research

How to avoid headaches when publishing a CVE

May 12, 2022

You have discovered a vulnerability. Congratulations! So, what happens next? Finding a CVE (Common Vulnerabilities and Exposures) is the first step in a process which starts …

Nimbuspwn bugs allow attackers to gain root privileges on some Linux machines (CVE-2022-29799, CVE-2022-29800)

April 27, 2022

Microsoft has unearthed two security vulnerabilities (CVE-2022-29799, CVE-2022-29800) in the networkd-dispatcher daemon that may be exploited by attackers to gain root on many …

How mobile app usage data could reveal a person’s identity

February 24, 2022

The time a person spends on different smartphone apps is enough to identify them from a larger group in more than one in three cases say researchers, who warn of the …

How hackers could use popular virtual reality headsets to steal sensitive information

February 18, 2022

Researchers at Rutgers University-New Brunswick have published “Face-Mic,” the first work examining how voice command features on virtual reality headsets could lead to major …

Preventing software security vulnerabilities with automation

February 9, 2022

A team of UTSA researchers is exploring how a new automated approach could prevent software security vulnerabilities. The team sought to develop a deep learning model that …

Researchers propose a new method for quantum computing in trapped ions

February 8, 2022

Physicists from the University of Amsterdam have proposed a new architecture for a scalable quantum computer. Making use of the collective motion of the constituent particles, …

VirusTotal Hacking: Finding stolen credentials hosted on VirusTotal

January 18, 2022

VirusTotal, the popular online service for analyzing suspicious files, URLs and IP addresses, can be used to collect credentials stolen by malware, researchers at SafeBreach …

Detect and identify IoT malware by analyzing electromagnetic signals

January 10, 2022

Electromagnetic (EM) emanations can be recorded and used to detect and identify malware running on IoT devices, a group of researchers working at IRISA have proven. The setup …

150+ HP multifunction printers open to attack (CVE-2021-39237, CVE-2021-39238)

November 30, 2021

Over 150 HP multifunction printers (MFPs) are open to attack via two exposed physical access port vulnerabilities (CVE-2021-39237) and two different font parsing …

Researchers shed light on hidden root CAs

November 19, 2021

How widespread is the use of hidden root CAs and certificates signed by them? To answer that and other questions, a group of researchers from several Chinese and U.S. …

Intel chip flaw could enable attacks on laptops, cars, medical devices (CVE-2021-0146)

November 15, 2021

Researchers uncovered a vulnerability in Intel Processors that could affect laptops, cars and embedded systems. The flaw (CVE-2021-0146) enables testing or debugging modes on …

Trojan Source bugs may lead to extensive supply-chain attacks on source code

November 2, 2021

Cambridge University researchers have detailed a new way targeted vulnerabilities can be introduced into source code while making them invisible to human code reviewers, …