Researchers and businesses need to work together to expose IoT vulnerabilities
As the Internet of Things (IoT) grows and smart devices gain popularity, cybercriminals will continue to find new ways to exploit all connected things. Two new vulnerabilities …
Modern browser APIs can be abused for hijacking device resources
Powerful capabilities of modern browser APIs could be misused by attackers to take control of a site visitor’s browser, add it to their botnet, and use it for a variety of …
Sessions and events to check out at RSA Conference 2019
RSA Conference 2019 takes place next week in San Francisco. Here’s a brief overview of what to check out while you’re at the conference. Read more about keynotes …
How WebAuthn aims to solve the password problem
One of the most pervasive challenges in cybersecurity is the balancing act between protection and usability. Security measures have to prevent malicious actors from accessing …
Social media-enabled cybercrime is generating $3.25 billion a year
Social media-enabled cybercrime is generating at least $3.25B in global revenue annually, according to an extensive six-month academic study undertaken by Dr. Mike McGuire, …
Increasing security measures are driving cybercriminals to alter their techniques
Increased security measures and awareness are driving cybercriminals to alter their techniques in search of a better return on investment (ROI). Total recorded vulnerabilities …
Researchers eavesdrop on DNA synthesizer to steal genetic blueprint
Researchers from the University of California, Irvine (UCI) and the University of California, Riverside (UCR) have uncovered the possibility of an acoustic side-channel attack …
Consumer attitudes towards security breaches are changing significantly
Transatlantic businesses face greater short-term pain in the US but less long term retribution in the UK following a security breach, according to new data from payment …
PDF viewers, online validation services vulnerable to digital signature spoofing attacks
Academics from Ruhr University Bochum have proven that the majority of popular PDF viewer apps and online digital signature validation services can be tricked into validating …
Latest WinRAR, Drupal flaws under active exploitation
CVE-2018-20250, a WinRAR vulnerability that allows attackers to extract a malicious executable to one of the Windows Startup folder to be executed every time the system is …
OSSPatcher: Automated mobile application patching for bugs in open source libraries
Researchers from the Georgia Tech and Peking University are working on OSSPatcher, a system for automatic patching of vulnerable open source libraries included in mobile …
Many computers are vulnerable to hacking through common plug-in devices
Attackers can compromise an unattended machine in a matter of seconds through devices such as chargers and docking stations. Vulnerabilities were found in computers with …