research

Researchers reveal the latest lateral phishing tactics
Emails coming from legitimate, compromised accounts are difficult to spot, both for existing email protection systems and the recipients themselves. Lateral phishing tactics …

Researchers discover 40+ insecure drivers for Windows
Spurred by several past instances of attackers abusing device drivers to install a kernel rootkit or malicious firmware implants, Eclypsium researchers have decided to probe …

AWDL flaws open Apple users to tracking, MitM, malware planting
Vulnerabilities in Apple Wireless Direct Link (AWDL), the wireless protocol that underpins Apple’s AirPlay and AirDrop services, could allow attackers to track users in …

While cybercriminals abuse Twitter, threat researchers use it to boost threat intelligence efforts
Cybercriminals are abusing Twitter via tech support scams, command-and-control (C&C) operations and data exfiltration, according to Trend Micro. Misuse of social networks …

Thwart the pressing threat of RDP password attacks
How long does it takes for Internet-facing, RDP-enabled computers to come under attack? In some cases, a few minutes. In most, less than 24 hours. The problem with RDP …

Do you have what it takes to be a hardware hacker?
If you ask Yago Hansen, a hacker specialized in Wi-Fi and RF security, curiosity and a willingness to learn and improve your skills are the two things that you absolutely must …

Inside the NIST team working to make cybersecurity more user-friendly
Cybersecurity is usually not a user’s primary duty, yet they suffer an increasing burden to respond to security warnings, maintain many complex passwords, and make security …

Emergency Presidential Alerts can be spoofed, researchers warn
Spurred by the panic-inducing fake alarm about an inbound ballistic missile received by Hawaii residents in January 2018, a group of researchers from University of Colorado …

Researchers develop a technique to vaccinate algorithms against adversarial attacks
A set of techniques to effectively vaccinate algorithms against adversarial attacks have been developed by researchers from CSIRO’s Data61. Algorithms …

High-risk vulnerabilities found in 1/3 of iOS apps, nearly half of Android apps
Expert testing of iOS and Android mobile applications shows that in most cases, insecure data storage is the most common security flaw in mobile apps. Positive Technologies’ …

Researchers develop app to detect Twitter bots in any language
Thanks to fruitful collaboration between language scholars and machine learning specialists, a new application that can detect Twitter bots independent of the language used …

Researchers devise RAMBleed attack to grab secret data from memory
Researchers have demonstrated a new variation of the Rowhammer attack: dubbed RAMBleed, it may allow attackers to read data stored inside the computer’s physical memory. …
Featured news
Resources
Don't miss
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)
- RIFT: New open-source tool from Microsoft helps analyze Rust malware