Connect with us

Latest News

0ktapus Phishing Campaign Targets Multi-Factor Authentication Systems | IDOs News

Avatar

Published

on

0ktapus Phishing Campaign Targets Multi-Factor Authentication Systems | IDOs News
0ktapus Phishing Campaign Targets Multi-Factor Authentication Systems | IDOs News







The recent surge in phishing attacks capable of bypassing multi-factor authentication (MFA) has raised significant concerns in the cybersecurity landscape. According to Fireblocks, these attacks underscore the vulnerabilities inherent even in systems protected by MFA, emphasizing the need for organizations to remain vigilant and not rely solely on a single security measure.

What is 0ktapus and who’s behind it?

One notable campaign, known as 0ktapus, serves as a critical case study in understanding these phishing attacks. Over recent years, 0ktapus has successfully targeted large organizations, including those in the cryptocurrency sector. The group behind this campaign, referred to as Scattered Spider or UNC3944, employs phishing via SMS and Telegram, and social engineering through platforms such as Okta. This campaign has compromised over 130 organizations globally, leaking thousands of credentials.

Attack Lifecycle and Deep-Dive

The 0ktapus campaigns, while simple, are highly effective. They target organizations using the Okta IAM/IdP platform, sending smishing messages to employees. These messages, often urgent, direct recipients to URLs mimicking their organization’s SSO/IdP page. The use of SMS over traditional email helps bypass enterprise security measures like mail gateways.

The campaign against Fireblocks began with phishing SMS messages from US-based numbers, mimicking legitimate communications and urging recipients to visit a link for a meeting with HR. This link redirected them to a counterfeit Okta login page. The attackers used domain spoofing and lookalike URLs to enhance authenticity. Victims entering their credentials on the fake page were then prompted for their 2FA token, with the information relayed in real-time to attackers via a Telegram bot.

A Recap of the Incident and How Fireblocks Handled It

Fireblocks’ threat hunting team detected the malicious domain within 30 minutes of its registration, immediately requesting a takedown and issuing company-wide alerts. The campaign was halted within two hours, with no credentials compromised. Fireblocks employs FIDO2-compliant and WebAuthn-compliant authentication, preventing attackers from using stolen credentials.

How to Protect Yourself and Your Business

Organizations can adopt several strategies to prevent similar attacks:

1) Strengthening MFA Implementation

Enhancing MFA with FIDO-2 and WebAuthn compliant authentication and biometric verification can reduce the risk of MFA bypass.

2) Conditional Access and Network Restrictions

Implementing device fingerprinting, IP restrictions, and host checks can mitigate the risk of credential reuse and phishing.

3) Enhancing User Training and Awareness

Regular training on recognizing phishing messages, coupled with simulated phishing exercises, can improve employee vigilance.

4) Leveraging Threat Intelligence and Threat Hunting

Robust detection solutions and threat hunting capabilities can detect and mitigate phishing campaigns before they escalate.

5) Regular Security Audits

Conducting regular security audits helps identify and rectify system vulnerabilities, ensuring defenses are up-to-date.

Phishing attacks targeting Okta and similar platforms remain a significant threat. The 0ktapus campaign illustrates how basic social engineering can bypass MFA and compromise organizations. By understanding these attack vectors and implementing best practices, businesses can enhance their defenses and protect their digital assets.

Image source: Shutterstock




Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest News

Enhancing Agent Planning: Insights from LangChain | IDOs News

Avatar

Published

on

Enhancing Agent Planning: Insights from LangChain | IDOs News
Enhancing Agent Planning: Insights from LangChain | IDOs News




Alvin Lang
Jul 21, 2024 04:57

LangChain explores the limitations and future of planning for agents with LLMs, highlighting cognitive architectures and current fixes.





According to a recent LangChain Blog post, planning for agents remains a critical challenge for developers working with large language models (LLMs). The article delves into the intricacies of planning and reasoning, current fixes, and future expectations for agent planning.

What Exactly Is Meant by Planning and Reasoning?

Planning and reasoning by an agent involve the LLM’s ability to decide on a series of actions based on available information. This includes both short-term and long-term steps. The LLM evaluates all available data and decides on the first step it should take immediately, followed by subsequent actions.

Most developers use function calling to enable LLMs to choose actions. Function calling, first introduced by OpenAI in June 2023, allows developers to provide JSON schemas for different functions, enabling the LLM to match its output with these schemas. While function calling helps in immediate actions, long-term planning remains a significant challenge due to the need for the LLM to think about a longer time horizon while managing short-term actions.

