research

How criminals abuse IDNs to conduct malicious activities
New research from Farsight Security examines the prevalence and distribution of IDN lookalike domain names, also called homographs, over a 12-month period with a focus on 466 …

Underground vendors can reliably obtain code signing certificates from CAs
More and more malware authors are switching to buying new, valid code signing certificates issued by Certificate Authorities instead of using stolen (compromised) ones, …

Inferring Internet security posture by country through port scanning
In this podcast, Tod Beardsley, Director of Research at Rapid7, talks about the recently released National Exposure Index, which aims to better understand the nature of …

3,000+ mobile apps leaking data from unsecured Firebase databases
Appthority published research on its discovery of a new HospitalGown threat variant that occurs when app developers fail to require authentication to Google Firebase …

Researcher hacks smart fingerprint padlock in mere seconds
The Tapplock one “smart” padlock, which received many rave reviews by tech-focused news sites and YouTubers, can be forced to open in under two seconds with a …

Vulnerable ship systems: Many left exposed to hacking
Pen Test Partners’ Ken Munro and his colleagues – some of which are former ship crew members who really understand bridge and propulsion systems – have been …

Are attackers harnessing your Redis server?
Earlier this year security researchers warned about vulnerable Apache Solr, Redis, and Windows servers hit with cryptominers. Imperva now says that that are still too many …

Will GDPR be the death of WHOIS?
Two cybersecurity and privacy attorneys recently argued that the General Data Protection Regulation (GDPR) will interfere with the availability of the WHOIS database and will …

Attacking hard disk drives using ultrasonic sounds
Another group of researchers has demonstrated that hard disk drives (HDDs) can be interfered with through sound waves, but they’ve also shown that ultrasonic signals …

Researchers hack BMW cars, discover 14 vulnerabilities
Keen Security Lab researchers have discovered fourteen vulnerabilities affecting a variety of BMW car models. The flaws could be exploited to gain local and remote access to …

America’s most cyber insecure cities exposed
Coronet researchers identified Las Vegas, Memphis and Charlotte as America’s most cyber insecure cities. “While big companies may have the budgets, personnel and …

The operations and economics of organized criminal email groups
Nine of the 10 captured organized criminal email groups operate out of Nigeria, they all leverage a multitude of attack methods, and business email compromise (BEC) is far …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)