​Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.

Cybersecurity researchers at Trend Micro are raising the alarm on a new ransomware family called Agenda, which has been used in attacks on organizations in Asia and Africa.  The researchers noted that Agenda is written in the Golang (Go) cross-…

Cryptographers worldwide have spent the last two decades developing postquantum cryptography (PQC) algorithms to stay ahead of the quantum threat. These are based on new mathematical problems that are difficult to solve for both quantum and classical…

North Korean 'Kimsuky' threat actors are trying to ensure that their malicious payloads are only downloaded by legitimate targets and not by security researchers' systems. The threat group has been using new techniques to filter out invalid download…

The makers of the popular password manager LastPass have announced that an unauthorized party gained access to portions of the LastPass development environment via a single compromised developer account, taking portions of source code and some…

According to new research, over 80,000 Hikvision surveillance cameras worldwide are vulnerable to an 11-month-old command injection flaw. Hikvision, short for Hangzhou Hikvision Digital Technology, is a Chinese state-owned video surveillance equipment…

Nation-state threat actors are increasingly adopting and integrating the Sliver command-and-control (C2) framework as a replacement for Cobalt Strike in their intrusion campaigns. Because of the popularity of Cobalt Strike as an attack tool, defenses…

There are organizations that use Machine Learning (ML) and Artificial Intelligence (AI) algorithms to analyze massive amounts of browsing data, social network data, location data, voice data, and contact information that people share through their…

The COVID-19 pandemic has forced educational institutions to quickly transition to remote learning and exam taking, thus leading to an increase in the use of online proctoring services, such as restricted browser modes, video/screen monitoring, local…

Cisco recently announced patches for two vulnerabilities impacting the NX-OS software that powers its Nexus-series business switches.   The first of these issues is tracked as CVE-2022-2082 and affects the OSPF version 3 (OSPFv3) feature of NX-OS.…

Dr. Lisa Kohl is an expert cryptographer at Centrum Wiskunde & Informatica (CWI), the Netherlands' national mathematics and computer science research institute. She and her colleagues are looking for new ways to keep people safe online. Kohl's…

According to the latest Trustwave SpiderLabs Telemetry report, six months after the Log4Shell vulnerability was disclosed, vulnerable instances are still accessible on the Internet, with threat actors still trying to exploit them. The report reveals that…