Researchers at Barracuda Networks have discovered that cybercriminals are increasingly registering accounts with legitimate services, such as Gmail and AOL, to use them in impersonation and BEC attacks.  Barracuda researchers observed that 6,170…

The car security research team from Qihoo 360, called the Sky-Go Team, discovered over a dozen vulnerabilities in a Mercedes-Benz E-Class car by reverse-engineering the car's components using a  testbench they built. According to the researchers,…

Researchers have discovered a new vulnerability they are calling KrØØk (formally CVE-2019-15126).  KrØØk is a vulnerability in Broadcom and Cypress Wi-Fi chips that allows unauthorized decryption of some WPA2-encrypted traffic. Specifically, the bug…

A researcher at Oxford University demonstrated the potential exploitation of vulnerabilities in satellite broadband communications to intercept unencrypted web traffic through the use of an inexpensive satellite dish and a digital broadcasting satellite…

New research by threat analysts at Venafi reveals that the number of commodity malware campaigns exploiting machine identities doubled between 2018 and 2019. Applications and devices use machine identities that are made from cryptographic keys and…

Although smart home technologies are marketed to increase the convenience of our daily lives, many consumers still do not trust the privacy and security of these technologies. Researchers from WMG and Computer Science, University of Warwick, conducted a…

Security researchers at DBAPPSecurity have discovered an authentication bypass vulnerability, dubbed “BlueRepli.”  An adversary can bypass authentication by imitating a device that has previously been connected with a target. Victims do not need to…

Security researchers have discovered a high-risk vulnerability (CVE-2020-13699) in TeamViewer for Windows. If the vulnerability is exploited, remote attackers could crack the users’ password, which could lead to further system exploitation.  CVE-…

A team of researchers from the Internet of Things (IoT) security company Armis discovered a technique, dubbed EtherOops, that could be used to attack devices placed inside closed enterprise networks. According to the researchers, the method can only be…

A new report from Accurics, titled "The State of DevSecOps," reveals that the misconfiguration of storage services in over 90 percent of cloud deployments have led to more than 200 breaches in the past two years. These breaches have exposed more than 30…

The U.S. National Security Agency (NSA) released a report on how location data tracked via mobile phones and other connected devices such as fitness trackers, smartwatches, and built-in vehicle communication devices could threaten security. While the…

After 2015 when Russian hackers were able to hack three Ukrainian power companies, some security experts took it on themselves to show how protocol gateways could be exploited at other utilities.  New research has been conducted by researchers at…