research

Netflix, Dropbox promise not to sue security researchers, with caveats
Netflix and Dropbox have both noted recently that they won’t sue security researchers who find and disclose vulnerabilities in their products. The only caveat is: the …

Privilege escalation on Unix machines via plugins for text editors
Several of the most popular extensible text editors for Unix environments could be misused by attackers to escalate privileges on targeted systems, SafeBreach researchers have …

A look inside the big business of cybercrime
For three months, Armor’s Threat Resistance Unit (TRU) research team compiled and analyzed data from the black market to shed light on the type of activity threat actors are …

New LTE attacks open users to eavesdropping, fake messages, location spoofing
A group of researchers has uncovered ten new attacks against the 4G LTE wireless data communications technology for mobile devices and data terminals. The attacks exploit …

Keeping on top of ICS-focused hacking groups, defenses
How many hacking groups are focusing on ICS systems? Dragos security researchers say at least five were active in 2017. “While only one has demonstrated an apparent …

Is that smart device secure, and will it protect your privacy?
The decision to introduce a new smart device into your home should come only after you’ve answered these two questions affirmatively: “Will the device improve the …

Private browsing is not that private, but it can be
Private, “Incognito mode” browsing sessions are not as foolproof as most users believe them to be. “After a private session terminates, the browser is …

Which phishing messages have a near 100% click rate?
Training employees to spot phishing emails, messages and phone calls can’t be done just once or once a year if the organization wants to see click rates decrease. For …

Afraid of AI? We should be
Not (yet!) of a sentient digital entity that could turn rogue and cause the end of mankind, but the exploitation of artificial intelligence and machine learning for nefarious …

Polisis: AI-based framework for analyzing privacy policies in real time
It has been known for a while that the overwhelming majority of Internet users doesn’t read privacy policies and terms of service before agreeing to them. Those few that do …

How to track smartphone users when they’ve turned off GPS
As it turns out, turning off location services (e.g., GPS) on your smartphone doesn’t mean an attacker can’t use the device to pinpoint your location. A group of …

Researchers showcase automated cyber threat anticipation system
A group of researchers is trying to develop an automatic early warning system that should help defenders take preventative action before specific cyber attacks start …
Featured news
Resources
Don't miss
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)
- RIFT: New open-source tool from Microsoft helps analyze Rust malware