Security News

List of Old NSA Training Videos
2024-09-03 16:03

The NSA’s “National Cryptographic School Television Catalogue” from 1991 lists about 600 COMSEC and SIGINT training videos. There are a bunch explaining the operations of various cryptographic...

New Research in Detecting AI-Generated Videos
2024-07-29 11:02

The new tool the research project is unleashing on deepfakes, called "MISLnet", evolved from years of data derived from detecting fake images and video with tools that spot changes made to digital video or images. These may include the addition or movement of pixels between frames, manipulation of the speed of the clip, or the removal of frames.

Telegram App Flaw Exploited to Spread Malware Hidden in Videos
2024-07-24 11:59

A zero-day security flaw in Telegram's mobile app for Android called EvilVideo made it possible for attackers to malicious files disguised as harmless-looking videos. The exploit appeared for sale...

Vulnerability in Telegram app for Android allows sending malicious files disguised as videos
2024-07-23 09:04

Using the exploit to abuse a vulnerability that ESET named "EvilVideo," attackers could share malicious Android payloads via Telegram channels, groups, and chats, and make them appear to be multimedia files. "We found the exploit being advertised for sale on an underground forum. In the post, the seller shows screenshots and a video of testing the exploit in a public Telegram channel. We were able to identify the channel in question, with the exploit still available. That allowed us to get our hands on the payload and test it ourselves," explains ESET researcher Lukáš Štefanko, who discovered the Telegram exploit.

Telegram zero-day allowed sending malicious Android APKs as videos
2024-07-22 14:41

A Telegram for Android zero-day vulnerability dubbed 'EvilVideo' allowed attackers to send malicious Android APK payloads disguised as video files. A threat actor named 'Ancryno' first began selling the Telegram zero-day exploit on June 6, 2024, in a post on the Russian-speaking XSS hacking forum, stating the flaw existed in Telegram v10.14.4 and older.

YouTube tests harder-to-block server-side ad injection in videos
2024-06-13 14:42

YouTube reportedly now injects ads directly into video streams to make it more difficult for ad blockers to block advertisements. Currently, YouTube performs client-side ad injection, where JavaScript scripts and the video player on a user's device load and display ads.

Ad blocker users say YouTube videos are now skipping to the end
2024-05-28 14:21

The issue began yesterday, and although it does not appear to impact everyone, it is far from isolated, with affected users reporting that it affects all YouTube videos. The reports come from users of ad blockers on both Chrome and Firefox, like Adblock Plus, as well as web browsers that have integrated ad-blocking systems, such as OperaGX. A first reported by 9to5Google, many users are accusing YouTube of intentionally causing this problem, as Google has begun cracking down on the use of ad blockers on YouTube over the past year.

YouTube stops recommending videos when signed out of Google
2024-03-10 22:16

YouTube is no longer showing recommended videos to users logged out of a Google account or using Incognito mode, making people concerned they are being bullied into always being signed into the service. This change, which is now rolling out, shows a simple YouTube homepage without any videos or tips on what to watch.

OpenAI’s Sora Generates Photorealistic Videos
2024-02-16 21:37

OpenAI released on Feb. 15 an impressive new text-to-video model called Sora that can create photorealistic or cartoony moving images from natural language text prompts. Sora isn't available to the public yet; instead, OpenAI released Sora to red teamers - security researchers who mimic techniques used by threat actors - to assess possible harms or risks.

Beware! YouTube Videos Promoting Cracked Software Distribute Lumma Stealer
2024-01-09 08:17

Threat actors are resorting to YouTube videos featuring content related to cracked software in order to entice users into downloading an information stealer malware called Lumma. “These YouTube...