According to an analysis of real-world cyberattacks and data collected from millions of PCs, ZIP and RAR files have surpassed Microsoft Office documents as the most commonly used file types by cybercriminals to deliver malware. Based on customer data…

​Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.

In November, hackers demanded health insurer Medibank pay US$9.7 million to keep the records stolen off the internet, or one dollar for each of the company's impacted customers, which included Prime Minister Anthony Albanese.   Medibank refused to…

Three Android apps with millions of downloads on the Google Play store, Lazy Mouse, Telepad, and PC Keyboard, had several flaws that could allow attackers to remotely execute commands and steal credentials. These were riddled with critical flaws, putting…

Security researchers at Akamai, analyzing a prolific botnet, recently managed to accidentally kill it due to the coding equivalent of a typing error.  The researchers detected the "KmsdBot" last month.  The Golang-based bot is designed to…

Eight people have been recently charged with conspiring to defraud the Georgia Department of Labor (GaDOL) out of tens of millions of dollars in unemployment benefits.  Among the defendants are Vienna, Georgia residents Tyshion Nautese Hicks, 30,…

Security researchers have discovered a relatively simple way to take control of Hondas, Nissans, Infinitis, and Acuras through their infotainment systems. According to new research, several major automakers were affected by a previously unknown…

Google's Threat Analysis Group (TAG) discovered three exploitation frameworks likely linked to Variston IT, a Spanish firm, while tracking the activities of commercial spyware vendors. Variston officially claims to offer custom security solutions and…

Nvidia's latest GPU Display Driver update fixes 29 security vulnerabilities, seven of which have a base score of more than 7. The company's graphics cards are designed to accelerate computing processing in order to support real-time or data-intensive…

LastPass and its affiliate GoTo (formerly LogMeIn) announced a security incident and, in the case of LastPass, a possible data breach. According to GoTo CEO Paddy Srinivasan, unusual activity was discovered within their development environment and third-…

Security researchers have discovered Dolphin, a previously unknown backdoor used by North Korean hackers in highly targeted operations for over a year to steal files and send them to Google Drive storage. According to ESET researchers, the APT37 threat…

A new Android threat campaign called the Schoolyard Bully Trojan has infected over 300,000 users in 71 countries. The malware, which is primarily designed to steal Facebook credentials, is disguised as legitimate education-themed applications in order to…