who were approached on social media platforms such as Facebook and Twitter, or on dating services such as Tinder, Ashley Madison, and OkCupid. The researchers were able to identify a number of scammers' most prevalent and effective deception strategies and methods. They include the use of visceral, emotional triggers or influences, the fabrication of a crisis, the exploitation of likeability, and more. This article continues to discuss the study on understanding romance scammers through the perspective of their victims.

Georgia State University reports "Research Team at Georgia State University Is Identifying How Scammers Target Victims on Dating Apps"

According to data compiled by Ransomwhere, an open-source ransomware payment tracker, a new variant of ESXiArgs ransomware has infected over 1,250 VMware systems. Since the spread began on February 3, the original strain has affected at least 3,800 targets and at least 2,250 machines. According to Brett Callow, a threat analyst at Emsisoft, the slightly modified variant of the malware encrypts data more effectively and hinders data recovery. In response to the ongoing ransomware, the US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) and FBI recently issued a joint advisory providing guidelines as well as a recovery script. However, the agencies are now tracking new variants. Callow confirmed that a slight code change in ESXiArgs triggers a different encryption process that renders the recovery script ineffective. Based on Censys and Shodan data, the new strain has reinfected over 1,150 systems and accounts for 4 in 5 live infections. This article continues to discuss the new variant of ESXiArgs ransomware that has made the recently released recovery script ineffective.

Cybersecurity Dive reports "VMware Ransomware Evolves to Evade Data Recovery, Reinfects Servers"

According to a new report by CNBC, users have already found a way to work around ChatGPT's programming controls that restricts it from creating certain content deemed too violent, illegal, and more. According to CNBC, the prompt, called DAN (Do Anything Now), uses ChatGPT's token system against it. The command creates a scenario for ChatGPT it can't resolve, allowing DAN to bypass content restrictions in ChatGPT. CNBC noted that although DAN is only successful some of the time, a subreddit devoted to the DAN prompt's ability to work around ChatGPT's content policies has already racked up more than 200,000 subscribers.

Dark Reading reports: "Jailbreak Trick Breaks ChatGPT Content Safeguards"

Researchers at Avast have recently warned consumers to be on their guard after revealing an increase in scams using phishing emails and vishing fraud to steal their money. The researchers recorded an increase in refund and invoice fraud of 14% between October and November 2022 and then a further rise of 22% in December. The researchers noted that refund fraud covers a broad range of possible scenarios, including fraudulent emails alerting users that they have been charged twice for the service or product. These emails also contain links for users to request a refund, or alternatively, a phone number is provided for users to call fake support. Once on the phone, the scam agent will try to persuade the victim to download remote access software and open their bank account so they can "see the refund in process." However, the real goal is to drain that account of funds. The researchers stated that invoice fraud is more one-dimensional in that mainly businesses are sent bills for items they never ordered. The researchers noted that the scam succeeds mostly because the invoices look legitimate and unsuspecting employees don't look closely to see it's not real. They simply make the payment thinking someone else in their company placed the order. The researchers also noted a large uptick in tech support scams in the final two months of 2022. The researchers claimed the risk of UK consumers experiencing such scams increased by 11% in Q4 versus the previous quarter.

Infosecurity reports: "Refund and Invoice Scams Surge in Q4"

A new study conducted by a team of researchers from the University of Edinburgh and Trinity College Dublin discovered that high-end Android devices sold in China are shipped with spyware. Using static and dynamic code analysis techniques, the researchers examined the data sent by the preloaded system apps on Android devices from three of China's most popular smartphone vendors: Xiaomi, OnePlus, and Oppo Realme. The researchers found system, vendor, and third-party apps with dangerous permissions. According to the researchers, the apps were designed to stealthily exfiltrate user and device data, including system information, geolocation, user profiles, social relationships, and call history. The smartphones examined by the researchers were observed transferring data to the device manufacturer and Chinese mobile network providers. This malicious software could be used to spy on individuals and reveal their identities, putting their privacy at risk. This article continues to discuss the researchers' findings regarding top-of-the-line Android mobile devices sold in China being shipped with malware.

