Cyber Scene #53 - Cybersecurity: Under (Mostly) New Management  

NurseryCam, a webcam service used across 40 daycare centers in the U.K. by parents who want to keep a watchful eye on their babies, has shut down following a data breach. The breach exposed the personal data of about 12,000 users to an attacker who said…

Researchers at Cofense have analyzed millions of emails related to various attacks and found that 57 percent were phishing emails aiming to steal victim usernames and passwords.  The remainder of malicious emails were utilized in business email…

Security researchers at Armorblox have discovered two large email phishing attacks targeting at least 10,000 victims. The targets of the two campaigns were sent phishing emails that appeared to come from the shipping companies FedEx and DHL Express. One…

A team of researchers from China, Algeria, and the UK conducted a comprehensive analysis of security and privacy risks associated with current technologies used in smart agriculture. The researchers also identified and proposed potential countermeasures…

Researchers working with the Information Security Group at ETH Zurich discovered a way to circumvent the PIN codes for different contactless credit cards. In summer 2020, the researchers demonstrated how to bypass a PIN code for Visa cards. They have now…

​Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.

A new study conducted by the Economist Intelligence Unit has found that most businesses now regard state-sponsored or led attacks as a significant threat.  The study was done by conducting interviews with over 500 director-level or above executives…

The FBI recently issued a warning about Telephony Denial-of-Service (TDoS) attacks against critical first-responder facilities and the impact that such attacks can have on public safety. A TDoS attack aims to render a telephone system unavailable by…

The Defense Advanced Research Agency (DARPA) recently announced the results of its first bug bounty program called Findings Exploits to Thwart Tampering (FETT). The FETT bug bounty was run in partnership with the Department of Defense's Defense Digital…

The National Institute of Standards and Technology (NIST) released finalized guidance based on its Cybersecurity Framework (CSF). The release of this guidance satisfies Executive Order 13905 on securely using position, navigation, and timing (PNT)…

Mandiant, a division of the security vendor FireEye, has identified UNC2546 as the hacking group behind the recent data breach suffered by the software firm Accellion, which impacted many corporations, law firms, and other organizations. Accellion…