research
Should you block newly registered domains? Researchers say yes
7 out of 10 newly registered domains (NRDs) are either malicious, suspicious or not safe for work, say Palo Alto Networks researchers, and advise organizations to block access …
Identifying vulnerable IoT devices by the companion app they use
For better or worse, connected “smart” devices are springing up like mushrooms. There is no doubt that they can be very helpful but, unfortunately, most have a …
Researchers reveal the latest lateral phishing tactics
Emails coming from legitimate, compromised accounts are difficult to spot, both for existing email protection systems and the recipients themselves. Lateral phishing tactics …
Researchers discover 40+ insecure drivers for Windows
Spurred by several past instances of attackers abusing device drivers to install a kernel rootkit or malicious firmware implants, Eclypsium researchers have decided to probe …
AWDL flaws open Apple users to tracking, MitM, malware planting
Vulnerabilities in Apple Wireless Direct Link (AWDL), the wireless protocol that underpins Apple’s AirPlay and AirDrop services, could allow attackers to track users in …
While cybercriminals abuse Twitter, threat researchers use it to boost threat intelligence efforts
Cybercriminals are abusing Twitter via tech support scams, command-and-control (C&C) operations and data exfiltration, according to Trend Micro. Misuse of social networks …
Thwart the pressing threat of RDP password attacks
How long does it takes for Internet-facing, RDP-enabled computers to come under attack? In some cases, a few minutes. In most, less than 24 hours. The problem with RDP …
Do you have what it takes to be a hardware hacker?
If you ask Yago Hansen, a hacker specialized in Wi-Fi and RF security, curiosity and a willingness to learn and improve your skills are the two things that you absolutely must …
Inside the NIST team working to make cybersecurity more user-friendly
Cybersecurity is usually not a user’s primary duty, yet they suffer an increasing burden to respond to security warnings, maintain many complex passwords, and make security …
Emergency Presidential Alerts can be spoofed, researchers warn
Spurred by the panic-inducing fake alarm about an inbound ballistic missile received by Hawaii residents in January 2018, a group of researchers from University of Colorado …
Researchers develop a technique to vaccinate algorithms against adversarial attacks
A set of techniques to effectively vaccinate algorithms against adversarial attacks have been developed by researchers from CSIRO’s Data61. Algorithms …
High-risk vulnerabilities found in 1/3 of iOS apps, nearly half of Android apps
Expert testing of iOS and Android mobile applications shows that in most cases, insecure data storage is the most common security flaw in mobile apps. Positive Technologies’ …