Experts in automotive security have discovered a novel method for hijacking automobiles by hacking into their control systems via the headlight. The controller area network (CAN) bus, the Internet of Things (IoT) protocol by which devices and…

Researchers at the University of Maryland (UMD), with support from the National Science Foundation (NSF), are developing a framework for cryptographic systems that can withstand increasingly powerful quantum computers. In addition, they are working on…

A computer security researcher at the University of Texas at Arlington (UTA) has been awarded a prestigious federal grant to determine the most effective technologies and methods for achieving and maintaining online security and privacy. Assistant…

There is the promise of chiplets within the semiconductor ecosystem, but security in these chiplets and the heterogeneous systems into which they will be implemented needs more attention. Disaggregating a System-on-Chip (SoC) into a chiplet changes the…

Malicious actors can exploit a vulnerability identified in at least 55 Wi-Fi router models to eavesdrop on victims' data sent over wireless networks. Researchers from China and the US have detailed the security flaw in the Network Processing Units (NPUs…

An Estonian national has been recently charged in the United States for purchasing US-made electronics and computer hacking tools on behalf of the Russian government and military.  The man, Andrey Shevlyakov, was arrested in Estonia on March 28.…

Security researchers at Netscout discovered that the volume of application-layer distributed denial of service (DDoS) attacks targeting HTTP and HTTPS websites grew by triple digits between 2019 and 2022, thanks to groups like Killnet.  The biggest…

Attackers have been avoiding detection by exploiting legitimate YouTube attribution links and a Cloudflare CAPTCHA. According to the cybersecurity company Vade, using YouTube attribution links is a novel method for circumventing email filters that scan…

Microsoft and two partner organizations have been granted legal permission to target cybercriminal infrastructure associated with the widespread abuse of Cobalt Strike, a legitimate testing tool that attackers have used against the healthcare industry.…

Google has recently unveiled a new policy for Android apps that enable account creation.  The rule mandates such apps to provide users with an option to delete both the accounts and the data associated with them.  Bethel Otuteye, senior…

Data storage device manufacturer Western Digital has recently disclosed information about a network security incident detected on March 26.  The company said the incident involved an unauthorized third party gaining access to several systems.  …

In the last year, nearly half of cybersecurity practitioners have been instructed by senior management to keep data breaches "under wraps." Bitdefender's survey of 400 Information Technology (IT) and security professionals revealed that 42 percent had…