News
-
Pub Crawl #58Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.
-
"Linux Bug in All Major Distros: 'An Attacker's Dream Come True'"Qualys researchers warn of a 12-year-old memory-corruption bug in Polkit's pkexec tool, which impacts every major Linux distribution. According to the researchers, the exploitation of the vulnerability, tracked as CVE-2021-4034, allows any unprivileged…
-
"The Threat of Hardware Trojan Horses Is Bigger Than We Have Thought"Security researchers at the Tallinn University of Technology (TalTech) have demonstrated that Hardware Trojan Horses can be inserted into computer chips during the fabrication process. After finalizing their insertion methodology, the entire layout…
-
SoS Musings #57 - Securing Building Automation SystemsSoS Musings #57 - Securing Building Automation Systems
-
Cyber Scene #64 - Cyber: Expanding and ConstrictingCyber Scene #64 - Cyber: Expanding and Constricting
-
Cybersecurity Snapshots #26 - North Korean Hackers Are Focusing on Stealing CryptocurrencyCybersecurity Snapshots #26 - North Korean Hackers Are Focusing on Stealing Cryptocurrency
-
Spotlight on Lablet Research #26 - Monitoring, Fusion, and Response for Cyber ResilienceSpotlight on Lablet Research #26 - Monitoring, Fusion, and Response for Cyber Resilience
-
"EyeMed Fined $600k Over Data Breach"An Ohio-based healthcare provider has been fined $600k over a data breach that exposed the records of 2.1 million patients across America. Adversaries targeted EyeMed Vision Care in June 2020. Attackers gained access to an EyeMed email…
-
"SonicWall Customers Warned of Possible Attacks Exploiting Recent Vulnerability"Security researchers at Rapid7 have discovered that hackers have started targeting a recently patched vulnerability affecting SonicWall's Secure Mobile Access (SMA) 100 series appliances. The security flaw in question is CVE-2021-20038, a critical…
-
"Mobile Banking Trojan BRATA Gains New, Dangerous Capabilities"The Android malware known as BRATA has new features that allow it to track device locations and do a factory reset in what appears to be an attempt to hide fraudulent wire transfers. According to researchers at the cybersecurity firm Cleafy, the latest…
-
"DTPacker Malware Steals Data, Loads Second-Stage Payloads"Proofpoint researchers have discovered a malware packer dubbed DTPacker that multiple threat actors are using to spread Remote Access Trojans (RATs), which are deployed to steal information and function as a springboard for launching other attacks such…
-
"NSA: Securing Cloud-Related PDFs Shouldn't Mean Sacrificing Usability"The increased use of editable Portable Document Files (PDFs) has created another path for attackers, but the National Security Agency (NSA) says the right configuration can protect most systems without sacrificing usability. NSA advises users to enable…