Based on evidence of active exploitation, the US Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw impacting the ZK Framework to its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability, tracked as CVE-…

According to researchers at Kaspersky, mobile malware developers were busy in 2022, flooding the cybercrime landscape with twice the number of banking trojans than the year before.  The researchers stated that nearly 200,000 new mobile banking…

Taiwan-based QNAP Systems has recently announced that it is offering rewards of up to $20,000 for vulnerabilities reported through its newly launched bug bounty program.  QNAP, which is known for its network-attached storage (NAS) and professional…

Fully Homomorphic Encryption (FHE) enables algorithms to do direct computations on encrypted data. Usually, sensitive data is encrypted, and it must be decrypted before it can be used for any form of analysis or computing. The analysis or computation is…

Media giant News Corp has recently disclosed new details about a data breach discovered last year and attributed to a state-sponsored threat actor.  In early 2022, News Corp revealed that hackers had managed to steal corporate data from its systems…

According to security researchers at Menlo Security, an unknown threat actor is targeting APAC and North American governments with info-stealing malware and ransomware.  The researchers noted that the group’s attacks begin with a phishing email…

Microsoft's Bing Chat, an Artificial Intelligence (AI)-powered chatbot co-developed with OpenAI, was not available for long before users devised ways to break it. Users got it to declare love, threaten harm, and more by providing carefully crafted inputs…

Researchers at a Quebec university are looking into how prepared power utilities are for cyberattacks, as well as the security of wireless industrial Internet-connected devices. Ottawa recently announced that it gave the University of Sherbrooke the…

​Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.

Researchers discovered a new payload delivered by the Wslink malware downloader and believe it is part of the toolset maintained and deployed by the Lazarus Group, which is associated with North Korea. ESET researchers found the Wslink loader in 2021,…

According to new data from the FTC, Americans lost $8.8bn to fraud last year, with investment scams ($3.8bn) being the biggest money-maker for fraudsters.  The FTC stated that investment fraud had surged by over 100% from 2021 when the figure stood…

Intel has reported recently that it has paid out more than $4.1 million through its bug bounty program since its creation in 2017.  Intel noted that, on average, between 2018 and 2021, they paid $800,000 through its bug bounty program each year for…