Security news aggregator

Latest coverage for Research

Research examines attack methods, defenses, and vulnerabilities, helping security teams understand risks and improve protection.

21 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Research is the systematic study of technologies, systems, attack methods, vulnerabilities, and defensive techniques to establish evidence and produce new findings. In information security, it includes work such as discovering flaws in software or protocols, analyzing malware and attacker behavior, testing cryptographic designs, and evaluating security controls. News under this tag may describe a proof of concept, a measurement study, or a proposed technique rather than a confirmed real-world attack.

For practitioners, research can change how risks are prioritized and mitigated. A demonstrated vulnerability may require vulnerability-management teams to verify affected assets, apply fixes, or add compensating controls; responsible disclosure gives developers time to assess and remediate before technical details enable exploitation. Research involving live systems, personal data, or offensive tooling also raises privacy, authorization, dual-use, and ethical concerns. Sound findings should state their assumptions, scope, limitations, and reproducibility, since laboratory results do not automatically show that an attack is practical in every environment.

Showing 20 most recent headlines of 21 Filtered view
Bank Info Security 1 year, 10 months ago

Strider Secures $55M to Fuel AI Growth and Global Expansion

Series C Funds to Fuel AI Research, Government Sector Investment and Global GrowthStrider Technologies has raised $55 million in a Series C funding round to strengthen its AI capabilities and fuel global expansion efforts. The money will enhance the company’s AI-driven insights, support business with government agencies, and fuel international expansion in Europe and Asia.

Bank Info Security 1 year, 10 months ago

Remote Access Tool Sprawl Increases OT Risks

Over-Deployment of Tools Raises Security and Operational ConcernsExcessive deployment of remote access tools in operational technology environments expands attack surfaces and creates operational challenges, warn security researchers from Claroty. Remote access tools are essential, but they introduce numerous potential vulnerabilities that threat actors exploit.

Bank Info Security 1 year, 10 months ago

Black Hat/DEF CON 2024: Latest Insights on Security and AI

ISMG Compendium Showcases More Than 50 Interviews on Threats, Emerging SolutionsWelcome to Information Security Media Group's Black Hat and DEF CON 2024 Compendium featuring latest insights from the industry's top cybersecurity researchers and ethical hackers, as well as perspectives from CEOs, CISOs and government officials on the latest trends in cybersecurity and AI.

Nastyware seeks creds, mines crypto, and plants ransomware that isnt deployed - for now? An unknown attacker is exploiting weak passwords to break into Oracle WebLogic servers and deploy an emerging Linux malware called Hadooken, according to researchers from cloud security outfit Aqua.…

Bank Info Security 1 year, 10 months ago

French Cyber Agency Warns of APT28 Hacks Against Think Tanks

Report: North Korean, Russian, Chinese, Iranian Actors Are Targeting Research OrgsRussian state hackers are targeting think tanks studying strategic interests and the defense sector, warned the French cyber agency. A hacking group that officially is Unit 26165 of the Russian Main Intelligence Directorate appears to be Russia's most prolific targeter of think tanks.

What happens at Black Hat… While trying to escape the Las Vegas heat during Black Hat last month, watchTowr Labs researchers decided to poke around for weaknesses in the WHOIS protocol. They claim to have found a way to undermine certificate authorities, which the world trusts to keep the internet safe by verifying the identity of websites.…

Bank Info Security 1 year, 10 months ago

Quad7 Botnet Operators Expand Targets, Aim for Stealth

VPN Endpoints, Wireless Routers and Network-Attached Storage Devices Are TargetsOperators behind a mysterious botnet named for a TCP routing port number are expanding the universe of targeted devices and taking steps to hide their infrastructure, warn Sekoia researchers. The 7777 - or Quad7 - botnet appears to have emerged in 2023.

US alarmed by heightened Kremlin naval activity worldwide Russia's naval activity near undersea cables is reportedly drawing the scrutiny of US officials, further sparking concerns that the Kremlin may be plotting to "sabotage" underwater infrastructure via a secretive, dedicated military unit called the General Staff Main Directorate for Deep Sea Research (GUGI).…

Loading more headlines...