News
-
"Vulnerability Exposes iPhone Users to Payment Fraud"New research from the University of Birmingham and the University of Surrey has found that many iPhone users are vulnerable to payment fraud due to Apple Pay and Visa vulnerabilities. The researchers stated that they could bypass an iPhone’s Apple…
-
Pub Crawl #54Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.
-
"The GriftHorse Mobile Trojan Has Stolen a Fortune From Over 10 Million Victims"Evidence suggests that the new "GriftHorse" Android Trojan has stolen millions of dollars from more than 10 million victims globally. According to Zimperium zLabs, the new malware has been embedded in nearly 200 malicious applications, which have been…
-
"Most Third-Party Cloud Containers Have Vulnerabilities"Researchers at Palo Alto Networks have discovered that the vast majority of third-party code used in cloud infrastructure contains vulnerabilities and misconfigurations, which could leave organizations exposed to attack. The researchers found that…
-
Cyber Scene #60 - From All Foreign and Domestic Cyber Enemies and Their MinionsCyber Scene #60 - From All Foreign and Domestic Cyber Enemies and Their Minions
-
Cybersecurity Snapshots #22 - BlackMatter: The DarkSide Ransomware Group Rebranded?Cybersecurity Snapshots #22 - BlackMatter: The DarkSide Ransomware Group Rebranded?
-
Spotlight on Lablet Research #22 - Obsidian: A Language for Secure-by-Construction Blockchain ProgramsSpotlight on Lablet Research #22 - Obsidian: A Language for Secure-by-Construction Blockchain Programs
-
"SolarWinds Attackers Hit Active Directory Servers with FoggyWeb Backdoor"Researchers have found that the threat actors behind the notorious SolarWinds supply-chain attacks have dispatched new malware to steal data and maintain persistence on victims’ networks. Researchers from the Microsoft Threat Intelligence Center (…
-
"Half of Regulated Firms See Pandemic Spike in Financial Crime"During a new survey conducted by SmartSearch, researchers found that around half of firms in the financial services, property, and legal sectors have reported rising levels of financial crime over the past 12 months. During the study, researchers…
-
"New Azure Active Directory Password Brute-Forcing Flaw Has No Fix"A bug recently discovered in the implementation of Azure Active Directory (AD) enables single-factor brute-forcing of a user's AD credentials. An attacker can have unlimited attempts at guessing a user's username and password as these attempts are not…
-
"picoCTF Impresses at the Women in Cybersecurity Conference"Security and privacy experts at Carnegie Mellon University (CMU) created an educational program called picoCTF, which is aimed at bringing more people into the cybersecurity field. The picoCTF team hosted a workshop at this year's conference for Women in…