Advanced smartphone features entice users who want more from their devices, especially in regard to health and entertainment, but the question is whether these features pose a security risk when making or receiving actual calls. A team of researchers…

In a recent study titled "Not Your Average App: A Large-scale Privacy Analysis of Android Browsers," Amogh Pradeep, a doctoral student at Khoury College, and his multinational research team set out to examine the personal data collected by browsers and…

Due to their complexity, hybrid cyber threats are dangerous. Oftentimes, cyberattacks are accompanied by an information component designed to achieve specific objectives, such as misleading the public or convincing them of things favorable to the nation…

A team led by the University of Maryland received a distinguished paper award for examining the challenges encountered by bug bounty hunters or ethical hackers who discover and report vulnerabilities or bugs to a platform's developer. The paper, titled "…

Hackers recently managed to break into a US Air Force satellite in orbit and took home prizes of up to $50,000 for exposing the vulnerabilities.  Italian team "mHACKeroni" were the winners of the US Space Force annual "Hack-A-Sat" competition, which…

Cisco recently announced security updates for several enterprise applications to patch high-severity vulnerabilities leading to privilege escalation, SQL injection, directory traversal, and denial-of-service (DoS).  The most severe of these impacts…

Researchers at ESET have discovered a widespread phishing campaign designed to steal the credentials of Zimbra account holders. The collaborative software platform Zimbra Collaboration is a popular alternative to enterprise email solutions. At least…

Threat actors are increasingly distributing malicious Android APKs (packaged app installers) that can resist decompilation through unsupported, unknown, or highly adjusted compression algorithms. The main benefit of this strategy is evading detection by…

SentinelOne observed Bronze Starlight, also known as APT10, Emperor Dragonfly, and Storm-0401, an Advanced Persistent Threat (APT) group with ties to China, targeting the Southeast Asian gambling sector. The malware and infrastructure used in the…

Open source software development automation server Jenkins recently announced patches for high and medium severity vulnerabilities impacting multiple plugins.  The patches address three high severity cross-site request forgery (CSRF) and cross-site…

Microsoft disclosed a new variant of the BlackCat ransomware, also known as ALPHV and Noberus, which incorporates tools such as Impacket and RemCom to facilitate lateral movement and Remote Code Execution (RCE). The Impacket tool has modules for…

Researchers have discovered how to manipulate the iPhone's user interface to fake airplane mode while secretly maintaining Internet connectivity. Jamf Threat Labs detailed in a new report how the code controlling the different elements of iOS 16's…