Since the discovery of the original Spectre vulnerability, computer scientists from industry and academia have developed software patches and hardware defenses to protect the most vulnerable points in the speculative execution process without sacrificing…

A research team at Northeastern University finds code defects and some vulnerabilities by detecting inconsistent programming in which programmers use different code snippets to implement the same functions. The researchers used Machine Learning (ML) to…

Hackers and cybercriminals can do a lot of damage using mobile phone numbers. Using mobile phone numbers, malicious actors could execute SIM swapping attacks, conduct surveillance, and gain access to an individual's online profiles such as Facebook,…

Security researchers from Recorded Future have found that new deepfake products and services are cropping up across the Dark Web.  Cybercriminals are increasingly sharing, developing, and deploying deepfake technologies to bypass biometric security…

Security researchers at vpnMentor have discovered a misconfigured AWS S3 bucket leaking personal information on 70,000 customers of a popular paleolithic lifestyle site.  The researchers found the 290MB trove on February 4 and traced it back to…

Embracing neurodiversity could serve as an advantage to the cybersecurity field and help fill the cybersecurity workforce gap. The term "neurodiversity" covers conditions, including autistic spectrum disorders, ADHD, dyslexia, OCD, and other conditions…

A security researcher claims that the credit scores of almost every American were exposed through an API tool used by the Experian credit bureau, which he said was left open on a lender site without even basic security protections.  Experian, for…

Wyoming's Department of Health (WDH) has recently announced the accidental exposure of personal health information belonging to more than a quarter of people living in Wyoming on GitHub.com.  The data breach occurred when fifty-three files…

Ralf-Philipp Weinmann, CEO of Kunnamon, and Benedikt Schmotzle of Comsecuris demonstrated the use of a drone carrying a Wi-Fi dongle to hack and open a Tesla's doors remotely. The remote hack requires no interaction from anyone inside the car. According…

The Internet Systems Consortium (ISC) released updates for the BIND DNS software, patching vulnerabilities that could allow threat actors to perform denial-of-service (DoS) attacks and remote code execution. One of the flaws earned a CVSS score of 8.1.…

Researchers have discovered that the threat actors behind the notorious Emotet botnet managed to collect over four million victim email addresses over the past few years.  In all, 4,324,770 email addresses were found from a wide range of countries…

​Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.