Researchers design a chip that checks for sabotage
With the outsourcing of microchip design and fabrication a worldwide, $350 billion business, bad actors along the supply chain have many opportunities to install malicious …
research
Researchers pinpoint best times for delivering security messages
When is the best time to deliver a security message? A group of researchers from Brigham Young University has been tracking users’ neural activity while they are using a …
Compromising Linux virtual machines via FFS Rowhammer attack
A group of Dutch researchers have demonstrated a variant of the Rowhammer attack that can be used to successfully compromise Linux virtual machines on cloud servers. The Flip …
New method for detecting hardware Trojans
Modern computer chips are made up of hundreds of millions – often billions – of transistors. Such complexity enables the smartphone in your back pocket to perform all manner …
Hundreds of millions of cars can be easily unlocked by attackers
Security researchers have come up with a way to unlock cars manufactured by vendors around the world, and are set to present their findings on Friday at the Usenix security …
Over 300 new cyber threats pop up on underground markets each week
Approximately 305 new cyber threats are added each week on cybercrime markets and forums, mostly located on the dark web. The threats include information on newly developed …
There’s a way to use encrypted data without knowing what it holds
Microsoft researchers have devised a way for third parties to make use the vast amount of encrypted data stored in the cloud by companies and individuals, without them …
Malware hidden in digitally signed executables can bypass AV protection
Researchers have shown that it’s possible to hide malicious code in digitally signed executables without invalidating the certificate, and execute this code – all …
Remote Butler attack: APT groups’ dream come true
Microsoft security researchers have come up with an extension of the “Evil Maid” attack that allows attackers to bypass local Windows authentication to defeat full …
Security awareness training or no, users will keep clicking on dodgy links
There is no way to make humans never click on potentially dangerous links they receive, as the right combination of curiosity, context, and emotions will always beat security …
Four high-profile vulnerabilities in HTTP/2 revealed
Imperva released a new report at Black Hat USA 2016, which documents four high-profile vulnerabilities researchers at the Imperva Defense Center found in HTTP/2, the new …
Researchers continue hacking cars, and start on heavy vehicles
When Charlie Miller and Chris Valasek demonstrated a year ago how they can remotely exploit vulnerabilities in Chrysler’s 2014 Jeep Cherokee, and fiddle with its wipers, …