Researchers have found a previously undocumented backdoor, and document stealer, which is being used by the Russian-speaking Turla advanced persistent threat espionage group.  The researchers are calling the malware "Crutch."  The malware can…

According to a recent Cisco report,  a proactive technology refresh and a well-integrated technology stack are two security practices most likely than others to help organizations create a security culture, manage top risk, prevent security…

Researchers at the University of Maryland, Baltimore County (UMBC) and the University of Michigan-Dearborn worked together to develop a technique for detecting breaches in the security of vehicular communications networks. The Controller Area Network (…

Researchers at Prevasio scanned all four million images hosted at Docker Hub, the world’s most popular repository service for Linux-based containers. They found that over half of the publicly available Docker Hub container images contain at least one…

Meet the HoTSoS 2021 Team: Program Committee Members The HoTSoS Symposium is growing every year, and with it, we have decided to expand our Program Committee this year. For the next few weeks we will be creating news items introducing different Chairs…

Meet the HoTSoS 2021 Team: Social Media Chair HoTSoS is just around the corner again, and introductions to the 2021 Program Committee are in order. First up on the docket is John Symons (KU)! John will be serving as our Social Media Chair and we…

A security researcher with Google's Project Zero discovered a vulnerability that could have allowed hackers to take over a person's iPhone without having to trick victims into clicking any malicious links or downloading malware. The exploitation of this…

Meet the HoTSoS 2021 Team: Works-in-Progress Co-Chairs Kurt Kelville (MIT) and Aron Laszka (University of Houston) are our Works-in-Progress Co-Chairs for the 2021 Symposium. Happy to have these two on the Program Committee Team! About the…

The open-source security firm Sonatype found malicious NPM packages that install the njRAT remote access trojan. NPM, short for Node Package Manager, is a packet manager for the JavaScript programming language. Using njRAT, a threat actor can get full…

The insurance company Allianz recently released a report highlighting cyberattacks and security incidents as the top business risk for companies and the rise in cyber insurance claims. According to the firm's "Trend in Cyber Risk" report, the number of…

Researchers at Bishop Fox have discovered four vulnerabilities in the OpenClinic application used for sharing electronic medical records.  Its latest version is 0.8.2 and was released in 2016.  According to researchers, the four bugs involve…

Meet the HoTSoS 2021 Team: Poster Co-Chairs Welcome our "Poster Co-Chairs" for the upcoming HoTSoS Symposium Khir Henderson (Morgan State University) and Aleecia McDonald (CMU)! About the Chairs