Researchers at Cynerio have discovered critical zero-day vulnerabilities in Aethon TUG smart autonomous mobile robots, which are used globally in hospitals. The Aethon TUG robot performs manual labor tasks and delivers hospital supplies and medications.…

According to researchers at the cybersecurity company Sophos, LockBit ransomware actors hid in the network of a regional US government agency for at least five months before deploying the payload. The attackers attempted to remove their tracks by…

SuperCare Health, a California-based respiratory care provider, has revealed it had been hit by a data breach that affected more than 300,000 individuals.  The company discovered the incident on July 27, 2021, when unauthorized activity was detected…

Security researchers at Imperva have discovered that consumer trust in the organizations they do business with is at rock bottom, leading many to “give up” on security.  The researchers polled over 6700 consumers across the US, Singapore, UK, and…

A new study by researchers at Penn State University finds that the standard business practice of renting space and IP addresses on a public server can lead to cloud squatting, which creates a security risk, putting sensitive customer and organization…

Ravi Sen, a Texas A&M cybersecurity researcher, brings further attention to how information shared online can help hackers successfully execute phishing attacks. Using the Internet results in the creation of a trail of data or a set of digital…

Artificial intelligence (AI) applications within business and government organizations are being adopted rapidly.  Some of the AI applications being adopted rapidly include: automating activities to function more efficiently, reshaping shopping…

The developers behind Raspberry Pi have enhanced security.  A senior principal software engineer explained that previously, users were able to keep the default username “pi.” They were also able to bypass a setup wizard which requested users to…

A team of researchers at Salt Security's Salt Labs discovered a Server-Side Request Forgery (SSRF) flaw in the Application Programming Interface (API) of a large financial technology (fintech) platform. The flaw could have compromised millions of bank…

HOTSOS 2022 BEST UNDERGRADUATE POSTER AWARD Congratulations to Sanjana Cheerla at NCSU for winning the HoTSoS Best Undergraduate Poster Award for their poster Identifying Online Misbehavior. Check out the Announcement & Closing Remarks…

HOTSOS 2022 BEST POSTER AWARD Congratulations to Samin Yaseer Mahmud & William Enck at NCSU for winning the HoTSoS Best Poster Award for their poster A Study of Security Weakness in Android Payment Service Provider SDKs.  Check out…

A team at Website Planet has found that a configuration error exposed millions of internal records traced back to Fox News, including personally identifiable information on employees.  The researchers claimed that anyone with an internet connection…