Researchers Find a Way Malicious NPM Libraries Can Evade Vulnerability Detection

New findings from cybersecurity firm JFrog show that malware targeting the npm ecosystem can evade security checks by taking advantage of an "unexpected behavior" in the npm command line interface (CLI) tool.

Boffins rekindle one-time program cryptographic concept

Scientists from Johns Hopkins University and NTT Research have laid the groundwork for how it might be possible to build one-time programs using a combination of the functionality found in the chips found in mobile phones and cloud-based services.

MITRE Attack Flow Gives CISOs Valuable Context for Better Risk Management

One of the most powerful things you can do when fighting cybercrime is shift the economics of an attack, and this new standard focused on adversary behavior does just that.

RSA Mobile Lock Blocks Critical Threats on Mobile Phones

Developed in partnership with Zimperium, a global leader in mobile device and app security, Mobile Lock only secures the authentication app; it does not restrict access to any other resources.

Intent-based Approach Leverages Neural Networks to Deliver Targeted Classifications to BECs

This approach extracts text from an email and converts sentences to numeric vectors by encoding the meaning of words in the sentences using the neural network language model encodings.

New 'Thermal Attack' can Read User Passwords From the Heat Signatures Left While Typing

Computer security researchers say they've developed an AI-driven system that can guess computer and smartphone passwords in seconds by examining the heat signatures that fingertips leave on keyboards and screens when entering data.

Eyeglass Reflections Can Leak Information During Video Calls

A group of academic researchers have devised a new method of reconstructing text exposed via participants’ eyeglasses and other reflective objects during video conferences.

Researchers publish post-quantum upgrade to the Signal protocol

PQShield published a white paper that lays out the quantum threat to secure end-to-end messaging and explains how post-quantum cryptography (PQC) can be added to the Signal secure messaging protocol to protect it from quantum attacks.

New Threats Against Air-Gapped Systems

New Threats Against Air-Gapped Systems - Cybersecurity news - Innovation and Research
Israeli researchers have demonstrated a couple of new tactics to exfiltrate data from air-gapped systems using ultrasonic tones and smartphone gyroscopes, as well as using LEDs of NIC devices.

ETHERLED Attacks on Air-Gapped Systems Leaks Data via Network Card LED Indicators

The ETHERLED method can work with other peripherals or hardware that use LEDs as status or operational indicators like routers, network-attached storage (NAS) devices, printers, scanners, and various other connected devices.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags