News
-
"CPU Security Loophole: Analysis of Energy Consumption Allows Data Theft"Central Processing Units (CPUs) are designed to run multiple applications simultaneously, which is advantageous for productivity, but poses a security risk. By analyzing the processor's energy consumption, researchers at TU Graz and the Helmholtz Center…
-
"Credentials Account For Over Half of Cloud Compromises"Google recently discovered that over half (55%) of public cloud compromises in the first three months of the year were down to a missing or weak password. Google noted that the second most common compromise factor in the period was misconfiguration…
-
"U-M Researchers Play Role in Creating New California Privacy Choice Icon"California has enacted a new online privacy icon designed to give users greater authority over their personal information. Researchers from the University of Michigan's School of Information (UMSI) led the research to create the icon, simplifying…
-
"Malicious npm Packages Found Exfiltrating Sensitive Data from Developers"Researchers have found a new set of malicious packages on the npm package registry that are designed to steal sensitive developer information. On July 31, 2023, the software supply chain company Phylum discovered the "test" packages, which showed…
-
"Hacktivists Fund Their Operations Using Common Cybercrime Tactics"Hacktivist groups that operate for political or ideological reasons use various strategies to finance their operations. Although hacktivism appears to be about inflicting service disruption through Distributed Denial-of-Service (DDoS) attacks or…
-
"VPNs Remain a Risky Gamble for Remote Access"According to a new Zscaler report, organizations are concerned about network security because of the threats posed by Virtual Private Networks (VPNs). Due to the increased threat of cybercriminals exploiting VPN vulnerabilities, the report emphasizes the…
-
"Exclusive: CISA Sounds the Alarm on UEFI Security"The Cybersecurity and Infrastructure Security Agency (CISA) is calling for improved security for Unified Extensible Firmware Interface (UEFI) update mechanisms in the wake of the debacle that has been mitigating the BlackLotus bootkit. CISA urges the…
-
"Researcher Explores Effect of Hospital Mergers on Data Breaches"According to research conducted by a University of Texas at Dallas doctoral student, patient data is especially vulnerable during and after hospital mergers and acquisitions, when the likelihood of a cybersecurity breach more than doubles. Nan Clement, a…
-
"Researchers Strengthen Defenses Against Common Cyberattack"Scientists have developed a method that improves the detection of a common Internet attack by 90 percent compared to current methods. The new technique developed by computer scientists at the Pacific Northwest National Laboratory (PNNL) of the US…
-
"Satellites Easier to Hack Than a Windows Device"According to a new paper by a team of researchers from Ruhr University Bochum and the CISPA Helmholtz Center for Information Security in Saarbrücken, satellites are vulnerable to cyberattacks and do not even use basic cryptography. The research team…
-
"Microsoft Teams Targeted in Midnight Blizzard Phishing Attacks"Microsoft Threat Intelligence has recently announced that it detected a series of highly targeted social engineering attacks employing credential theft phishing lures delivered as Microsoft Teams chats. Microsoft stated that these attacks have been…
-
"Google Awards Over $60,000 for V8 Vulnerabilities Patched With Chrome 115 Update"Google recently announced a Chrome 115 update that patches 17 vulnerabilities, including 11 flaws reported by external researchers. Google noted that the browser update resolves three high-severity type confusion bugs in the V8 JavaScript and…