IoT automation platforms open smart buildings to new threats
IoT automation platforms in smart buildings are presenting attackers with new opportunities for both physical and data compromise, Trend Micro researchers warn in a newly …
research
Modern browser APIs can be abused for hijacking device resources
Powerful capabilities of modern browser APIs could be misused by attackers to take control of a site visitor’s browser, add it to their botnet, and use it for a variety of …
Researchers eavesdrop on DNA synthesizer to steal genetic blueprint
Researchers from the University of California, Irvine (UCI) and the University of California, Riverside (UCR) have uncovered the possibility of an acoustic side-channel attack …
PDF viewers, online validation services vulnerable to digital signature spoofing attacks
Academics from Ruhr University Bochum have proven that the majority of popular PDF viewer apps and online digital signature validation services can be tricked into validating …
OSSPatcher: Automated mobile application patching for bugs in open source libraries
Researchers from the Georgia Tech and Peking University are working on OSSPatcher, a system for automatic patching of vulnerable open source libraries included in mobile …
Many computers are vulnerable to hacking through common plug-in devices
Attackers can compromise an unattended machine in a matter of seconds through devices such as chargers and docking stations. Vulnerabilities were found in computers with …
Flawed password managers allow malware to steal passwords from computer memory
The most widely used password managers sport fundamental vulnerabilities that could allow malware to steal the master password or other passwords stored by the software …
Detecting Trojan attacks against deep neural networks
A group of researchers with CSIRO’s Data61, the digital innovation arm of Australia’s national science agency, have been working on a system for run time detection of trojan …
SMBs spending a day each week dealing with cybersecurity issues
Almost half of UK small to medium-sized businesses (SMBs) believe a cyberattack would put their business at risk of closure, and 48 per cent of businesses report they have had …
Impersonation, sender forgery and corporate email spoofing top the charts
This Q4 of 2018 was a busy period for phishing scammers. INKY researchers saw a spike in email volume this time of year as people use email to gather their receipts from …
The problem with vulnerable IoT companion apps
There’s no shortage of exploitable security holes in widely used Internet of Things devices, so it shouldn’t come as a surprise that the communication between many …
Researchers reveal new privacy attack against 3G, 4G, and 5G mobile users
5G cellular mobile communications, when implemented, are expected to provide high bandwidth, low latency, energy savings, better connectivity, but security and privacy must …