Tag: Researchers

Threats & Malware, Vulnerabilities

Apple expands bug bounty program, opens it to all researchers, raises rewards

August 9, 2019

Via: Help Net Security

Three years ago at the Black Hat conference, Apple announced its first bug bounty program, which was invite-only and limited to iOS. At this year’s edition of the con, Ivan Krstić, Apple’s head of security engineering and architecture, announced changes […]

Network security, Vulnerabilities

Flaws in firmware expose almost any modern PC to Cold Boot Attacks

September 14, 2018

Via: Security Affairs

A team of security researchers demonstrated that the firmware running on nearly all modern computers is vulnerable to cold boot attacks. A team of experts from cybersecurity firm F-Secure has discovered security flaws affecting firmware in modern computers that could […]

Malware, Network security

Researchers Release Free TRITON/TRISIS Malware Detection Tools

August 9, 2018

Via: Dark Reading

BLACK HAT USA – Las Vegas – A team of ICS experts who spent the past year studying and re-creating the so-called TRITON/TRISIS malware that targeted a Schneider Electric safety instrumented system (SIS) at an oil and gas petrochemical plant […]

Application security, Network security

Researchers show how to manipulate road navigation systems with low-cost devices

July 17, 2018

Via: Security Affairs

Researchers have developed a tool that poses as GPS satellites to deceive nearby GPS receivers. The kit could be used to deceive receivers used by navigation systems and suggest drivers the wrong direction. “we explore the feasibility of a stealthy […]

Mobile security, Wireless security

Researchers Create Attacks That Compromise LTE Data Communication

July 2, 2018

Via: Security Week

Newly devised attacks on the Long Term Evolution (LTE) high-speed wireless standard break the confidentiality and privacy of communication, team of researchers claim. In a newly published paper (PDF), researchers from Ruhr-University Bochum and New York University Abu Dhabi present […]


Latest Sofacy Campaign Targeting Security Researchers

October 24, 2017

Via: Threat Post

Sofacy, the Russian-speaking APT group connected to interference in the 2016 U.S. presidential election, has been targeting researchers, admins and others interested in cybersecurity. Cisco’s security research arm Talos published a report on Sunday describing a campaign linked to Sofacy, […]

Editorial, Privacy protection

Is online anonymity just a myth?

August 4, 2017

Via: Russel Edwards

Browsing anonymity may seem appealing for various reasons. Regardless of whether they have something worth hiding/protecting or not, those who know better appreciate the value of online privacy protection. But is VPN-supported anonymity all it is rumored to be, or […]

Cyber warfare, Editorial

AI in cyber-security – or is it its mature counterpart, AGI?

July 20, 2017

Via: Russel Edwards

Many cyber-security professionals are waiting for the next stage of Artificial Intelligence-based algorithms. Ready to fight with what we may call automated malicious attacks, AI is yet in its testing phase, showing up in demos and uncoordinated software. It’s like […]


Vulnerabilities Found in Double Telepresence Robots

March 14, 2017

Via: Security Week

Researchers at Rapid7 discovered several vulnerabilities in Double telepresence robots from Double Robotics. The vendor has addressed the more serious issues with server-side fixes. Double is a robot that allows people to have a physical presence at their workplace or […]


A hard drive’s LED light can be used to covertly leak data

February 23, 2017

Via: CIO

The seemingly harmless blinking lights on servers and desktop PCs may give away secrets if a hacker can hijack them with malware. Researchers in Israel have come up with an innovative hack that turns a computer’s LED light into a […]


Researchers bypass ASLR protection with simple JavaScript code

February 16, 2017

Via: Help Net Security

A group of researchers from the Systems and Network Security Group at VU Amsterdam have discovered a way to bypass address space layout randomization (ASLR) protections of major operating systems and browsers by exploiting a common feature of computer microprocessors. […]


Techniques for the manipulation of malicious payloads to improve evasion

January 25, 2017

Via: Security Affairs

This work compares some infamous methods for the creation of malicious payloads or shellcodes. These payloads must be used to create a remote connection between the victim’s machine and the attacker’s machine that wants to listen and, once a connection is successfully […]

Cyber warfare

Notes from HITCON Pacific 2016

December 28, 2016

Via: Securelist

More than 500 participants from around the world attended the event, which included technical trainings, security conference and capture the flag (CTF) competition. We met many high-skilled malware analysts, incident responders, security researchers and professionals at this event to discuss […]


Commerce survey: Cyber researchers fear legal repercussions

December 16, 2016

Via: The Hill

A Department of Commerce survey shows that 60 percent of cyber-security researchers fear legal repercussions for reporting security vulnerabilities they discover to a product’s manufacturers. The Commerce Department’s National Telecommunication and Information Administration’s survey came through its role in a […]

Threats & Malware, Virus & Malware

Fortinet Predicts Tipping Point For Cybersecurity in 2017

December 12, 2016

Via: InfoSecurity Live

As per the first prediction threats are getting smarter and are increasingly able to operate autonomously. In the coming year it is expected to see malware designed “human-like” with adaptive, success-based learning to improve the impact and efficacy of attacks. […]


Nintendo targets 3DS vulnerabilities in new bug bounty

December 8, 2016

Via: Naked Security

Nintendo has announced it’s now supporting a bug bounty program for researchers to find flaws in its 3DS family of handheld game consoles. Researchers could make up to $20,000 for discovering vulnerabilities for the 3DS that could be used for pirating […]


New iOS lockscreen bypass renders Activation Lock useless

December 5, 2016

Via: Naked Security

We recently reported on a flaw in iOS that would allow someone to bypass the iOS lockscreen by using Siri. Well, Siri’s off the hook this time. The new vulnerability, disclosed yesterday by Benjamin Kunz Mejri of Vulnerability Lab, involves […]

Access control

‘Frighteningly Easy’ Hack Guesses Full Credit Card Details In 6 Seconds

December 5, 2016

Via: Dark Reading

Researchers at the UK’s Newcastle University have developed what they say is an almost absurdly easy way to get the card number, security code, and expiration date of any Visa credit or debit card using nothing but guesswork — six […]

Mobile security

Physical RAM attack can root Android and possibly other devices

October 25, 2016

Via: InfoWorld

Researchers have devised a new way to compromise Android devices without exploiting any software vulnerabilities and instead taking advantage of a physical design weakness in RAM chips. The attack technique could also affect other ARM and x86-based devices and computers. […]


InTheCyber discovered a serious flaw in messaging systems

October 24, 2016

Via: Security Affairs

InTheCyber – Intelligence & Defense Advisors (, a leader in offensive & Defensive Cyber Security, has discovered in its R&D Labs a new easy and dangerous vulnerability affecting messaging systems. Voicemail caller-id spoofing it’s a quite old flaw. When the mobile […]