Security news aggregator

Latest coverage for Research

Research examines attack methods, defenses, and vulnerabilities, helping security teams understand risks and improve protection.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Research is the systematic study of technologies, systems, attack methods, vulnerabilities, and defensive techniques to establish evidence and produce new findings. In information security, it includes work such as discovering flaws in software or protocols, analyzing malware and attacker behavior, testing cryptographic designs, and evaluating security controls. News under this tag may describe a proof of concept, a measurement study, or a proposed technique rather than a confirmed real-world attack.

For practitioners, research can change how risks are prioritized and mitigated. A demonstrated vulnerability may require vulnerability-management teams to verify affected assets, apply fixes, or add compensating controls; responsible disclosure gives developers time to assess and remediate before technical details enable exploitation. Research involving live systems, personal data, or offensive tooling also raises privacy, authorization, dual-use, and ethical concerns. Sound findings should state their assumptions, scope, limitations, and reproducibility, since laboratory results do not automatically show that an attack is practical in every environment.

Showing 5 most recent headlines Filtered view
Bank Info Security 2 years, 4 months ago

Embedded PLC Web Servers a Vector to New Class of OT Malware

Web PLC Malware Holds Potential for Catastrophic IncidentsFusty and fussy operational technology devices are probably the farthest things away from a web server. Except - not anymore. But web servers embedded into industrial firmware are also a potential bonanza for hackers, say researchers from the Georgia Institute of Technology.

Bank Info Security 2 years, 4 months ago

Apple Fixes iOS Kernel Zero-Days Being Exploited in the Wild

Real-World Scenarios Are Sketchy But Researchers Warn: 'Assume Spyware; Update Now'Apple pushed out an emergency security update for two critical zero-day flaws that attackers are using to carry out memory corruption attacks on iPhone and iPad devices. The tech giant's latest patch addressed its third zero-day vulnerability this year.

Bank Info Security 2 years, 4 months ago

A New Self-Spreading, Zero-Click Gen AI Worm Has Arrived!

Researchers Created Worm That Can Exfiltrate Data, Spread Spam and Poison AI ModelsResearchers have created a zero-click, self-spreading worm that can steal personal data through applications that use chatbots powered by generative artificial intelligence. Dubbed Morris II, the malware uses a prompt injection attack vector to trick AI-powered email assistant apps.

Bank Info Security 2 years, 4 months ago

Mobile-Driven Phishing Spoofs FCC, Cryptocurrency Giants

Researchers Say Hackers Used Fake Login Pages to Trick 100 Victims, Crypto WorkersA new phishing campaign is targeting victims through mobile devices by mirroring legitimate login pages for the Federal Communications Commission and large cryptocurrency platforms including Binance and Coinbase. At least 100 victims, including crypto company employees, have fallen for the scam.

Bank Info Security 2 years, 4 months ago

Are You as Competent as You Think You Are?

The Dunning-Kruger Effect and the Truth About How You Evaluate Your Career SkillsKnowing how competent we are and how we stack up against peers gives us the ability to decide when we can proceed based on our own experience and when we need to seek advice. But psychological research says we are lousy at evaluating our own capabilities and frequently overestimate our skills.

Bank Info Security 5 Mar 2024, 7:00 a.m. Research