Organizations have become increasingly dependent on Internet-based technologies for building management systems, Internet of Things (IoT) devices, operational technology, and other physical assets. These technologies introduce new security…

A study conducted by a team of researchers at the University of Pittsburgh Swanson School of Engineering found that the Graphics Processing Unit (GPU) in some Android smartphones could be used to eavesdrop on a user's credentials when they type them…

Security researcher Karl Koscher and his colleagues explored what happens when an old satellite has been decommissioned and transitioned into a graveyard orbit. They were given permission to access and broadcast from a Canadian satellite called Anik F1R…

The United States House of Representatives has passed a bill that would change how cybercrime is tracked, measured, and reported by the federal government.  The Better Cybercrime Metrics Act was approved by the House in a bipartisan 377-48 vote.…

Customers of a popular cryptocurrency hardware provider have been urged not to reply to any official-looking emails after a convincing phishing campaign was uncovered.  Trezor makes hardware devices that customers can use to store their digital…

Hackers have breached infrastructure belonging to Russia's Federal Air Transport Agency, wiping its entire database and files containing 65TB of data. This data includes documents, files, aircraft registration data, and emails from the servers. According…

Threat actors are infiltrating cloud accounts to create distributed workloads for cryptomining. According to researchers, the threat actors are hacking misconfigured and vulnerable cloud instances to carry out Distributed Denial-of-Service (DDoS) attacks…

A non-profit community-based healthcare organization in Northern California is investigating a cyberattack that has disrupted its computer systems.  Partnership HealthPlan of California, which serves more than 618,000 Medi-Cal members in 14 Northern…

According to new research at Imperva, a shocking 70% of EMEA organizations have no insider risk strategy despite employees directly or indirectly causing most data security incidents over the past year.  The researchers, during a survey, found that…

​Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.

Researchers at the Washington University in St. Louis (WUSTL) propose an inexpensive, more convenient, and scalable security system that is resistant to quantum attacks. Other potential solutions for securing data against quantum attacks have been found…

AcidRain is a newly discovered data wiper malware that has been wiping routers and modems. According to researchers at SentinelOne, the malware is loosely linked to a cyberattack that targeted the KA-SAT satellite broadband service on February 24, which…