research
For timely vulnerability information, unofficial sources are a better bet
From over 12,500 disclosed Common Vulnerabilities and Exposures (CVEs), more than 75% were publicly reported online before they were published to the NIST’s centralized …
Dark web fraud guides reveal potential threats to orgs
An in-depth look at content from more than 1,000 fraud guides available for sale on the dark web revealed that the majority of these guides are useless. Still, as many as 20 …
What’s really stopping users from adopting secure communication tools?
“Users’ goal to communicate with others overrides everything else, including security,” a group of researchers has concluded after interviewing sixty individuals …
Attacks within the Dark Web
For six months, Trend Micro researchers operated a honeypot setup simulating several underground services on the Dark Web. The goal of their research was to see if those …
Wi-Fi holography: Generate a 3D image of space using stray Wi-Fi signals
Scientists at the Technical University of Munich (TUM) have developed a holographic imaging process that depicts the radiation of a Wi-Fi transmitter to generate …
Hackers can use subtitles to take over millions of devices running VLC, Kodi, Popcorn Time and Stremio
Check Point researchers revealed a new attack vector threatening millions of users of popular media players, including VLC, Kodi (XBMC), Popcorn Time and Stremio. By crafting …
SCADA systems plagued by insecure development and slow patching
“Behind most modern conveniences, there exists a SCADA system somewhere that controls them,” Trend Micro researchers pointed out in a new report that delves in the …
The privacy threat of IoT device traffic rate metadata
Even though many IoT devices for smart homes encrypt their traffic, a passive network observer – e.g. an ISP, or a neighborhood WiFi eavesdropper – can infer …
Advantages of quantum processing shown in head-to-head race
A prototype quantum processor repeatedly beat a traditional, classical processor in a race to solve a puzzle, figuring out a secret combination up to 100 times faster by using …
Defeating Magento security mechanisms: Attacks used in the real world
DefenseCode recently discovered and reported multiple stored cross-site scripting and cross-site request forgery vulnerabilities in Magento 1 and 2 which will be addressed in …
Critical RCE flaw in ATM security software found
Researchers from Positive Technologies have unearthed a critical vulnerability (CVE-2017-6968) in Checker ATM Security by Spanish corporate group GMV Innovating Solutions. The …
Hacking industrial robots in today’s smart factories
It has been estimated that by 2018, approximately 1.3 million industrial robot units – mechanical multi-axis “arms” used for automating various operations – will …