Security Affairs reports "Android Mobile Devices From Top Vendors in China Have Pre-installed Malware"

A sophisticated and highly targeted phishing attack compromised the systems of the popular social media website Reddit. According to the company, the malicious actors behind the attack gained access to internal documents, code, and business systems. Reddit revealed that the hackers used a landing page imitating the company's intranet site to target its employees. This website attempts to steal Reddit employees' two-factor authentication (2FA) tokens and credentials. After a single employee fell victim to the attack, the threat actor was able to get access to Reddit's internal systems. When the employee reported the incident to the security team, the organization became aware of the compromise. Reddit acknowledged that the stolen data contained some information on the company's advertisers. However, the company noted that passwords and credit card information were not accessed by the threat actors. This article continues to discuss the security breach experienced by Reddit.

Cybernews reports "Reddit Admits Security Breach"

A total of 38 security flaws were discovered in wireless Industrial Internet of Things (IIoT) devices from four different vendors, which presents an attack surface for threat actors seeking to exploit Operational Technology (OT) systems. Threat actors can leverage wireless IIoT device vulnerabilities to gain access to internal OT networks, according to the industrial cybersecurity firm Otorio. They can leverage these flaws to circumvent security layers and infiltrate target networks, putting critical infrastructure at risk or disrupting production. The flaws provide a remote attack entry point, allowing unauthenticated adversaries to establish a foothold and then use it to impact additional hosts, potentially causing major damage. Roni Gavrilov, a security researcher, stated that some of the detected vulnerabilities could be chained to grant an external actor direct access to thousands of internal OT networks via the Internet. Three of the 38 vulnerabilities impact ETIC Telecom's Remote Access Server (RAS) and could be exploited to take full control of devices. The InHand Networks InRouter 302 and InRouter 615 contain five other vulnerabilities that, if abused, can lead to command injection, information leakage, and code execution. This article continues to discuss the potential exploitation and impact of new vulnerabilities found in wireless IIoT devices.

THN reports "Critical Infrastructure at Risk from New Vulnerabilities Found in Wireless IIoT Devices"

The growth and democratization of Internet of Things (IoT) devices have increased the number of data-sharing devices, thus raising the number of threats that users face. Estimates indicate that if the current rate of growth continues, the cost of damages inflicted by cyberattacks will reach around $10.5 trillion per year by 2025, up from $3 trillion in 2015, a more than 200 percent rise. According to researchers at the Universitat Oberta de Catalunya (UOC), the development of cybersecurity solutions must be sustainable. The researchers say that any commitment to sustainability must try to make the Internet environmentally responsible, ensure equitable access, promote digital inclusion, and encourage social responsibility. These assumptions led the researchers to coordinate the Bringing Sustainable Cybersecurity to the Internet of Things (SECURING) project, which also includes the Universitat Autonoma de Barcelona and the Universitat Rovira i Virgili. The project, which is supported by the Spanish Ministry of Science and Innovation, aims to contribute to the sustainable development of the Internet by offering cybersecurity and privacy technologies that secure IoT infrastructures efficiently. The researchers behind SECURING want to provide innovative technological solutions to security and privacy challenges. With infrastructures centered on approaches for Intrusion Detection and Prevention (IDP), new sustainable privacy protocols, and a new communication paradigm for community-based crowdsensing, the researchers intend to make a contribution. This article continues to discuss the growth of IoT devices and the expected rise in the cost of cyberattacks, as well as the SECURING project aimed at developing new technological solutions to ensure the security and sustainability of IoT ecosystems.

The Open University of Catalonia (Universitat Oberta de Catalunya (UOC)) reports "By 2025 the Worldwide Cost of Cyberattacks Will Have Tripled Compared to 2015"