Security news aggregator

Latest coverage for Research

Research examines attack methods, defenses, and vulnerabilities, helping security teams understand risks and improve protection.

23 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Research is the systematic study of technologies, systems, attack methods, vulnerabilities, and defensive techniques to establish evidence and produce new findings. In information security, it includes work such as discovering flaws in software or protocols, analyzing malware and attacker behavior, testing cryptographic designs, and evaluating security controls. News under this tag may describe a proof of concept, a measurement study, or a proposed technique rather than a confirmed real-world attack.

For practitioners, research can change how risks are prioritized and mitigated. A demonstrated vulnerability may require vulnerability-management teams to verify affected assets, apply fixes, or add compensating controls; responsible disclosure gives developers time to assess and remediate before technical details enable exploitation. Research involving live systems, personal data, or offensive tooling also raises privacy, authorization, dual-use, and ethical concerns. Sound findings should state their assumptions, scope, limitations, and reproducibility, since laboratory results do not automatically show that an attack is practical in every environment.

Showing 20 most recent headlines of 23 Filtered view

Cybersecurity researchers have discovered a critical security flaw in an artificial intelligence (AI)-as-a-service provider Replicate that could have allowed threat actors to gain access to proprietary AI models and sensitive information

'Rare Tools' Employed in 'Operation Diplomatic Specter,' Threat Researchers FindSecurity researchers warn that an active Chinese global cyberespionage campaign continues to target at least nine different governments across Asia, the Middle East and Africa, and specializes in gaining and maintaining persistence to email servers to amass intelligence, sometimes daily.

Bitdefender Exposes Unfading Sea Haze's Advanced Cyberespionage TacticsA previously undetected, suspected Chinese-state threat actor has been targeting governments in the South China Sea for years with a remote access Trojan that has been a favorite of Chinese hackers since its creation almost two decades ago, say security researchers from Bitdefender.

Boffins, why not simply invent an algorithm that autonomously fixes flaws, thereby ending ransomware forever The US government's Advanced Research Projects Agency for Health (ARPA-H) has pledged more than $50 million to fund the development of technology that aims to automate the process of securing hospital IT environments.…

Krebs on Security 2 years, 1 month ago

Why Your Wi-Fi Router Doubles as an Apple AirTag

Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly available data from Apple to track the location of billions of devices globally -- including non-Apple devices like Starlink systems -- and found they could use this data to monitor the destruction of Gaza, as well as the movements and in many cases identities of Russian and Ukrainian troops.

New Campaign Targets Over 1,500 Banks WorldwideDespite a law enforcement takedown in January, researchers identified new phishing campaigns spreading the Grandoreiro banking Trojan, indicating its return as a malware-as-a-service tool with better encryption and a better domain name generator, according to IBM X-Force researchers.

Bank Info Security 2 years, 1 month ago

HHS Funds $50M to Spot, Patch Hospital Vulnerabilities

Research Agency Soliciting 'Upgrade' Project Ideas to Help Boost Healthcare CyberThe highly targeted U.S. hospital sector could get a boost in avoiding cyberattacks with a $50 million investment by a federal research agency aimed at enhancing automation, vulnerability detection and remediation across a variety of devices in healthcare environments.

Loading more headlines...