Infostealers Cause Surge in Ransomware Attacks, Just One in Three Recover Data
Infostealer malware and digital identity exposure behind rise in ransomware, researchers find
Research examines attack methods, defenses, and vulnerabilities, helping security teams understand risks and improve protection.
Search across headline titles and summaries.
Background for this topic.
Research is the systematic study of technologies, systems, attack methods, vulnerabilities, and defensive techniques to establish evidence and produce new findings. In information security, it includes work such as discovering flaws in software or protocols, analyzing malware and attacker behavior, testing cryptographic designs, and evaluating security controls. News under this tag may describe a proof of concept, a measurement study, or a proposed technique rather than a confirmed real-world attack.
For practitioners, research can change how risks are prioritized and mitigated. A demonstrated vulnerability may require vulnerability-management teams to verify affected assets, apply fixes, or add compensating controls; responsible disclosure gives developers time to assess and remediate before technical details enable exploitation. Research involving live systems, personal data, or offensive tooling also raises privacy, authorization, dual-use, and ethical concerns. Sound findings should state their assumptions, scope, limitations, and reproducibility, since laboratory results do not automatically show that an attack is practical in every environment.
Infostealer malware and digital identity exposure behind rise in ransomware, researchers find
Better check your widgets, people Security researchers say that thousands of companies are potentially leaking secrets from their internal knowledge base (KB) articles via ServiceNow misconfigurations.…
The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS) infrastructures based on the CentOS operating system
Critical infrastructure security undermined by weakness in email protection, researchers warn
Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are likely operated by a Chinese nation-state threat actor called Flax Typhoon (aka Ethereal Panda or RedJuliett)
The FBI and cybersecurity researchers have disrupted a massive Chinese botnet called "Raptor Train" that infected over 260,000 networking devices to target critical infrastructure in the US and in other countries. [...]
A Chinese national has been indicted in the U.S. on charges of conducting a "multi-year" spear-phishing campaign to obtain unauthorized access to computer software and source code created by the National Aeronautics and Space Administration (NASA), research universities, and private companies
Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC). The first vulnerability (CVE-2024-20685) allows a crafted signaling message to crash the control plane, leading to potential service outages. The second (ZDI-CAN-23960) disconnects and replaces attached base stations, disrupting network operations. While these issues are implementation-specific, their exploitation is made possible by a systemic weakness: the lack of mandatory authentication procedures between base stations and packet-cores.
Attackers Could Exploit Flaw to Run Malicious Code on Google' s, Customers' ServersGoogle patched a critical remote execution vulnerability in its cloud platform Cloud Composer service, "CloudImposer," which could have allowed attackers to compromise millions of servers, say researchers from Tenable. The CloudImposer vulnerability could lead to the Jenga Tower effect.
5 Cybersecurity Firms Provide Large Pool of Government-Funded Espionage ResourcesChina's cyberespionage campaigns, viewed as an extension of the communist regime's wider geopolitical moves, rely on civilian hackers from domestic security firms for much of their success. Researchers say these groups face off in intense rivalries for lucrative government contracts.
Intellexa Poised for a Comeback, Warn ResearchersThe U.S. Department of the Treasury ramped up pressure on makers and sellers of Predator commercial spyware through sanctions on five individuals and a Caribbean company accused of enabling tens of millions of dollars of surveillance malware transactions.
A now-patched critical security flaw impacting Google Cloud Platform (GCP) Composer could have been exploited to achieve remote code execution on cloud servers by means of a supply chain attack technique called dependency confusion
Cybersecurity researchers are continuing to warn about North Korean threat actors' attempts to target prospective victims on LinkedIn to deliver malware called RustDoor
Cybersecurity researchers have warned of ongoing phishing campaigns that abuse refresh entries in HTTP headers to deliver spoofed email login pages that are designed to harvest users' credentials