News
-
"Android Phones Are Vulnerable to Fingerprint Brute-Force Attacks"A team of researchers from Tencent Labs and Zhejiang University has presented a new attack dubbed 'BrutePrint,' which brute-forces fingerprints on modern smartphones to circumvent user authentication and seize control of the device. Performing brute-… -
"Malicious Links and Misaddressed Emails Slip Past Security Controls"According to Armorblox, most organizations use six or more communication tools across channels, with email remaining the most vulnerable channel to attacks (38 percent). Multiple-channel attacks are picking up momentum and gaining frequency, according to… -
"3 Common Initial Attack Vectors Account for Most Ransomware Campaigns"Most ransomware attackers use one of three primary vectors to infiltrate networks and gain access to organizations' critical systems and data. According to researchers, the most significant vector for successful ransomware attacks in 2022 was the… -
"Ask the Expert: How New Research Can Help Protect Private Data"As an associate professor in the Department of Computer Science and Engineering at Michigan State University, Dr. Borzoo Bonakdarpour works to prevent the exposure of private information. Well-publicized instances of individuals being hacked due to… -
"Tech Mandated by Online Safety Bill 'Could Turn Phones Into Surveillance Tools'"According to new research from Imperial College London, the technology mandated by the UK's Online Safety Bill could be used to transform millions of phones into facial recognition tools. Client-Side Scanning (CSS) was examined in regard to its potential… -
"NATO Member Websites Targeted by Pro-Russian Hackers"The pro-Russian hacking group UserSec has announced the start of a new cyber campaign targeting and defacing the websites of North Atlantic Treaty Organization (NATO) member countries. On their official UserSec Telegram channel, the group posted an… -
-
"Congress Looks to Expand CISA’s Role, Adding Responsibilities For Satellites And Open Source Software"Lawmakers recently passed a series of bills to give the Cybersecurity and Infrastructure Security Agency (CISA) new responsibilities when it comes to safeguarding open source software, protecting U.S. critical infrastructure, and expanding the… -
"KeePass 2.X Master Password Dumper Allows Retrieving the KeePass Master Password"KeePass 2.X Master Password Dumper is a proof-of-concept (PoC) tool developed by the security researcher Vdohney that retrieves the master password for KeePass. The tool exploits the unpatched vulnerability in KeePass, tracked as CVE-2023-32784, to… -
"Dark Web ChatGPT Unleashed: Meet DarkBERT"The snowball effect caused by Large Language Models (LLMs) such as ChatGPT is still in the early stages. Combined with the open-sourcing of other Generative Pre-Trained Transformer (GPT) models, the number of Artificial Intelligence (AI)-based… -
"FTC to Crack Down on Biometric Tech, Health App Data Privacy Violations"The Federal Trade Commission (FTC) plans to update its Health Breach Notification Rule (HBNR) to clarify language regarding security breaches, user consent, and other functions, which will result in stricter enforcement for developers of consumer-driven… -
"Google Debuts Quality Ratings for Security Bug Disclosures"Google and Android announced recently that they will now assess device vulnerability disclosure reports based on the level of information that bug hunters provide in order to encourage more comprehensive submissions. According to Google,…