The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of critical-severity security flaws in GE’s Universal Relay (UR) family of power management devices.  GE’s UR devices are computing devices that allow users to control the…

The oil giant Shell is a customer of Accellion's File Transfer Appliance (FTA) product and is the latest company to announce that they were affected by a data breach due to adversaries targeting vulnerabilities in the legacy file transfer software.…

Researchers from the University of Oxford, WMG, University of Warwick, Abertay University, University of Kent, and the University of Strathclyde worked together in a study titled, "Cyber Security in the Age of COVID-19: A Timeline and Analysis of Cyber-…

CopperStealer is a newly documented China-based malware that has stolen user credentials on major platforms, including Facebook, Instagram, Apple, Amazon, Bing, PayPal, Tumblr, Twitter, and Google. Proofpoint researchers were first alerted about the…

Researchers at McAfee Labs Advanced Threat Research discovered critical vulnerabilities in the Netop Vision Pro system that could allow attackers to hijack school networks, deliver malware, determine students' IP addresses, eavesdrop, and more.  …

Microsoft released a new one-click tool called the Microsoft Exchange On-Premises Mitigation Tool to help businesses protect themselves from threats associated with the recent Microsoft email server software hack. According to the White House's…

​Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.

Security researcher and programmer David Buchanan has discovered a new steganography method that involves hiding up to three MB of data inside a Portable Networks Graphics (PNG) image file posted on Twitter. Cybercriminals can use steganography to hide…

The CISA Hunt and Incident Response Program (CHIRP) is a new forensics collection tool developed by the U.S. Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) to help network defenders detect signs of advanced…

More and more organizations are adopting passwordless authentication. Researchers at Gartner predict that, by 2022, 60% of large and global enterprises and 90% of midsize enterprises will implement passwordless methods in more than half of use…

A Delphi study was done on the risk posed to individuals who disclose personal information online. The study highlighted priorities for protecting personal privacy online. The study is based on the views of a panel of experts in privacy and…

Security researchers found a security blip in the current version of Zoom, which could inadvertently leak users' data to other meeting participants on a call. The data is only leaked briefly, making a potential attack difficult to carry out.  The…