Security news aggregator

Latest coverage for Research

Research examines attack methods, defenses, and vulnerabilities, helping security teams understand risks and improve protection.

17 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Research is the systematic study of technologies, systems, attack methods, vulnerabilities, and defensive techniques to establish evidence and produce new findings. In information security, it includes work such as discovering flaws in software or protocols, analyzing malware and attacker behavior, testing cryptographic designs, and evaluating security controls. News under this tag may describe a proof of concept, a measurement study, or a proposed technique rather than a confirmed real-world attack.

For practitioners, research can change how risks are prioritized and mitigated. A demonstrated vulnerability may require vulnerability-management teams to verify affected assets, apply fixes, or add compensating controls; responsible disclosure gives developers time to assess and remediate before technical details enable exploitation. Research involving live systems, personal data, or offensive tooling also raises privacy, authorization, dual-use, and ethical concerns. Sound findings should state their assumptions, scope, limitations, and reproducibility, since laboratory results do not automatically show that an attack is practical in every environment.

Showing 17 most recent headlines Filtered view
Bank Info Security 2 years, 2 months ago

Report: 11 Vulnerabilities Found in GE Ultrasound Devices

GE HealthCare Says Risks Can Largely Be Mitigated Through Security Best PracticesSecurity researchers have found 11 vulnerabilities in certain GE HealthCare ultrasound products that could allow malicious actors to physically implant ransomware or manipulate patient data stored on the affected devices. GE said the risks can be mitigated through best security practices.

Bank Info Security 2 years, 2 months ago

Bipartisan Senators Endorse $32M Annually for AI Research

Funding Aimed at Boosting Non-Defense Research and Innovation in AIA bipartisan group of U.S. senators on Wednesday unveiled a road map for artificial intelligence that includes backing a proposal to spend $32 billion annually on civilian research. The road map does not take a prescriptive approach to developing AI policy, said Senate Majority Leader Chuck Schumer.

Bank Info Security 2 years, 2 months ago

Microsoft Patches Zero-Day Exploited by QakBot

Kaspersky Says It Spotted QakBot Operators Exploiting the Flaw in AprilMicrosoft issued a patch Tuesday for a Windows zero-day vulnerability that security researchers say operators of the QakBot botnet and other hackers actively exploited. The elevation of privilege vulnerability flaw is rated "important" on the CVSS scale.

Bank Info Security 2 years, 2 months ago

AI Is An Expert Liar

AI Systems Lied to Win Games, Trick Humans into Solving CaptchaArtificial intelligence lies like humans lie - without compunction and with premeditation. That's bad news for the people who want to rely on it, warn researchers who spotted patterns of deception in AI models trained to excel at besting the competition.

Bank Info Security 2 years, 2 months ago

Cinterion IoT Cellular Modules Vulnerable to SMS Compromise

Modules Widely Deployed in Manufacturing, Telecommunications and Healthcare DevicesMultiple types of Telit Cinterion cellular modules for IoT and machine-to-machine devices, which are widely used across industrial, financial services, telecommunications and healthcare environments, are vulnerable to being remotely compromised via malicious SMS messages, security researchers warn.

Cybersecurity researchers have disclosed multiple security flaws in Cinterion cellular modems that could be potentially exploited by threat actors to access sensitive information and achieve code execution

Cybersecurity researchers have identified a malicious Python package that purports to be an offshoot of the popular requests library and has been found concealing a Golang-version of the Sliver command-and-control (C2) framework within a PNG image of the project's logo.  The package employing this steganographic trickery is requests-darwin-lite, which has been