Security news aggregator

Latest coverage for Research

Research examines attack methods, defenses, and vulnerabilities, helping security teams understand risks and improve protection.

21 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Research is the systematic study of technologies, systems, attack methods, vulnerabilities, and defensive techniques to establish evidence and produce new findings. In information security, it includes work such as discovering flaws in software or protocols, analyzing malware and attacker behavior, testing cryptographic designs, and evaluating security controls. News under this tag may describe a proof of concept, a measurement study, or a proposed technique rather than a confirmed real-world attack.

For practitioners, research can change how risks are prioritized and mitigated. A demonstrated vulnerability may require vulnerability-management teams to verify affected assets, apply fixes, or add compensating controls; responsible disclosure gives developers time to assess and remediate before technical details enable exploitation. Research involving live systems, personal data, or offensive tooling also raises privacy, authorization, dual-use, and ethical concerns. Sound findings should state their assumptions, scope, limitations, and reproducibility, since laboratory results do not automatically show that an attack is practical in every environment.

Showing 20 most recent headlines of 21 Filtered view
Bank Info Security 2 years, 5 months ago

OpenAI and Microsoft Terminate State-Backed Hacker Accounts

Hackers Used LLMs to Perform Tasks That Non-AI Tools Can PerformNation-state hackers including Russian military intelligence and hackers backed by China have used OpenAI large language models for research and to craft phishing emails, the artificial intelligence company disclosed Tuesday in conjunction with major financial backer Microsoft.

Bank Info Security 2 years, 5 months ago

Breach Roundup: Zeus Banking Trojan Leader Pleads Guilty

Also: Polish Prime Minister Says Previous Administration Deployed Pegasus SpywareThis week, the Zeus leader pleaded guilty, Prudential detected hackers, U.S. telecoms have to report breaches, Microsoft patched zero-days, researchers said Chinese threat intel is faulty, ransomware hit Romanian healthcare entities, Juniper was breached and Poland allegedly previously used Pegasus.

Bank Info Security 2 years, 5 months ago

Russia Continues to Focus on Cyber Operations and Espionage

Google and Mandiant Researchers Track Russia-Ukraine War Tactics Ahead of ElectionsRussia continues to focus on running cyber operations and espionage that target Ukraine's military, government and civil society in support of its ground campaign, researchers at Google said, warning that the information operations will likely soon be brought to bear on Western elections.

Bank Info Security 2 years, 5 months ago

Banking Trojan Harvests Facial Biometrics for AI Deepfakes

GoldPickaxe Malware Can Record User’s Face - Use Video to Commit Deepfake ScamsA Chinese-speaking cybercrime group with the codename GoldFactory has built a new Android and iOS banking Trojan, GoldPickaxe, that can harvest and steal personal details, including biometric face profiles, that attackers use to create AI-driven deepfakes to fool bank defenses, researchers warn.

Bank Info Security 2 years, 5 months ago

Banking Trojan GoldPickaxe Harvests Facial Biometrics

Both iOS and Android Variants Can Record Face Videos, Used to Create AI DeepfakesA Chinese-speaking cybercrime group codenamed GoldFactory has built a new Android and iOS banking Trojan, GoldPickaxe, that can to harvest and steal personal details, including biometric face profiles, which attackers use to create AI-driven deepfakes to fool bank defenses, researchers warn.

You don't need us to craft phishing emails or write malware, super-lab sniffs OpenAI has shut down five accounts it asserts were used by government agents to generate phishing emails and malicious software scripts as well as research ways to evade malware detection.…

Bank Info Security 2 years, 5 months ago

Is Ransomware Finally in Decline? Groups Are 'Struggling'

Researchers See Waning Mystique, Use of Ghost Groups, Breach Tricks, Trauma of WarWhile overall ransomware profits might remain high, many of the remaining or rebooted top-tier groups are "really struggling" with scarce talent, trauma from the Russia-Ukraine war and repeated disruptions by law enforcement, say researchers from threat intelligence firm RedSense.

Bank Info Security 2 years, 5 months ago

More Signs of a Qakbot Resurgence

Qakbot Wouldn't Be the First Trojan to Come Back After a TakedownTakedowns aren't always forever in cyberspace. Months after a U.S. law enforcement operation dismantled the notorious Qakbot botnet, security researchers said signs are pointing to a resurgence. Someone with access to the Qakbot - also known as Qbot - source code is experimenting with new builds.

Bank Info Security 2 years, 5 months ago

Canadian Flipper Zero Planned Crackdown Provokes Backlash

A Rash of Canadian Car Thefts Won't Be Solved by Banning Pen-Testing ToolsA Canadian effort amid a surge of car thefts to ban pen-testing devices such as the Flipper Zero that grab wireless signals has provoked backlash among security researchers and advocates, who accused Ottawa of finding a scapegoat for bad auto industry security practices.

Bank Info Security 2 years, 5 months ago

Account Takeover Campaign Hits Execs in Microsoft Azure

Attackers Downloaded Files Containing Financial, Security and User InformationA still-active phishing campaign using individualized phishing lures is targeting senior corporate accounts in Microsoft Azure environments, said researchers from Proofpoint. They said the hackers have compromised hundreds of user accounts spread across dozens of Microsoft Azure environments.

Loading more headlines...