research
A botnet of smart irrigation systems can deplete a city’s water supply
Ben-Gurion University of the Negev (BGU) cyber security researchers warn of a potential distributed attack against urban water services that uses a botnet of smart irrigation …
Should we add bugs to software to put off attackers?
A group of New York University researchers are testing a new approach to software security: adding more bugs to it instead of removing them. The idea is to “drown …
Researchers open source tools to identify Twitter bots at scale
Duo Security published technical research and methodology detailing how to identify automated Twitter accounts, known as bots, at a mass scale. Using machine learning …
Vulnerability research and responsible disclosure: Advice from an industry veteran
“Everything changes once you have to supervise and mentor and schedule and coordinate and keep in mind all the things others don’t. You often have to hold back your own …
Gargoyle: Innovative solution for preventing insider attacks
A group of researchers from UNSW Sydney, Macquarie University, and Purdue University has released a paper on a new and very promising network-based solution for preventing …
Ticketmaster breach part of massive credit card skimming campaign
RiskIQ researchers have discovered that the recent breach of Ticketmaster was not a one-off event as initially reported, but part of a massive digital credit card-skimming …
New insider attack steals passwords by reading thermal energy from keyboards
After entering a password, your regular computer keyboard might appear to look the same as always, but a new approach harvesting thermal energy can illuminate the recently …
New LTE attacks can reveal accessed websites, direct victims to malicious sites
Three new attacks against the LTE 4G wireless data communications technology have been pinpointed by researchers from Ruhr-University Bochum and New York University Abu Dhabi. …
Researchers release app that masks printers’ tracking dots
Did you know that nearly all modern color laser printers put tracking patterns of tiny yellow dots on each piece of paper they print? Most printer manufacturers include these …
How criminals abuse IDNs to conduct malicious activities
New research from Farsight Security examines the prevalence and distribution of IDN lookalike domain names, also called homographs, over a 12-month period with a focus on 466 …
Underground vendors can reliably obtain code signing certificates from CAs
More and more malware authors are switching to buying new, valid code signing certificates issued by Certificate Authorities instead of using stolen (compromised) ones, …
Inferring Internet security posture by country through port scanning
In this podcast, Tod Beardsley, Director of Research at Rapid7, talks about the recently released National Exposure Index, which aims to better understand the nature of …
Featured news
Resources
Don't miss
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft
- Forward-thinking CISOs are shining a light on shadow IT
- Inside the AI-driven threat landscape
- Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
- Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439)