Security news aggregator

Latest coverage for Research

Research examines attack methods, defenses, and vulnerabilities, helping security teams understand risks and improve protection.

18 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Research is the systematic study of technologies, systems, attack methods, vulnerabilities, and defensive techniques to establish evidence and produce new findings. In information security, it includes work such as discovering flaws in software or protocols, analyzing malware and attacker behavior, testing cryptographic designs, and evaluating security controls. News under this tag may describe a proof of concept, a measurement study, or a proposed technique rather than a confirmed real-world attack.

For practitioners, research can change how risks are prioritized and mitigated. A demonstrated vulnerability may require vulnerability-management teams to verify affected assets, apply fixes, or add compensating controls; responsible disclosure gives developers time to assess and remediate before technical details enable exploitation. Research involving live systems, personal data, or offensive tooling also raises privacy, authorization, dual-use, and ethical concerns. Sound findings should state their assumptions, scope, limitations, and reproducibility, since laboratory results do not automatically show that an attack is practical in every environment.

Showing 18 most recent headlines Filtered view

Shadowserver claims miscreants were already poking at a critical hole in early July, long before Switchzilla patched it Threat actors have actively exploited a newly patched vulnerability in Cisco's Identity Services Engine (ISE) software since early July, weeks before the networking giant got around to issuing a fix.…

Bank Info Security 11 months, 3 weeks ago

Quantum Data Centers Await Use Cases and Tech Maturity

CIR's Lawrence Gasman on Why Quantum Data Centers Remain Years From Enterprise UseQuantum data centers could become viable if business use cases emerge, says Lawrence Gasman, founder, Communications Industry Researchers. Technical hurdles, such as physical form factor, environment, cost and photonic interconnects, must be addressed for enterprise adoption.

Bank Info Security 11 months, 3 weeks ago

Honeywell Smart Building Middleware Vulnerable

Researchers Find Flaws in Tridium Niagara FrameworkVulnerabilities in Honeywell smart building middleware could allow hackers to manipulate physical systems or disable security alarms, warn security researchers. Hackers would already need access to the network. An attack would also depend on the Tridium Niagara customer not encrypting Syslog data.

Bank Info Security 11 months, 3 weeks ago

US Nuclear Agency Breach Tied to SharePoint Zero-Days

Over 400 Organizations Breached Via Ongoing ToolShell Attacks, Researchers WarnThe U.S. government agency that maintains and designs America's nuclear weapons was reportedly breached by attackers exploiting zero-day flaws in on-premises Microsoft SharePoint servers, with researchers now counting over 400 victims, including European and Middle Eastern governments.

All security questions are hard to answer, but these three are non-negotiable Partner content We've all seen those seemingly straightforward security questions that snowball into multi-day research projects across dozens of consoles, spreadsheets, and manual queries. The reality is that even the most fundamental security questions are notoriously difficult to answer with certainty.…

Bank Info Security 11 months, 3 weeks ago

Microsoft Traces On-Premises SharePoint Exploits to China

But Hacking Groups of All Stripes Now Have Access to Exploit Code, Researchers WarnMicrosoft said an attack campaign targeting zero-day vulnerabilities in on-premises SharePoint servers appears to have begun by July 7, tied to three Chinese hack groups. With proof-of-concept exploit code now in the wild, security experts said hackers of all stripes have joined the fray.

Bank Info Security 11 months, 3 weeks ago

Cyberattacks Surging Across Indo-Pacific, Researchers Warn

Report Urges Indo-Pacific Cyber Shield Strategy Amid Increased Nation-State ThreatsA Center for a New American Security study found China and North Korea are accelerating cyberattacks, influence operations and infrastructure breaches across the Indo-Pacific, as researchers urge the U.S. to help develop a regional cyber shield, and deploy forward cyber teams.

Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence and Security (MOIS) and have been distributed to targets by masquerading as VPN apps and Starlink, a satellite internet connection service offered by SpaceX

A new attack campaign has compromised more than 3,500 websites worldwide with JavaScript cryptocurrency miners, marking the return of browser-based cryptojacking attacks once popularized by the likes of CoinHive.  Although the service has since shuttered after browser makers took steps to ban miner-related apps and add-ons, researchers from the c/side said they found evidence of a stealthy