Current Fixes to Improve Planning by Agents

One of the simplest fixes is ensuring the LLM has all the necessary information to reason and plan appropriately. Often, the prompt passed into the LLM lacks sufficient information for reasonable decision-making. Adding a retrieval step or clarifying prompt instructions can significantly improve outcomes.

Another recommendation is changing the cognitive architecture of the application. Cognitive architectures can be categorized into general-purpose and domain-specific architectures. General-purpose architectures, like the “plan and solve” and Reflexion architectures, provide a generic approach to better reasoning. However, these may be too general for practical use, leading to the preference for domain-specific cognitive architectures.

General Purpose vs. Domain Specific Cognitive Architectures

General-purpose cognitive architectures aim to improve reasoning generically and can be applied to any task. For example, the “plan and solve” architecture involves planning first and then executing each step. The Reflexion architecture includes a reflection step after task completion to evaluate correctness.

Domain-specific cognitive architectures, on the other hand, are tailored to specific tasks. These often include domain-specific classification, routing, and verification steps. The AlphaCodium paper demonstrates this with a flow engineering approach, specifying steps like coming up with tests, then a solution, and iterating on more tests. This method is highly specific to the problem at hand and may not be applicable to other tasks.

Why Are Domain Specific Cognitive Architectures So Helpful?

Domain-specific cognitive architectures help by providing explicit instructions, either through prompt instructions or hardcoded transitions in code. This method effectively removes some planning responsibilities from the LLM, allowing engineers to handle the planning aspect. For instance, in the AlphaCodium example, the steps are predefined, guiding the LLM through the process.

Nearly all advanced agents in production utilize highly domain-specific and custom cognitive architectures. LangChain makes building these custom architectures easier with LangGraph, designed for high controllability, which is essential for creating reliable custom cognitive architectures.

The Future of Planning and Reasoning

The LLM space has been evolving rapidly, and this trend is expected to continue. General-purpose reasoning is likely to become more integrated into the model layer, making models more intelligent and capable of handling larger contexts. However, there will always be a need to communicate specific instructions to the agent, whether through prompting or custom cognitive architectures.

LangChain remains optimistic about the future of LangGraph, believing that as LLMs improve, the need for custom architectures will persist, especially for task-specific agents. The company is committed to enhancing the controllability and reliability of these architectures.

Image source: Shutterstock



Continue Reading

Latest News

Binance (BNB) Unveils CPT Framework to Analyze Crypto Market Dynamics | IDOs News

Avatar

Published

on

Binance (BNB) Unveils CPT Framework to Analyze Crypto Market Dynamics | IDOs News
Binance (BNB) Unveils CPT Framework to Analyze Crypto Market Dynamics | IDOs News




Rebeca Moen
Jul 21, 2024 09:51

Binance Research introduces the CPT Framework to analyze crypto market dynamics, focusing on capital, people, and technology as key structural drivers.





Binance Research has introduced a comprehensive framework to analyze the current state of the cryptocurrency market, termed the CPT Framework. This model aims to shed light on both short- and long-term drivers influencing market dynamics, according to Binance Research.

The past few months have been challenging for the crypto markets. Following a rapid rise at the start of the year, the market has been trading within a range. June saw an 11.4% decline in total crypto market capitalization month-on-month, despite some recent relief. As of now, the market remains 14% down from its March peak.

Drivers of Market Weakness

Several market events have contributed to the recent decline in crypto prices. Key among these was the distribution of 140,000 BTC (approximately $9 billion) to Mt. Gox creditors starting July 5. Additionally, the German government transferred 50,000 BTC (~$3.2 billion) to centralized exchanges and market makers between June 19 and July 13. The U.S. government also transferred 3,940 BTC (worth $248 million) to Coinbase Prime on June 26. Despite these large-scale disposals, some mitigating factors suggest that the impact may be short-lived.

Introducing the CPT Framework

Binance’s CPT Framework categorizes structural market factors into three distinct areas: Capital, People, and Technology. Each of these factors plays a crucial role in shaping the long-term health of the crypto market.

1. Capital

The influx of new money into the crypto ecosystem has slowed. This stagnation has resulted in a “Player vs. Player” (PvP) market, where participants compete for returns. Indicators such as stablecoin supply stagnation, a slowdown in funds raised by projects, and outflows from spot BTC ETFs highlight this trend.

