Cybercrooks get cozy with BoxedApp to dodge detection
Some of the biggest names in the game are hopping on the trend
Research04 Jun 2024 | 2
Research
Researchers warn robot cars can be crashed with tinfoil and paint daubed on cardboard
Use Baidu's platform to show how the fusion of Lidar, radar, and cameras can be fooled by stuff from your kids' craft box
Research03 Jun 2024 | 34
Pretty much all the headaches at MSPs stem from cybersecurity
More cybercrime means more problems as understaffed teams stretched to the limit
Research30 May 2024 | 14
How Apple Wi-Fi Positioning System can be abused to track people around the globe
In-depth SpaceX is smart on this, Cupertino and GL.iNet not so much
Networks23 May 2024 | 78
'China-aligned' spyware slingers operating since 2018 unmasked at last
Unfading Sea Haze adept at staying under the radar
Research23 May 2024 | 1
Uncle Sam to inject $50M into auto-patcher for hospital IT
Boffins, why not simply invent an algorithm that autonomously fixes flaws, thereby ending ransomware forever
Public Sector22 May 2024 | 33
Critical Fluent Bit bug affects all major cloud providers, say researchers
Crashes galore, plus especially crafty crims could use it for much worse
Research21 May 2024 | 2
With ransomware whales becoming so dominant, would-be challengers ask 'what's the point?'
Fewer rivals on the scene as big-gang success soars
Research21 May 2024 | 3
Researchers call out QNAP for dragging its heels on patch development
WatchTowr publishes report claiming vendor failed to issue fixes after four months
Research20 May 2024 | 4
An attorney says she saw her library reading habits reflected in mobile ads. That's not supposed to happen
Feature Follow us down this deep rabbit hole of privacy policy after privacy policy
Personal Tech18 May 2024 | 140
AI red-teaming tools helped X-Force break into a major tech manufacturer 'in 8 hours'
RSAC Hint: It's the 'the largest' maker of a key computer component
Spotlight on RSA13 May 2024 | 7
GhostStripe attack haunts self-driving cars by making them ignore road signs
Cameras tested are specced for Baidu's Apollo
Research10 May 2024 | 51
Watch out for rogue DHCP servers decloaking your VPN connections
Avoid traffic-redirecting snoops who have TunnelVision
Spotlight on RSA07 May 2024 | 34
Brit security guard biz exposes 1.2M files via unprotected database
Exclusive Thousands of ID cards plus CCTV snaps of suspects found online
Research07 May 2024 | 25
Meta, Spotify break Apple's device fingerprinting rules – new claim
Updated And the iOS titan doesn't seem that bothered with data leaking out
Research07 May 2024 | 29
Governments issue alerts after 'sophisticated' state-backed actor found exploiting flaws in Cisco security boxes
Don't get too comfortable: 'Line Dancer' malware may be targeting other vendors, too
Security24 Apr 2024 | 11
If Britain is so bothered by China, why do these .gov.uk sites use Chinese ad brokers?
Exclusive One wonders why are there adverts on public-sector portals at all
Research24 Apr 2024 | 109
Old Windows print spooler bug is latest target of Russia's Fancy Bear gang
Putin's pals use 'GooseEgg' malware to launch attacks you can defeat with patches or deletion
Security23 Apr 2024 | 7
Researchers claim Windows Defender can be fooled into deleting databases
BLACK HAT ASIA Two rounds of reports and patches may not have completely closed this hole
Security22 Apr 2024 | 19
Kremlin's Sandworm blamed for cyberattacks on US, European water utilities
Water tank overflowed during one system malfunction, says Mandiant
Research17 Apr 2024 | 10
OpenAI's GPT-4 can exploit real vulnerabilities by reading security advisories
While some other LLMs appear to flat-out suck
AI + ML17 Apr 2024 | 6
Alleged cryptojacker accused of stealing $3.5M from cloud to mine under $1M in crypto
No prizes for guessing the victims
Research16 Apr 2024 | 2
96% of US hospital websites share visitor info with Meta, Google, data brokers
Could have been worse – last time researchers checked it was 98.6%
Research11 Apr 2024 | 13
Global taxi software vendor exposes details of nearly 300K across UK and Ireland
Exclusive High-profile individuals including MPs said to be caught up in leak
Research11 Apr 2024 | 7
It's 2024 and Intel silicon is still haunted by data-spilling Spectre
Go, go InSpectre Gadget
Research10 Apr 2024 | 23
What can be done to protect open source devs from next xz backdoor drama?
