Computer scientists at the University of Liverpool have discovered a new threat posed by smartphones, smart doorbells, virtual assistants, and other Internet of Things (IoT) devices that can allow attackers to access and combine device identification…

Researchers at CyberArk discovered a flaw in Microsoft Teams, which could allow an adversary to hijack a Teams account.  Once the adversary hijacked the Teams account, then the bad actor could traverse through the organization and gather data form…

Since the beginning of COVID-19, consumer behavior has changed across the industries, and fraudsters are also shifting their focus accordingly.  In a new study, researchers from Arkose Labs found that the attack rate against retail and travel…

Many developers continue to use Python 2 after the Python Software Foundation ended its support for the programming language through improvement updates or security fixes on January 1, 2020, increasing security risks for their organizations. The Python…

Social media bots are social media accounts that use artificial intelligence to automate the performance of activities such as aggregating news, assisting customers for online retailers, and more. They are also used to amplify the spread of…

Researchers from the University of Michigan and NortonLifeLock's Research Group did a study on why people adopt and then sometimes fail to continue following online safety practices. The researchers conducted a survey to which more than 900 people…

Air-gapping refers to the physical isolation of a computer or network to ensure that it does not connect to the internet or other internet-connected system. The purpose of this security mechanism is to protect the computer or network from unsecured…

Adversaries are sending emails to individuals posing as an HR representative from their place of work.  The email states that if the individual misses this Zoom meeting, which is happening right now, the individual will then lose their job. Once the…

The banking Trojan Grandoreiro has been discovered by ESET researchers to be exploiting the COVID-19 crisis to attack users. According to ESET, the videos on fake websites claiming to provide important information about the virus are being used to mask…

Adversaries are targeting the Sophos XG firewall (both virtual and physical versions) using a zero-day exploit.  The ultimate goal of the adversaries is to drop the Asnarok malware on vulnerable appliances.  The bug in question is a pre-…

​Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.

Countries are using geo-location, mobile technology to trace people testing positive for COVID-19, and people possibly exposed to the disease in order to track the pandemic's spread and patterns. However, there are concerns about the risk posed…