How secure are mobile banking apps?
Do banking institutions have a good handle on the things they need to remediate and new control layers they need to adopt to keep users secure? To answer those questions, …
research
Top-ranked programming Web tutorials introduce vulnerabilities into software
Researchers from several German universities have checked the PHP codebases of over 64,000 projects on GitHub, and found 117 vulnerabilities that they believe have been …
Attacks exploiting software vulnerabilities are on the rise
Attacks conducted with the help of exploits are among the most effective as they generally do not require any user interaction, and can deliver dangerous code without arousing …
Linksys Smart Wi-Fi routers full of flaws, but temporary fix is available
Over 20 models of Linksys Smart Wi-Fi routers have been found to have vulnerabilities that, if exploited, could allow attackers to overload a router and force a reboot, deny …
Attackers can steal smartphone users’ PINs by tapping into data collected by mobile sensors
Researchers have demonstrated that a malicious website or app could work out smartphone users’ PINs or passwords based just on the data collected by various motion …
CLDAP reflection attacks generate up to 24 Gbps of traffic
Akamai researchers Jose Arteaga and Wilber Majia have identified a new Connection-less Lightweight Directory Access Protocol (CLDAP) reflection and amplification method. CLDAP …
Similarities in partial fingerprints may trick biometric security systems
No two people are believed to have identical fingerprints, but researchers at the New York University Tandon School of Engineering and Michigan State University College of …
Modern security programs: Artificial intelligence and machine learning
A new research report by Carbon Black aggregates insight from more than 400 interviews with leading cybersecurity researchers who discussed non-malware attacks, artificial …
Unpatched flaw opens Ubiquiti Networks devices to compromise
A critical vulnerability in many of Ubiquiti Networks’ networking devices can be exploited by attackers to take over control of the device and, if that device acts as a …
Fileless attack framework was used in many recent attacks
In the last month or so, a number of security companies spotted attackers targeting a variety of organizations around the world with spear-phishing emails delivering …
Double Robotics Telepresence Robot can be hacked
Rapid7 researchers have discovered a number of vulnerabilities in the Double Robotics Telepresence Robot, the company’s iPad-based telepresence device that looks a bit …
Android devices delivered to employees with pre-installed malware
A test of Android devices used in two unnamed companies revealed that 38 of them were infected with malware before being delivered to the employees. These were smartphones by …