Kettle What happened, how it was found, and what your vultures have made of it all
Research06 Apr 2024 | 93
Hotel check-in terminal bug spews out access codes for guest rooms
Attacks could be completed in seconds, compromising customer safety
Research05 Apr 2024 | 31
Security pioneer Ross Anderson dies at 67
Obituary A man with a list of accolades long enough for several lifetimes, friends remember his brilliance
Research03 Apr 2024 | 35
Malicious xz backdoor reveals fragility of open source
Analysis This time, we got lucky. It mostly affected bleeding-edge distros. But that's not a defense strategy
Devops01 Apr 2024 | 98
Row breaks out over true severity of two DNSSEC flaws
Updated Some of us would be happy being rated 7.5 out of 10, just sayin'
CSO26 Mar 2024 | 11
GoFetch security exploit can't be disabled on M1 and M2 Apple chips
For now, cryptographic work should be run on slower Icestorm cores
Research25 Mar 2024 | 14
Some 300,000 IPs vulnerable to this Loop DoS attack
Easy to exploit, not yet exploited, not widely patched – pick three
Research24 Mar 2024 | 24
3 million doors open to uninvited guests in keycard exploit
As months go by without fixes, hotels take the scenic route to securing rooms
Research22 Mar 2024 | 53
Hardware-level Apple Silicon vulnerability can leak cryptographic keys
Short of redesigning CPUs, the fix will seriously degrade performance
Research22 Mar 2024 | 22
Truck-to-truck worm could infect – and disrupt – entire US commercial fleet
The device that makes it possible is required in all American big rigs, and has poor security
Security22 Mar 2024 | 74
It's 2024 and North Korea's Kimsuky gang is exploiting Windows Help files
New infostealer may indicate a shift in tactics – and maybe targets too, beyond Asia
Research21 Mar 2024 | 5
As if working at Helldesk weren't bad enough, IT helpers now targeted by cybercrims
Wave of Okta attacks mark what researchers are calling the biggest security trend of the year
Research15 Mar 2024 | 15
Poking holes in Google tech bagged bug hunters $10M
A $2M drop from previous year. So … things are more secure?
Security13 Mar 2024 | 4
Apple promises to protect iMessage chats from quantum computers
Easy to defend against stuff that may never actually work – oh there we go again, being all cynical like
Research21 Feb 2024 | 30
How to weaponize LLMs to auto-hijack websites
We speak to professor who with colleagues tooled up OpenAI's GPT-4 and other neural nets
Research17 Feb 2024 | 24
Cutting kids off from the dark web – the solution can only ever be social
Expert weighs in after Brianna Ghey murder amid worrying rates of child cybercrime
Cyber-crime16 Feb 2024 | 93
Cybercriminals are stealing iOS users' face scans to break into mobile banking accounts
Deepfake-enabled attacks against Android and iPhone users are netting criminals serious cash
Research15 Feb 2024 | 30
Miscreants turn to ad tech to measure malware metrics
Now that's what you call dual-use tech
Research15 Feb 2024 | 4
Raspberry Robin devs are buying exploits for faster attacks
One of most important malware loaders to cybercrims who are jumping on vulnerabilities faster than ever
Research08 Feb 2024 | 2
Raspberry Pi Pico cracks BitLocker in under a minute
Windows encryption feature defeated by $10 and a YouTube tutorial
Research07 Feb 2024 | 143
New kids on the ransomware block in 2023: Akira and 8Base lead dozens of newbies
How good are your takedowns when fresh gangs are linked to previous ops, though?
Research06 Feb 2024 | 1
Researchers remotely exploit devices used to manage safe aircraft landings and takeoffs
The closest thing we may ever get to a real-life Die Hard 2 scenario
Research03 Feb 2024 | 17
Nearly 4-year-old Cisco vuln linked to recent Akira ransomware attacks
Evidence mounts of an exploit gatekept within Russia's borders
Research31 Jan 2024 |
COVID-19 test lab accused of exposing 1.3 million patient records to open internet
Now that's a Dutch crunch
Research24 Jan 2024 | 2
IT consultant fined for daring to expose shoddy security
Spotting a plaintext password and using it in research without authorization deemed a crime
Research19 Jan 2024 | 94
Google TAG: Kremlin cyber spies move into malware with a custom backdoor
The threat hunters believe COLDRIVER has used SPICA since at least November 2022
Research18 Jan 2024 | 5
Vast botnet hijacks smart TVs for prime-time cybercrime
Updated 8-year-old op responsible for DDoS attacks and commandeering broadcasts to push war material
Research18 Jan 2024 | 7
Apple, AMD, Qualcomm GPU security hole lets miscreants snoop on AI training and chats
So much for isolation
Research17 Jan 2024 | 1
What's worse than paying an extortion bot that auto-pwned your database?
Paying one that lied to you and only saved the first 20 rows of each table
Research17 Jan 2024 | 17
More than 178,000 SonicWall firewalls are exposed to old denial of service bugs
Updated Majority of public-facing devices still unpatched against critical vulns from as far back as 2022
Research16 Jan 2024 | 8
So, are we going to talk about how GitHub is an absolute boon for malware, or nah?
Microsoft says it's doing its best to crack down on crims
Research12 Jan 2024 | 23
Drivers: We'll take that plain dumb car over a flashy data-spilling internet one, thanks
CES Now that's a smart move
Research12 Jan 2024 | 193
And that's a wrap for Babuk Tortilla ransomware as free decryptor released
Experts' job made 'straightforward' by crooks failing to update encryption schema after three years
Research09 Jan 2024 | 3
Google password resets not enough to stop these info-stealing malware strains
Updated Now every miscreant is jumping on Big G's OAuth account security hole
Research02 Jan 2024 | 12
NKabuse backdoor harnesses blockchain brawn to hit several architectures
Novel malware adapts delivers DDoS attacks and provides RAT functionality
Research15 Dec 2023 | 3
Biting the hand that feeds IT
