research
Helping researchers with IoT firmware vulnerability discovery
John Toterhi, a security researcher with IoT security company Finite State, believes that many of the security problems plaguing IoT devices are solvable problems through …
DJI plugs security flaws that could have enabled access to users’ data and drone images
Researchers at Check Point and DJI today shared details of a potential vulnerability that could have impacted DJI’s infrastructure. Vulnerability impact If exploited, the …
Self-encrypting SSDs vulnerable to encryption bypass attacks
Researchers have discovered security holes in the hardware encryption implementation of several solid state disks (SSDs) manufactured by Crucial (owned by Micron) and Samsung, …
GPU side channel attacks can enable spying on web activity, password stealing
Computer scientists at the University of California, Riverside have revealed for the first time how easily attackers can use a computer’s graphics processing unit, or …
Beagle free visual analytics tool helps bring cybercriminals to justice
A team of researchers is helping law enforcement crack down on email scammers, thanks to a new visual analytics tool that speeds up forensic email investigations and …
Serverless botnets could soon become reality
We have been accustomed to think about botnets as a network of compromised machines – personal devices, IoT devices, servers – waiting for their masters’ …
Repairnator bot finds software bugs, successfully submits patches
Can a bot create valid, high-quality fixes for software bugs more rapidly than a human can, and get them accepted by human developers and permanently merged in the code base? …
Vulnerable controllers could allow attackers to manipulate marine diesel engines
Researchers have found several authentication and encryption vulnerabilities in the firmware of marine diesel engine controllers by Norwegian company Auto-Maskin, as well as …
Researchers expose security vulnerabilities in terahertz data links
A new study shows that terahertz data links, which may play a role in ultra-high-speed wireless data networks of the future, aren’t as immune to eavesdropping as many …
Stringent password rules lower risk of personal data breaches
The all-too-common practice of using the same email address/password combination to log into multiple websites can be damaging, especially for employers with many users and …
Health websites routinely share your activity with 57 third-parties
B9 Systems conducted research into the use of cookies by health websites and discovered that all the major players share your private information with, on average, 57 other …
Can we trust digital forensic evidence?
Research carried out at the University of York has suggested that more work is needed to show that digital forensic methods are robust enough to stand-up to interrogation in a …