-
"User Experience Plays a Critical Role in Cybersecurity"Attackers shifted to endpoints when network security was tightened, and systems were secured by technology teams. Now that they are more secure, hackers are focusing on the next security chain's weak link, which is people. According to Stanford…
-
"NSA Publishes Guidance on Characterizing Threats, Risks to DoD Microelectronics"The National Security Agency's (NSA) Joint Federation Assurance Center (JFAC) Hardware Assurance Lab published a report titled "DoD Microelectronics: Levels of Assurance Definitions and Applications" to characterize the threats and risks faced by Custom…
-
"TikTok Engaging in Excessive Data Collection"Security researchers at Internet 2.0 discovered that TikTok has been engaging in excessive data collection and connecting to mainland China-based infrastructure. The researchers analyzed the source code of TikTok mobile applications Android 25.1.3…
-
"Hackers Distributing Password Cracking Tool for PLCs and HMIs to Target Industrial Systems"A new campaign leveraging password cracking software to seize control of Programmable Logic Controllers (PLCs) and co-opt the machines to a botnet is targeting industrial engineers and operators. According to Dragos security researcher Sam Hanson, the…
-
"Fingerprint Sensors and Crypto Wallets: Security Vulnerabilities Revealed"
A team of security researchers from Paluno, the Ruhr Institute for Software Technology at the University of Duisburg-Essen (UDE), has developed a new technique that allows fuzz testing of protected memory areas in modern processors for the first time.…
-
"Pegasus Spyware Used Against Thailand’s Pro-Democracy Movement"The Citizen Lab is an interdisciplinary research initiative focusing on information and communication technologies and human rights at the University of Toronto. Citizen Lab has claimed that Pegasus spyware is being used against Thailand's pro-…
-
-
"Bogus Cryptocurrency Apps Swindle Users Out of Millions, FBI Warns"FBI recently stated in an alert that fraudulent cryptocurrency investment apps bilked at least 244 victims out of nearly $43 million. The fraudulent apps identified in the alert posed as legitimate banking institutions, inviting investors to…
-
"Tor Browser Adds Automatic Censorship Circumvention"The Tor Project recently updated its flagship anonymizing browser to make it easier for users to evade government attempts to block its use in various regions. According to the US-based non-profit that manages the open source software, Tor Browser…
-
"The First Formal Verification of a Prototype of Arm CCA Firmware"
Researchers at Columbia Engineering, working with Arm, a semiconductor IP and software design company, has revealed key verification technologies for the Arm Confidential Compute Architecture (Arm CCA), a new feature of the Armv9-A architecture. Their…
-
"Average American Accesses Suspicious Sites 6.5 Times a Day"
Security researchers at AT&T discovered that the average person happens upon a suspicious online site or social media account 6.5 times a day. The researchers surveyed 2000 general population Americans. The researchers found that 54% of…
-
"How Attackers Could Dupe Developers into Downloading Malicious Code From GitHub"
It is simple to counterfeit the metadata that developers look at when determining whether to use an open-source project on GitHub, giving attackers a chance to deceive users into downloading malicious code. The researchers at Checkmarx caution in a new…
News