Security news aggregator

Latest coverage for Research

Research examines attack methods, defenses, and vulnerabilities, helping security teams understand risks and improve protection.

28 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Research is the systematic study of technologies, systems, attack methods, vulnerabilities, and defensive techniques to establish evidence and produce new findings. In information security, it includes work such as discovering flaws in software or protocols, analyzing malware and attacker behavior, testing cryptographic designs, and evaluating security controls. News under this tag may describe a proof of concept, a measurement study, or a proposed technique rather than a confirmed real-world attack.

For practitioners, research can change how risks are prioritized and mitigated. A demonstrated vulnerability may require vulnerability-management teams to verify affected assets, apply fixes, or add compensating controls; responsible disclosure gives developers time to assess and remediate before technical details enable exploitation. Research involving live systems, personal data, or offensive tooling also raises privacy, authorization, dual-use, and ethical concerns. Sound findings should state their assumptions, scope, limitations, and reproducibility, since laboratory results do not automatically show that an attack is practical in every environment.

Showing 20 most recent headlines of 28 Filtered view
Bank Info Security 8 months, 3 weeks ago

Infostealers Run Wild

Malware Captures Billions of CredentialsThe threat posed by information-stealing malware continues to rise, as it mass harvests ever-greater quantities of user credentials and offers them for sale across the cybercrime underground. Researchers have recently tracked 1.8 billion stolen credentials being sold across illicit marketplaces.

Group-IB says Tehran-linked crew used hijacked mailbox and VPN to sling phishing emails across Middle East Iran's favorite muddy-footed cyberespionage crew is at it again, this time breaching more than 100 government entities across the Middle East and North Africa, according to researchers at Group-IB.…

Bank Info Security 8 months, 3 weeks ago

Kremlin Shaping Cybercrime Into Deniable Geopolitical Tool

Moscow Crackdowns 'Less About Enforcement and More About Optics,' Say ExpertsChanging forces are reshaping the Russian cybercrime ecosystem, as the Kremlin takes a more direct role in leveraging ransomware and other groups for geopolitical influence, while not hesitating to occasionally burn lower-level players as a diplomatic token gesture, say researchers.

Bank Info Security 8 months, 3 weeks ago

Russia, China Will Weaponize UN Cyber Treaty, FDD Warns

Foundation for Defense of Democracies Warns Against Aligning With New Cyber TreatyThe United Nations' cybercrime treaty, shaped by Russian and Chinese influence, could legitimize global digital repression by enabling prosecutions of journalists, activists and researchers under vague terms - despite U.S. opposition and mounting civil society alarm, analysts warned Thursday.

Cybersecurity researchers have shed light on a cybercriminal group called Jingle Thief that has been observed targeting cloud environments associated with organizations in the retail and consumer services sectors for gift card fraud

Cybersecurity researchers have disclosed details of a coordinated spear-phishing campaign dubbed PhantomCaptcha targeting organizations associated with Ukraine's war relief efforts to deliver a remote access trojan that uses a WebSocket for command-and-control (C2)

Loading more headlines...