Security News

Kudelski Security announced the launch of a new focus on quantum security, including expanded research and advisory services that enable security leaders and product and system developers to align their long-term approach to risk and data protection to the era of quantum computing. The global quantum practice for Kudelski Security is led by Dr. Tommaso Gagliardoni, who brings extensive expertise in academic and applied research in the fields of cryptography, quantum computing, and advanced mathematics.

Intel unveiled ControlFlag - a machine programming research system that can autonomously detect errors in code. "We think ControlFlag is a powerful new tool that could dramatically reduce the time and money required to evaluate and debug code. According to studies, software developers spend approximately 50% of the time debugging. With ControlFlag, and systems like it, I imagine a world where programmers spend notably less time debugging and more time on what I believe human programmers do best - expressing creative, new ideas to machines," said Justin Gottschlich, principal scientist and director/founder of Machine Programming Research at Intel Labs.

Biomedical and clinical research company Miltenyi Biotec says that it has fully restored systems after a malware attack that took place last month and affected the firm's global IT infrastructure. "During the last two weeks, there have been isolated cases where order processing was impaired by malware in parts of our global IT infrastructure," Miltenyi Biotec said in an official statement.

Group-IB has opened the doors of its European headquarters in Amsterdam, which will serve as a central hub for the company's research into the European threat landscape. The Amsterdam office, located at Prinsengracht 919, is set to intensify the strong European cyber threat knowledge Group-IB had previously, broaden the company's global threat hunting infrastructure and strengthen the on-the-ground support for the company's customer base in the region, which, among others, includes major banks of the Netherlands.

Such risk extends beyond anti-hacking laws, implicating copyright law and anti-circumvention provisions, electronic privacy law, and cryptography export controls, as well as broader legal areas such as contract and trade secret law. Our Guide gives the most comprehensive presentation to date of this landscape of legal risks, with an eye to both legal and technical nuance.

Imperium announced the release of a significantly upgraded version of its flagship ID-validation tool RelevantID. This major release is designed to help market research and panel organizations combat the rise of highly sophisticated synthetic identity frauds that are becoming increasingly difficult to catch using conventional fraud-detection models. New RelevantID additionally includes FraudProbabilityScore, a machine-learning model that assesses passive and behavioral data, returning an extremely precise fraud assessment that detects fraud, bots, and jumpers/ghost completes in surveys.

The latest in a flurry of actions this week, tied to foreign threats against U.S. computer systems, includes sanctions by the Department of the Treasury. The Trump administration sanctioned a Russia government research institution on Friday claiming it was behind a series of cyberattacks using the highly destructive Triton malware.

New research from RiskRecon and the Cyentia Institute pinpointed risk in third-party healthcare supply chain and showed that healthcare's high exposure rate indicates that managing a comparatively small Internet footprint is a big challenge for many organizations in that sector. There is a silver lining: gaining the visibility needed to pinpoint and rectify exposures in the healthcare risk surface is feasible.

The Silent Librarian campaign has re-emerged for the fall school session, actively targeting students and faculty at universities via spear-phishing campaigns. The goal is to harvest not just logins to sell online, but also proprietary university research and data, researchers said.

In the amicus brief it filed, Voatz suggests that only authorized security research should be considered lawful, but not independent security research, even if in good faith. "It is clear security research has tangibly improved the safety and security of systems we depend upon. It is not a given that this vital security work will continue. A broad interpretation of the CFAA would magnify existing chilling effects, even when there exists a societal obligation to perform such research," the letter reads.