A report released by the security vendor, SecureWorks, says that tools used in the performance of malicious cyber activities are becoming more affordable, thus increasing the accessibility to such tools for cybercriminals. Less-skilled cybercriminals…

You Get Where You're Looking For: The Impact of Information Sources on Code Security (Free Open Access Copy) by Yasemin Acar, Michael Backes, Sascha Fahl, Doowon Kim, Michelle L. Mazurek, Christian Stransky is the Winner of the 5th Annual Best Scientific…

Researchers from Cisco Systems’ Talos group have detected malware that has been embedded into the installer of a popular utilities program by the name of CCleaner. The maliciously modified CCleaner installer has been discovered by researchers to…

The Cyber Diplomacy Act of 2017 has been introduced by a bipartisan group of Representatives that would create an Office of Cyber Issues at the State Department as well as require the development of a public international cyberspace strategy by the…

As the age of fully developed quantum computers approaches, researchers are quickly trying to develop post-quantum cryptographic methods as such advanced technology is expected to break current encryption algorithms, RSA and ECC. Current encryption …

A survey conducted by Ponemon Institute finds that most organizations acknowledge the importance of threat intelligence in achieving a strong security posture. However, many of the organizations that participated in this survey, still find it difficult…

Security firm, ESET, has warned of the increasing use of content delivery networks (CDNs) by hackers to spread malware. In a recently launched attack that targeted users in Brazil, attackers used a standard by the name of “downAndExec” in the…

Analysis conducted by Kromtech Security Center has revealed that 15,000 Elasticsearch servers are insecure with 4,000 of those servers hosting point-of-sale (POS) malware strains by the names of Alina and JackPos. These servers are insecure as they lack…

Improper disposal or destruction of recycled hardware devices raises cybersecurity concerns as such devices could still contain sensitive data that could be extracted by anyone. Electronic waste derives from inevitable device updates that are carried out…

A team of researchers at the University of Edinburgh discovered a method, which hackers could use to interreupt messages in their transmission between fitness trackers and cloud servers. In the demonstration of this method, researchers were able to…

SoS Musings #6 Toward Improving Security

IoT security firm, Armis, discovered and properly disclosed eight security vulnerabilities within stacks on Bluetooth devices, which could allow hackers to assume control over the device and infect other devices with malware. The set of…