Security News

ESG Cyber Resiliency Research Server Cut
2022-07-26 00:00

Cyber resiliency is now an essential requirement for any business. Given the threat to data and IT servers, businesses must invest in cyber-resiliency strategies to reduce operational risk.

Manual vs. SSPM: Research on What Streamlines SaaS Security Detection & Remediation
2022-06-23 04:07

When it comes to keeping SaaS stacks secure, IT and security teams need to be able to streamline the detection and remediation of misconfigurations in order to best protect their SaaS stack from threats. While companies adopt more and more apps, their increase in SaaS security tools and staff has lagged behind, as found in the 2022 SaaS Security Survey Report.

Hacker says hijacking libraries, stealing AWS keys was ethical research
2022-05-25 13:42

The hacker behind this hijack has now broken silence and explained his reasons to BleepingComputer. The hijacker of these libraries is an Istanbul-based security researcher, Yunus Aydın aka SockPuppets, who has attested to the fact when approached by BleepingComputer.

Benchmarking Linux Security – Latest Research Findings
2022-04-18 05:44

How well do your Linux security practices stack up in today's challenging operating environment? Are you following the correct processes to keep systems up-to-date and protected against the latest threats? Now you can find out thanks to research independently conducted by the Ponemon Institute. The research sponsored by TuxCare sought to understand better how organizations are currently managing the security and stability of their Linux-based systems.

Research reveals that IAM is too often permissive and misconfigured
2022-04-14 14:56

New cloud threat research from team Unit 42 at Palo Alto Networks reveals several security issues due to bad permissions handling and misconfiguration, which opens doors wide for threat actors. In cloud environments often composed of more than hundreds or thousands of workloads, every device or machine identity might be a risk for the cloud infrastructure.

New cyberespionage campaign targeting ISPs, research entities
2022-03-24 09:41

ESET Research discovered a still-ongoing cyberespionage campaign using a previously undocumented Korplug variant by the Mustang Panda APT group. The current campaign exploits the war in Ukraine and other European news topics.

Interview with the Head of the NSA’s Research Directorate
2022-02-03 12:01

MIT Technology Review published an interview with Gil Herrera, the new head of the NSA's Research Directorate. The math department, often in conjunction with the computer science department, helps tackle one of NSA's most interesting problems: big data.

Researchers develop CAPTCHA solver to aid dark web research
2022-01-14 18:35

A team of researchers at the Universities of Arizona, Georgia, and South Florida, have developed a machine-learning-based CAPTCHA solver that they claim can overcome 94.4% of real challenges on dark websites. The collection of cyber-threat intelligence from illicit dark web markets and forums becomes challenging and expensive, as employees have to be involved in the CAPTCHA solving step.

University loses 77TB of research data due to backup error
2021-12-30 16:02

The Kyoto University in Japan has lost about 77TB of research data due to an error in the backup system of its Hewlett-Packard supercomputer. The incident occurred between December 14 and 16, 2021, and resulted in 34 million files from 14 research groups being wiped from the system and the backup file.

Intel is Maintaining Legacy Technology for Security Research
2021-11-30 07:28

Intel's issue reflects a wider concern: Legacy technology can introduce cybersecurity weaknesses. This creates a long tail of old products that remain in widespread use, vulnerable to attacks.