Articles about research

Image by 9 George http://www.shutterstock.com/gallery-607441p1.html

Google pays $100k to anti-malware crusader Giovanni Vigna

Anti-malware machine and head of the Shellphish DARPA Grand Challenge bronze-medallist team has won US$100,000 from Google for security research efforts. University of California Santa Barbara doctor Giovanni Vigna landed Google's Security, Privacy and Anti-Abuse award for his long line of research into malware detection. …
Darren Pauli, 21 Oct 2016
Riven Media http://www.shutterstock.com/gallery-1141187p1.html

Security research tool had security problem

Security researchers and the networks they rely on were at risk of breach by the hackers they investigate, thanks to now mitigated man-in-the-middle holes in a popular plugin for analysing debugger OllyDbg. The debugger disassembles binaries, making it a handy way to understand an application's workings without having access …
Darren Pauli, 20 Oct 2016

Reading this? Then you can pop root shells on Markvision enterprises

Lexmark has patched two dangerous vulnerability in its Markvision enterprise IT analysis platform that grants remote attackers god-mode system access over the internet. The platform is used by tech shops to manage thousands of devices. Researchers with San Antonio based securtity consultancy Digital Defence reported the twin …
Darren Pauli, 20 Oct 2016

Audit sees VeraCrypt kill critical password recovery, cipher flaws

Security researchers have found eight critical, three medium, and 15 low -severity vulnerabilities in a one month audit of popular encryption platform VeraCrypt. The audit is the latest in a series prompted by the shock abandoning of TrueCrypt in May 2014 due to unspecified security concerns claimed by the hitherto trusted …
Darren Pauli, 18 Oct 2016
Acer XR341CKA gaming monitor

Time to crack down on sales of dragon's gold - securobods

Security researchers have urged gaming companies to crack down on virtual currency auction and sales sites, reckoning criminals are cashing in to launder stolen money. The research team at Trend Micro says most black hats steal the currency using online game exploits or by using malware and phishing to compromise players, …
Darren Pauli, 13 Oct 2016

'Geek gene' denied: If you find computer science hard, it's your fault (or your teacher's)

Assume for the sake of argument that computer science grades are bimodal: there's a distinct group of students who excel at the subject, and then there's everyone else in another group. Computer science researchers at the University of Toronto – namely, Elizabeth Patitsas, Jesse Berlin, Michelle Craig, and Steve Easterbrook – …
Thomas Claburn, 28 Sep 2016
Keen Security Lab senior researcher Sen Nie (left) with director Samuel Lv

Hackers hijack Tesla Model S from afar, while the cars are moving

Video Chinese hackers have attacked Tesla electric cars from afar, using exploits that can activate brakes, unlock doors, and fold mirrors from up to 20 kilometres (12 miles) away while the cars are in motion. Keen Security Lab senior researchers Sen Nie, Ling Liu, and Wen Lu, along with director Samuel Lv, demonstrated the hacks …
Darren Pauli, 20 Sep 2016
Image composite: Microsoft and StudioLondon http://www.shutterstock.com/gallery-893620p1.html

Remote hacker nabs Win10 logins in 'won't-fix' Safe Mode* attack

Security researcher Doron Naim has cooked an attack that abuses Windows 10's Safe Mode to help hackers steal logins. The Cyberark man says remote attackers need to have access to a PC before they can spring this trap, which involves rebooting a machine into Safe Mode to take advantage of the lesser security controls offered in …
Darren Pauli, 16 Sep 2016

Top infosec vendors, cops, liberate thousands from ransomware

Warriors from industry and law enforcement collective No More Ransom have cleansed more than 2500 machines of ransomware by distributing free decryption keys and other tools to eradicate infections. No More Ransom is an alliance of cops and anti-malware experts including McAfee and soon-to-be-former parent company Intel, …
Darren Pauli, 14 Sep 2016
Image by TSHIRT-FACTORYdotCOM http://www.shutterstock.com/gallery-110716p1.html

Infected Android phones could flood America's 911 with DDoS attacks

A research trio has shown how thousands of malware-infected phones could launch automated distributed denial of service attacks to cripple the US emergency phone system "for days". The attacks are a new area of research and exploit the need for emergency call services to accept all calls regardless of origin. The theoretical …
Darren Pauli, 13 Sep 2016
Sad robot helper

New science: Pathetic humans can't bring themselves to fire lovable klutz-bots

A university study has found that adding basic facial expressions to a robot can be enough to forge an emotional bond with humans. Researchers with University College London and University of Bristol in the UK found that when humans were paired with a robot that displayed facial expressions of remorse, the fleshy overlord was …
Shaun Nichols, 20 Aug 2016

If this headline was a security warning, 90% of you would ignore it

Developers, advertisers, and scammers be warned; boffins say your pop ups will be almost universally ignored if they interrupt users. The work examined how users respond to web-based messages during times of varying concentration and found users who are engaged deeply in some task will ignore pop ups. The university quintet …
Darren Pauli, 18 Aug 2016

Forensics tool nabs data from Signal, Telegram, WhatsApp

USENIX VID University researchers have developed a new method to help forensic investigators extract data information from memory. The tool, dubbed Retroscope, recovered data from up to the previous 11 screens displayed from up to 15 apps, with an average of five screens pulled from each. Apps included Signal, Skype, WeChat, Gmail, …
Darren Pauli, 15 Aug 2016
Image by Maksim Kabakouhttp://www.shutterstock.com/pic-362745248/stock-photo-privacy-concept-broken-shield-on-wall-background.html

Stealthy malware infects digitally-signed files without altering hashes

Black Hat Deep Instinct researcher Tom Nipravsky has undermined the ubiquitous security technique of digitally-signed files by baking malicious code into headers without tripping popular security tools. Nipravsky inserted malicious code into the small header attribute certification table field which contains information about digital …
Darren Pauli, 8 Aug 2016

Latest Androids have 'god mode' hack hole, thanks to Qualcomm

Four Qualcomm vulnerabilities grant malware writers total access to modern Android smartphones. Yes, yes, nine hundred meellion "potential" users, if you're counting. Attackers can write malicious apps that, when installed, exploit the software flaws to gain extra privileges on Android Marshmallow and earlier versions of …
Darren Pauli, 8 Aug 2016

Microsoft stops to smell the roses, creates the Shazam of flowers

Botanists will be positively blooming thanks to Microsoft, which has worked with a team of scientists to create a system to help flower-fanciers identify species in a snap. The Smart Flower Recognition System will help botanists stalk flowers across the world using Microsoft's blossoming library of some 2.6 million floral …
Darren Pauli, 26 Jul 2016

15-year-old security hole HTTPoxy returns to menace websites – it has a name, logo too

A dangerous easy-to-exploit vulnerability discovered 15 years ago has reared its head again, leaving server-side website software potentially open to hijackers. The Apache Software Foundation, Red Hat, Ngnix and others have rushed to warn programmers of the so-called httpoxy flaw, specifically: CVE-2016-5385 in PHP; CVE-2016- …
Darren Pauli, 18 Jul 2016
Daleks in Doctor Who – Witch's Familiar. Pic credit: BBC

Drowning Dalek commands Siri in voice-rec hack attack

University boffins have brewed one of the most complex mechanisms for loading malware onto phones by way of surreptitious Google Now and Siri voice commands hidden in YouTube videos. For the attack to work, phones need to be in a state where they can receive voice commands - a feature often left unlocked - and close enough to …
Darren Pauli, 11 Jul 2016

Create a news alert about research, or find more stories about research.

Biting the hand that feeds IT © 1998–2018