double agent | Breaking Cybersecurity News | The Hacker News

A team of security researchers from Cybellum, an Israeli zero-day prevention firm, has discovered a new Windows vulnerability that could allow hackers to take full control of your computer. Dubbed DoubleAgent , the new injecting code technique works on all versions of Microsoft Windows operating systems, starting from Windows XP to the latest release of Windows 10. What's worse? DoubleAgent exploits a 15-years-old undocumented legitimate feature of Windows called " Application Verifier ," which cannot be patched. Application Verifier is a runtime verification tool that loads DLLs (dynamic link library) into processes for testing purpose, allowing developers quickly detect and fix programming errors in their applications. Unpatchable Microsoft Application Verifier Exploit The vulnerability resides in how this Application Verifier tool handles DLLs. According to the researchers, as part of the process, DLLs are bound to the target processes in a Windows Regist

An FBI electronics technician has pleaded guilty to acting as a Chinese secret agent and passing along sensitive information about the Feds to a Chinese government official. Kun Shan "Joey" Chun , 46, admitted in federal court in Manhattan on Monday that he violated his security clearance on several occasions between 2011 and 2016 in an effort to pass on secret information to China in exchange for money. Chun is a 19-year FBI veteran from Brooklyn who was born in China but was employed by the FBI in 1997. His duties with the FBI included " accessing sensitive and, in some instance, classified information ." The g-man, as a double agent, sent confidential government information – including the identity and travel plans of an FBI special agent, the internal structure of the FBI and spying technology used by the Bureau – to a Chinese official. Chun, who was initially arrested in March, got a top secret security clearance in 1998, at the time he did not reveal h

Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn't a plot from the latest cyber-thriller; it's actually been a reality for years now. How this will change – in a positive or negative direction – as artificial intelligence (AI) takes on a larger role in software development is one of the big uncertainties related to this brave new world. In an era where AI promises to revolutionize how we live and work, the conversation about its security implications cannot be sidelined. As we increasingly rely on AI for tasks ranging from mundane to mission-critical, the question is no longer just, "Can AI  boost cybersecurity ?" (sure!), but also "Can AI  be hacked? " (yes!), "Can one use AI  to hack? " (of course!), and "Will AI  produce secure software ?" (well…). This thought leadership article is about the latter. Cydrill  (a