Following the discovery of vulnerabilities in the Terrestrial Trunked Radio (TETRA) communications protocol, which is used by Industrial Control Systems (ICS) worldwide, researchers have uncovered multiple additional zero-day vulnerabilities in a…

Various Intel Core processors and the devices that use them are vulnerable to "Downfall," a new class of attacks stemming from CVE-2022-40982, which enables attackers to access and steal sensitive data such as passwords, encryption keys, and private data…

According to computer scientists at the University of California, Riverside (UCR), the headset hardware and virtual keyboard interfaces associated with Augmented Reality (AR) and Virtual Reality (VR) present new opportunities for hackers. The metaverse…

Carnegie Mellon University (CMU) faculty and students are presenting their research at the 2023 Symposium on Usable Privacy and Security (SOUPS). The event, founded by CyLab Director Lorrie Cranor and first hosted by CMU in 2005, continues bringing…

Since January 2021, patients with statutory health insurance in Germany have had the option to use an electronic health record. However, not many people have taken advantage of it. An interview study conducted by researchers at Ruhr University Bochum,…

A new weapon in the war against robocalls is an automated system capable of analyzing the content of these unsolicited bulk calls. It highlights the scope of the problem and the types of scams perpetrated by robocalls. SnorCall is a tool designed to help…

Just months after the launch of OpenAI's ChatGPT chatbot, cybercriminals and hackers claim to have developed their own versions of the text-generating Artificial Intelligence (AI) technology. Theoretically, the systems could improve criminals' ability to…

Adobe recently rolled out a big batch of security updates for its flagship Acrobat and Reader software, patching at least 30 vulnerabilities affecting Windows and macOS installations.  Adobe warned that successful exploitation could lead to…

General Data Protection Regulation (GDPR) fines are forcing businesses to reconsider their cybersecurity strategies. However, experts are concerned that, despite compliance looking good on paper, it does not translate into better protection in…

Since its initial publication nearly a decade ago, the world's leading cybersecurity guidance is undergoing its first major update. The National Institute of Standards and Technology (NIST) has released a draft version of the Cybersecurity Framework (CSF…

CrowdStrike recently released its 2023 Threat Hunting Report, warning that threat actors have doubled down on identity-based attacks over the past year.  The new report is based on data collected over 12 months between July 1, 2022, and June 30,…

According to security researchers at Imperva, UK organizations lost billions in data breaches between 2019 and 2022, with hundreds of millions of their customers suffering compromise of their personal information.  The researchers studied 99,490…