Security News

The Linux Foundation announced Linux Foundation Research, a new division that will broaden the understanding of open source projects, ecosystem dynamics, and impact, with never before seen insights on the efficacy of open source collaboration as a means to solve many of the world's pressing problems. Through a series of research projects and related content, Linux Foundation Research will leverage the Linux Foundation's vast repository of data, tools, and communities across industry verticals and technology horizontals.

Security researcher David Sopas has published a new open-source project: MindAPI, a mind map with resources for making API security research easier. "After years of using it, I decided to implement my API security research experience and apply it on something that I could share not only with the infosec community, but also with developers."

Guardicore announced that Amit Serper has joined the Guardicore Labs cyber research team as Area VP of Security Research for North America. Serper unveiled his first research with Guardicore Labs - demonstrating how the Purple Fox rootkit now propagates as a worm.

Most security agencies fail to properly sanitize Portable Document Format files before publishing them, thus exposing potentially sensitive information and opening the door for attacks, researchers have discovered. An analysis of roughly 40,000 PDFs published by 75 security agencies in 47 countries has revealed that these files can be used to identify employees who use outdated software, according to Supriya Adhatarao and Cédric Lauradoux, two researchers with the University Grenoble Alpes and France's National Institute for Research in Computer Science and Automation.

The recent cyberattack that forced the Dutch Research Council to take its servers offline and suspend grant allocation processes was caused by the DoppelPaymer ransomware gang. Since NWO does not cooperate with cybercriminals, DoppelPaymer published proof of the stolen internal data on their leak site.

Ping Identity welcomed Peter Burke as the new Senior Vice President of Research and Development. Burke will drive product strategy and development across all Ping solutions, helping to further accelerate identity security and make access management simple for businesses and the consumers they serve.

Researchers at cybersecurity firm FireEye have analyzed a gateway device used for solar energy installations, and discovered vulnerabilities that could be useful to malicious hackers. FireEye conducted its research on a version of the device offered by Tesla under the SolarCity brand - Tesla acquired solar panel maker SolarCity in 2016.

Servers belonging to the Dutch Research Council have been compromised, forcing the organization to make its network unavailable and suspend subsidy allocation for the foreseeable future. The NWO is tasked with investing in research and research infrastructure to increase quality and innovation in science.

Unbound Security announced the launch of Unbound MPC Labs, a research initiative to advance the state of the art of multiparty computation research with commercial applications. Five years after the emergence of MPC into the practical realm of business, the initiative brings together MPC research, survey papers and videos from members to share and educate the community on the MPC research carried out by Unbound and its members.

UK Research and Innovation, the British government's science and research organisation, has temporarily turned off a couple of its web-facing services after an apparent ransomware attack. In a statement issued last week while everyone was gazing goggle-eyed at the European Union's vaccine export struggles, UKRI said data from its Brussels-based UK Research Office and an extranet service had been "Encrypted by a third party".