Researchers at Sonatype have found that there has been a massive 430 percent surge in next generation cyberattacks aimed at actively infiltrating open source software supply chains.  There were 929 next generation software supply chain attacks…

A researcher claims that hackers took control over a part of the endpoint infrastructure used by the anonymizing internet browser Tor to route traffic. According to the researcher, attackers manipulated Tor traffic and mined cryptocurrency using Tor exit…

McAfee researchers were able to trick a facial recognition system into misclassifying one person as another person using Generative Adversarial Networks (GANs). GANs are neural networks that can create data similar to the data it is fed. In the study,…

Researchers from the Horst Gortz Institute for IT Security (HGI) at Ruhr-Universitat Bochum have shown that it is possible to decrypt the contents of telephone calls made via the LTE mobile network, 4G, which are supposed to be tap-proof. The decryption…

Researchers at Veracode, while conducting a survey, found that nearly half of organizations regularly and knowingly ship vulnerable code despite using AppSec tools.  Among the top reasons cited by the organizations for pushing vulnerable code, were…

According to IBM's annual "Cost of a Data Breach" report released in July,  the average losses incurred by the public sector worldwide per data breach is the lowest average cost compared to 17 other industries. Researchers examined the costs of data…

Former NASA astronaut Pamela Melroy gave a presentation at the Aerospace Village within the DEFCON virtual security conference. She discussed cybersecurity lessons learned from human spaceflight and what cyber risks are faced by the International Space…

Researchers at Check Point discovered that phishing emails with subject lines related to COVID-19 vaccines are now being used to trick recipients into downloading malicious files typically in file type forms of .exe, .xls, or .doc.  The researchers…

A new report from Synopsys, titled "Modern Application Development Security," reveals that 48% of organizations intentionally push vulnerable code in their application security programs. According to the report, organizations push vulnerable code because…

CISOs need to make protecting HR data a high priority during the Covid-19 pandemic.  Since most employees are working from home, companies are even more susceptible to data breaches.  If compromised, the data stored by HR can do a devastating…

A study conducted by researchers at the Georgia Institute of Technology suggests that botnets made up of electric ovens, hot-water heaters, electric vehicle chargers, air-conditioners, and other internet-connected high-wattage appliances, could be used…

In June, JSOF researchers disclosed a set of 19 vulnerabilities, dubbed "Ripple20," that affect millions of connected devices, including those used in the healthcare industry. These vulnerabilities were found in Treck's widely adopted low-level TCP/IP…