Key Takeaways:

  • New capital is essential for sustainable market growth.
  • Attracting new capital requires appealing to investors across primary, secondary, and traditional finance markets.
  • Strong fundamentals and clear narratives are beneficial in attracting and retaining investor interest.

2. People

Market participants have faced challenges in generating sustainable returns. Retail users, institutional investors, project teams, market makers, and regulators have all been impacted by high valuations and sell pressure from token unlocks. Falling trading volumes since March further indicate a challenging environment.

Key Takeaways:

  • High valuations and low initial circulating supplies pose long-term structural challenges.
  • Increased awareness and research on tokenomics can help mitigate these issues.
  • Support for high-quality projects with small to medium market capitalization is crucial for a healthy market environment.

3. Technology

Technological advancements in blockchain and crypto, such as scaling solutions and user-focused developments, are crucial for onboarding new users. However, the focus remains disproportionately on infrastructure projects, which need to be balanced with the development of diverse and innovative dApps.

Key Takeaways:

  • Technological innovations attract a broader audience by providing tangible use cases.
  • Funding should be redirected to develop user-friendly dApps to amplify the reach of the crypto ecosystem.

Market Outlook

Despite recent challenges, Binance Research remains optimistic about the market’s outlook for the rest of the year. Several upcoming catalysts could propel the industry forward, including potential approvals of spot ETH ETFs, a favorable macro environment with potential interest rate cuts, the U.S. Presidential Election, and the Bitcoin halving event.

Market cycles consist of periods of ups and downs. Pullbacks serve as a healthy reset when there are excesses in the market. Long-term investors might see market corrections as opportunities to add to their portfolios, while risk-averse investors may consider holding their positions.

Image source: Shutterstock



Continue Reading

Latest News

NVIDIA Advances AI-Driven 6G Innovation with AI-RAN Alliance, 3GPP, and O-RAN | IDOs News

Avatar

Published

on

NVIDIA Advances AI-Driven 6G Innovation with AI-RAN Alliance, 3GPP, and O-RAN | IDOs News
NVIDIA Advances AI-Driven 6G Innovation with AI-RAN Alliance, 3GPP, and O-RAN | IDOs News




Rebeca Moen
Jul 21, 2024 05:27

NVIDIA collaborates with AI-RAN, 3GPP, and O-RAN to drive AI-driven innovations in 6G technology, focusing on AI-native tools and frameworks.





The development of 6G technology is accelerating as the 5G era advances. NVIDIA is at the forefront, working with key industry players to foster innovation and collaboration in AI-driven 6G solutions, according to the NVIDIA Technical Blog.

AI Blueprints for Radio Access Network

The Radio Access Network (RAN) is a critical component of cellular networks, and AI/ML methodologies are being integrated to manage its increasing complexity. The International Telecommunications Union (ITU) has proposed an AI-native air interface for 6G, aimed at enhancing performance through AI/ML. NVIDIA has contributed significantly to 3GPP’s Release 18 study on AI/ML for the 5G New Radio (NR) air interface and is now focusing on Release 19, which will expand AI/ML integration.

Digital Twin Networks

Digital Twin Networks (DTNs) are essential for simulating and validating AI/ML models in 6G. These networks emulate physical 5G/6G networks, allowing developers to create and test AI/ML models in a controlled environment. NVIDIA’s Aerial Omniverse Digital Twin is a next-generation simulation platform designed to support AI-native air interface research and development.

Over-the-Air Innovation Sandbox

An Over-the-Air (OTA) development platform complements DTNs by providing a real-world environment to validate and benchmark AI/ML algorithms. NVIDIA’s Aerial RAN CoLab Over-The-Air (ARC-OTA) serves as a 3GPP Release 15 compliant, full-stack network sandbox, enabling developers to test and refine their innovations.

Collaboration with Industry Leaders

NVIDIA is collaborating with the AI-RAN Alliance, 3GPP, and O-RAN to drive AI/ML-enabled innovations that will define 6G. The AI-RAN Alliance focuses on creating implementation blueprints and benchmarking AI/ML algorithms for the new AI-native RAN. Meanwhile, the O-RAN Alliance is working on an AI-focused transformation towards an open and interoperable architecture.

Future Prospects

The pace of AI/ML adoption in 6G is expected to accelerate as standards become clearer and commercial deployment approaches. NVIDIA’s 6G Developer Program, which includes over a thousand researchers, is a key platform for ongoing and future collaborations. Researchers are encouraged to join this program to contribute to the advancement of 6G technology.

Image source: Shutterstock



Continue Reading

Trending