research
Researchers shed light on hidden root CAs
How widespread is the use of hidden root CAs and certificates signed by them? To answer that and other questions, a group of researchers from several Chinese and U.S. …
Intel chip flaw could enable attacks on laptops, cars, medical devices (CVE-2021-0146)
Researchers uncovered a vulnerability in Intel Processors that could affect laptops, cars and embedded systems. The flaw (CVE-2021-0146) enables testing or debugging modes on …
Trojan Source bugs may lead to extensive supply-chain attacks on source code
Cambridge University researchers have detailed a new way targeted vulnerabilities can be introduced into source code while making them invisible to human code reviewers, …
BEC attacks: Scammers’ latest tricks
BEC attacks are generally low-volume but, according to a recent survey by GreatHorn, 71% of organizations experienced at least one in the past year. Trend Micro’s latest …
A malicious document could lead to RCE in Apache OpenOffice (CVE-2021-33035)
Apache OpenOffice, one of the most popular open-source office productivity software suites, sports a RCE vulnerability (CVE-2021-33035) that could be triggered via a specially …
Researchers pinpoint ransomware gangs’ ideal enterprise victims
Researchers with threat intelligence company KELA have recently analyzed 48 active threads on underground (dark web) marketplaces made by threat actors looking to buy access …
Employees participating in unethical behaviors to help an organization actually harm themselves
When employees participate in unethical behaviors meant to help an organization, such as lying about products or withholding negative information about the organization, this …
Critical vulnerabilities may allow attackers to compromise hospitals’ pneumatic tube system
Armis researchers have unearthed critical vulnerabilities in Swisslog Healthcare’s Translogic pneumatic tube system, which plays a crucial role in patient care in more …
Image encryption technique could keep photos safe on popular cloud photo services
The past decade has witnessed scandal after scandal over private images maliciously or accidentally made public. A study from computer scientists at Columbia Engineering …
Critical vulnerability in Schneider Electric Modicon PLCs can lead to RCE (CVE-2021-22779)
Researchers at Armis discovered an authentication bypass vulnerability (CVE-2021-22779) in Schneider Electric’s Modicon programmable logic controllers (PLCs) that can …
Paving the way for women in industrial cybersecurity research
The professional journey an individual takes is heavily influenced by the people they are surrounded with throughout their life. From an early age, I knew I wanted to study …
What are the traits of individuals more likely to demonstrate trolling behaviors?
As social media and other online networking sites have grown in usage, so too has trolling – an internet practice in which users intentionally seek to draw others into …