Security news aggregator

Latest coverage for Research

Research examines attack methods, defenses, and vulnerabilities, helping security teams understand risks and improve protection.

17 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Research is the systematic study of technologies, systems, attack methods, vulnerabilities, and defensive techniques to establish evidence and produce new findings. In information security, it includes work such as discovering flaws in software or protocols, analyzing malware and attacker behavior, testing cryptographic designs, and evaluating security controls. News under this tag may describe a proof of concept, a measurement study, or a proposed technique rather than a confirmed real-world attack.

For practitioners, research can change how risks are prioritized and mitigated. A demonstrated vulnerability may require vulnerability-management teams to verify affected assets, apply fixes, or add compensating controls; responsible disclosure gives developers time to assess and remediate before technical details enable exploitation. Research involving live systems, personal data, or offensive tooling also raises privacy, authorization, dual-use, and ethical concerns. Sound findings should state their assumptions, scope, limitations, and reproducibility, since laboratory results do not automatically show that an attack is practical in every environment.

Showing 17 most recent headlines Filtered view
Bank Info Security 2 years, 2 months ago

Mitre Says Hackers Breached Unclassified R&D Network

Threat Actor Exploited Ivanti Zero-Day Vulnerabilities in CyberattackA nation-state threat actor gained access into an unclassified research and development network operated by MITRE, a non-profit that oversees key federal funded research and development centers for the U.S. government, the organization confirmed on Friday.

Bank Info Security 2 years, 3 months ago

Likely Sandworm Hackers Using Novel Backdoor 'Kapeka'

Kapeka Shows Similarities to Russian GRU Hacking Group's GreyEnergy MalwareLikely Russian military intelligence hackers known as Sandworm since at least mid-2022 have deployed a new and highly flexible back door against Eastern European targets, warn security researchers. Security firm WithSecure dubs the backdoor "Kapeka."

Bank Info Security 2 years, 3 months ago

Steganography Campaign Targets Global Enterprises

Financially Motivated Threat Group Embeds Malicious Code in ImagesFinancially motivated hackers are using the oldie-but-goodie technique of hiding malicious code in digital images to target businesses in Latin America, say security researchers. One image containing a PowerShell script results in Agent Tesla being loaded on the victim computer.

Bank Info Security 2 years, 3 months ago

College Students Help Boost Cybersecurity With Free Clinics

New Program Pairs Universities and Students With Small, Resource-Poor OrganizationsA new initiative in the U.S. is pairing college students with university researchers to strengthen cybersecurity defenses for resource-poor organizations and small businesses. The program serves as both an educational platform and a way for students to gain practical field experience.

In today's rapidly evolving digital landscape, organizations face an increasingly complex array of cybersecurity threats. The proliferation of cloud services and remote work arrangements has heightened the vulnerability of digital identities to exploitation, making it imperative for businesses to fortify their identity security measures

Bank Info Security 2 years, 3 months ago

Likely State Hackers Exploiting Palo Alto Firewall Zero-Day

Company Released a Hotfix to the Command Injection VulnerabilityFirewall appliance manufacturer Palo Alto Networks rushed out a hotfix Friday to a command injection vulnerability present in its custom operating system after security researchers spotted a campaign to exploit the zero-day starting in March, likely from a state-backed threat actor.