Research

Research

Imaginative attack scenarios elicit intrigue at NYU’s CSAW cyber event

Using AI to create artificial fingerprints that can unlock strangers’ phones… abusing electric vehicle charging stations to overwhelm the power grid… exploiting 3D printer technology to execute an all-new form of supply chain attack… These may have once sounded like far-flung ideas, but top cyber minds at New York University have been actively exploring such…

We interviewed cyber experts on a Vegas ferris wheel. Then ride security showed up…

In the film “Ocean’s 11,” Danny Ocean and his team of expert cybercriminals execute a daring casino heist in glitzy Las Vegas. This past summer at the Black Hat and DEF CON conferences in Sin City, the editorial staff at SC Media attempted to pull off a less ambitious – and decidedly more legal –…

Metasploit Project publishes exploit for Bluekeep bug

Coders late last week publicly released a working exploit for the dangerous Bluekeep bug that was found and patched earlier this year in Microsoft’s Remote Desktop Protocol implementation. Designated as CVE-2019-0708, BlueKeep is a remote Windows kernel use-after-free vulnerability that could be used to create wormable attacks similar to the WannaCry ransomware incident of May…

Alleged Anonymous members indicted last Thursday led unassuming lives

Research: Hacktivism activity and chatter has markedly dropped since 2016

After peaking in 2016, the number of active hacktivist groups have since dipped precipitously, as has overall online chatter regarding hacktivism, according to a new report from researchers at Recorded Future. Furthermore, the researchers found a marked reduction in the frequency of large-scale international hacktivism campaigns. Members of the company’s Insikt Group team theorize that…

Study: Ransomware generates most interest among underground forum users

An analysis of 3.9 million online posts published on underground forums found that ransomware, crypters and trojans were the most frequently referenced categories of malware and malicious tools – an indication of their popularity among forum visitors and potential cybercriminals. Web shells, remote access trojans, adware, computer viruses, FUD (fully undetectable) crypters, exploit kits and rootkits – in that…

Researchers devise method to track Bluetooth devices, despite built-in protections

Researchers from Boston University (BU) have discovered a way to circumvent anonymization protections on Bluetooth Low Energy devices, allowing potentially malicious actors to passively track the movements of these devices and their users. BLE devices rely on non-encrypted advertising messages to signal their availability to other devices to pair up. To prevent third-party actors from…

What is workforce’s biggest cyber knowledge gap? ID’ing phishing threats, says study

An analysis of workers’ cyber knowledge gaps found that ends users last year struggled most with identifying phishing threats and protecting data throughout its lifecycle, according to a new report from Proofpoint. Titled “Beyond the Phish 2019, the report incorporated data gathered from roughly 130 million answers to questions that were posed to endpoint users…

Next post in Research