CISOs need to make protecting HR data a high priority during the Covid-19 pandemic.  Since most employees are working from home, companies are even more susceptible to data breaches.  If compromised, the data stored by HR can do a devastating…

A study conducted by researchers at the Georgia Institute of Technology suggests that botnets made up of electric ovens, hot-water heaters, electric vehicle chargers, air-conditioners, and other internet-connected high-wattage appliances, could be used…

In June, JSOF researchers disclosed a set of 19 vulnerabilities, dubbed "Ripple20," that affect millions of connected devices, including those used in the healthcare industry. These vulnerabilities were found in Treck's widely adopted low-level TCP/IP…

Researchers have found six serious bugs in Qualcomm’s Snapdragon mobile chipset.  The six bugs impact up to 40 percent of Android phones in use.  The flaws open up handsets made by Google, Samsung, LG, Xiaomi, and OnePlus to DoS and escalation-…

Researchers from Micro Focus Fortify have discovered more than 30 vulnerabilities in Microsoft SharePoint, Atlassian Confluence, and 18 other popular Content Management Systems (CMSs). CMSs enable the creation and modification of digital content for web…

Researchers at Barracuda Networks have discovered that cybercriminals are increasingly registering accounts with legitimate services, such as Gmail and AOL, to use them in impersonation and BEC attacks.  Barracuda researchers observed that 6,170…

The car security research team from Qihoo 360, called the Sky-Go Team, discovered over a dozen vulnerabilities in a Mercedes-Benz E-Class car by reverse-engineering the car's components using a  testbench they built. According to the researchers,…

Researchers have discovered a new vulnerability they are calling KrØØk (formally CVE-2019-15126).  KrØØk is a vulnerability in Broadcom and Cypress Wi-Fi chips that allows unauthorized decryption of some WPA2-encrypted traffic. Specifically, the bug…

A researcher at Oxford University demonstrated the potential exploitation of vulnerabilities in satellite broadband communications to intercept unencrypted web traffic through the use of an inexpensive satellite dish and a digital broadcasting satellite…

New research by threat analysts at Venafi reveals that the number of commodity malware campaigns exploiting machine identities doubled between 2018 and 2019. Applications and devices use machine identities that are made from cryptographic keys and…

Although smart home technologies are marketed to increase the convenience of our daily lives, many consumers still do not trust the privacy and security of these technologies. Researchers from WMG and Computer Science, University of Warwick, conducted a…

Security researchers at DBAPPSecurity have discovered an authentication bypass vulnerability, dubbed “BlueRepli.”  An adversary can bypass authentication by imitating a device that has previously been connected with a target. Victims do not need to…