News
-
"Arctic Wolf: One-Third of All Cyberattacks Now Involve Business Email Compromise"Arctic Wolf Networks released a report finding that there has been a significant increase in Business Email Compromise (BEC) attacks in the first half of this year. According to data analysis and insights from Arctic Wolf's incident response unit Tetra…
-
"Capital One Phish Showcases Growing Bank-Brand Targeting Trend"Security researchers at Vade have discovered a recent phishing campaign exploiting Capital One's new partnership with verification service Authentify, sending thousands of scam emails to the bank's customers to try and trick them into uploading images of…
-
"Manufacturers Failing to Address Cybersecurity Vulnerabilities Liable Under New European Rules"The European Commission has recently publicized new liability rules on digital products and artificial intelligence (AI) in order to protect consumers from harm, including in cases where cybersecurity vulnerabilities fail to be addressed. The two…
-
"Malware Shifting to Virtual Environments, Warns Mandiant"Mandiant has released a report detailing novel malware that attacks VMware hypervisors, stating that the state-sponsored hackers behind it may be shifting their targets from workstations to virtual environments where Endpoint Detection and Response (EDR…
-
"The Country Where You Live Impacts Password Choices"GoSecure researchers have found that a person's country of residence influences the strength of their password selection. They discovered four primary macro-social factors that strongly correlate with positive password performance, which is measured by…
-
"Matrix: Install Security Update to Fix End-To-End Encryption Flaws"The Matrix decentralized communication platform has issued a security alert regarding two critical-severity vulnerabilities in the Software Development Kit's (SDK) end-to-end encryption. The exploitation of these flaws could allow a threat actor to…
-
"Cyber Attacks Against Middle East Governments Hide Malware in Windows Logo"In its attacks against Middle Eastern governments, an espionage-focused threat actor has been observed using a steganographic tactic to hide a previously unknown backdoor in a Windows logo. Broadcom's Symantec Threat Hunter Team attributed the updated…
-
"GSMA, IBM and Vodafone Establish Post-Quantum Telco Network Taskforce"The GSMA has announced the formation of the GSMA Post-Quantum Telco Network Taskforce, with IBM and Vodafone as initial members, to help in the definition of policy, regulation, and operator business processes for enhanced telecommunications protection…
-
"Less Than 5% Of Public Companies Use the Latest Email Security Standards"Phishing remains the most common type of cyberattack. The Anti-Phishing Working Group observed the most phishing attacks in history in the first quarter of 2022, as the quarterly volume of attacks surpassed 1 million for the first time. Organizations…
-
"Huijia Lin Proved That a Master Tool of Cryptography Is Possible"A long-desired holy grail in cryptography is about to change the way sensitive data is protected. Existing standard encryption schemes are all-or-nothing as data is inaccessible to anyone who does not have the secret key once it is scrambled. This has…
-
Pub Crawl #66Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.
-
"'Protestware' Is on the Rise, With Programmers Self-Sabotaging Their Own Code. Should We Be Worried?"The author of node-ipc, a software library with over a million downloads weekly, deliberately broke their code in March 2022. If the code detects that it is being executed within Russia or Belarus, it attempts to replace the contents of every file on the…