research
ChatGPT shows promise in detecting phishing sites
ChatGPT can be used to generate phishing sites, but could it also be used to reliably detect them? Security researchers have tried to answer that question. Can ChatGPT detect …
DarkBERT could help automate dark web mining for cyber threat intelligence
Researchers have developed DarkBERT, a language model pretrained on dark web data, to help cybersecurity pros extract cyber threat intelligence (CTI) from the Internet’s …
Cybercriminals use simple trick to obtain personal data
People reveal more personal information when you ask them the same questions a second time – according to new research from the University of East Anglia. A new study reveals …
Europol details ChatGPT’s potential for criminal abuse
With the increased public interest in ChatGPT, the Europol Innovation Lab took the matter seriously and conducted a series of workshops involving subject matter experts from …
How to combat hardware Trojans by detecting microchip manipulations
Not only do security vulnerabilities lurk within software, but they can also be embedded directly into hardware, leaving technical applications open to widespread attack. For …
Samsung, Vivo, Google phones open to remote compromise without user interaction
Several vulnerabilities in Samsung’s Exynos chipsets may allow attackers to remotely compromise specific Samsung Galaxy, Vivo and Google Pixel mobile phones with no user …
Most security pros turn to unauthorized AI tools at work
Security experts are increasingly resorting to unauthorized AI tools, possibly because they are unhappy with the level of automation implemented in their organization’s …
Data loss prevention company hacked by Tick cyberespionage group
ESET researchers have uncovered a compromise of an East Asian data loss prevention (DLP) company. The attackers utilized at least three malware families during the intrusion, …
Massive GitHub analysis reveals 10 million secrets hidden in 1 billion commits
GitGuardian scanned 1.027 billion new GitHub commits in 2022 (+20% compared to 2021) and found 10,000,000 secrets occurrences (+67% compared to 2022). What is interesting …
Vulnerability in DJI drones may reveal pilot’s location
Serious security vulnerabilities have been identified in multiple DJI drones. These weaknesses had the potential to allow users to modify crucial drone identification details …
BlackLotus UEFI bootkit disables Windows security mechanisms
ESET researchers have published the first analysis of a UEFI bootkit capable of circumventing UEFI Secure Boot, a critical platform security feature. The functionality of the …
Moving target defense must keep cyber attackers guessing
A cybersecurity technique that shuffles network addresses like a blackjack dealer shuffles playing cards could effectively befuddle hackers gambling for control of a military …