Google researchers have discovered that Apple's Intelligent Tracking Prevention (ITP) could leave users exposed to privacy issues, including being tracked. Some of the flaws found with Safari's ITP have gotten fixed by an update, but not all. The flaw in…

​Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.

The National Security Agency on January 23 highlighted the agency's work with University of Illinois Urbana Champaign. “As one of the initial schools to be designated to host an NSA Science of Security (SoS) Lablet, Illinois has been instrumental in…

Researchers discovered that more than 250 million customer service and support records were exposed by Microsoft over two days in December 2019 due to a server misconfiguration.  The records included logs of exchanges between Microsoft’s customer…

A survey conducted by security researchers at Proofpoint to which 600 security professionals in seven countries responded, revealed that 33% of organizations that were hit with ransomware attacks gave in to the demands for a ransom payment. However, 22%…

Teserakt, a Swiss firm specialized in cryptography, recently introduced a type of cryptographic implant named E4, which is aimed at providing end-to-end encryption for Internet of Things (IoT) devices. E4 would be integrated into IoT manufacturers'…

Human Factors and Ergonomics Society (HFES) - Call for Papers HFES is looking for submissions of research and practice related to the human and cybersecurity!  HFES is interested in building a broad community between human and cyber experts. …

Studies conducted by Cleotilde Gonzalez, a professor in Social and Decision Sciences at Carnegie Mellon and her colleagues, delve deeper into the use of deception in cybersecurity. Using deception in cyber defense operations could help prevent the…

Spotlight on Lablet Research #2 - Project: Automated Synthesis Framework for Network Security and Resilience

Several cybersecurity-related bills have been passed by the House or the Senate and are likely to be candidates for further action. CSO Online gives an overview of these bills, which include the Cybersecurity Vulnerability Remediation Act, Hack Your…

On December 24, 2019, security researchers with VPNMentor discovered an unsecured Amazon S3 bucket owned by THSuite, a point-of-sale system (PoS) system in the cannabis industry. The database lacked authentication and security, thus leading to the…

Right before the start of the new year, a data breach faced by LifeLabs, one of Canada's major lab diagnostic and testing services, impacted 15 million Canadians. Data exposed in this breach included names, addresses, emails, login passwords, lab test…