research
For enterprises, malware is the most expensive type of attack
The cost to companies from malware and “malicious insider”-related cyberattacks jumped 12 percent in 2018 and accounted for one-third of all cyberattack costs, according to …
Sale of SSL/TLS certificates on the dark web is rampant
There is no dearth of compromised, fake and forged SSL/TLS certificates for sale on dark web markets, researchers have found. TLS certificates are sold individually and …
IoT automation platforms open smart buildings to new threats
IoT automation platforms in smart buildings are presenting attackers with new opportunities for both physical and data compromise, Trend Micro researchers warn in a newly …
Modern browser APIs can be abused for hijacking device resources
Powerful capabilities of modern browser APIs could be misused by attackers to take control of a site visitor’s browser, add it to their botnet, and use it for a variety of …
Researchers eavesdrop on DNA synthesizer to steal genetic blueprint
Researchers from the University of California, Irvine (UCI) and the University of California, Riverside (UCR) have uncovered the possibility of an acoustic side-channel attack …
PDF viewers, online validation services vulnerable to digital signature spoofing attacks
Academics from Ruhr University Bochum have proven that the majority of popular PDF viewer apps and online digital signature validation services can be tricked into validating …
OSSPatcher: Automated mobile application patching for bugs in open source libraries
Researchers from the Georgia Tech and Peking University are working on OSSPatcher, a system for automatic patching of vulnerable open source libraries included in mobile …
Many computers are vulnerable to hacking through common plug-in devices
Attackers can compromise an unattended machine in a matter of seconds through devices such as chargers and docking stations. Vulnerabilities were found in computers with …
Flawed password managers allow malware to steal passwords from computer memory
The most widely used password managers sport fundamental vulnerabilities that could allow malware to steal the master password or other passwords stored by the software …
Detecting Trojan attacks against deep neural networks
A group of researchers with CSIRO’s Data61, the digital innovation arm of Australia’s national science agency, have been working on a system for run time detection of trojan …
SMBs spending a day each week dealing with cybersecurity issues
Almost half of UK small to medium-sized businesses (SMBs) believe a cyberattack would put their business at risk of closure, and 48 per cent of businesses report they have had …
Impersonation, sender forgery and corporate email spoofing top the charts
This Q4 of 2018 was a busy period for phishing scammers. INKY researchers saw a spike in email volume this time of year as people use email to gather their receipts from …