Blog - Cyber Security Informer

GhostTouch: how to remotely control touchscreens with EMI

Security Affairs

MAY 27, 2022

Security researchers devised a technique, dubbed GhostTouch, to remotely control touchscreens using electromagnetic signals. A team of researchers from Zhejiang University and Technical University of Darmstadt devised a technique, dubbed GhostTouch, to remotely control capacitive touchscreens using electromagnetic signals.

Authentication

Authentication Passwords Hacking Software

Using WiFi connection probe requests to track users

Security Affairs

JUNE 13, 2022

Researchers at the University of Hamburg demonstrated that WiFi connection probe requests expose users to track. The researchers conducted a field experiment in a German city where they captured probe requests of passersby and analyzed their content for three hours, with a focus on SSIDs and identifying information. .

Mobile

Mobile Passwords Hacking Cybersecurity

PACMAN, a new attack technique against Apple M1 CPUs

Security Affairs

JUNE 11, 2022

The researchers who devised the attack technique speculate that the principles behind the PACMAN attacks could be used for much more than just PAC. The technique was discovered by researchers at MIT’s Computer Science & Artificial Intelligence Laboratory (CSAIL), Joseph Ravichandran , Weon Taek Na , Jay Lang , and Mengjia Yan.

Authentication

Authentication Artificial Intelligence Architecture Hacking

Effective AI Regulation Requires Adaptability and Collaboration

Security Boulevard

NOVEMBER 29, 2023

Recently, two researchers from the University of Ottawa and McGill University performed a meticulous analysis of the AI Act, unraveling its profound impact on the perception of AI systems and potential harms they may bring.

Artificial Intelligence

Artificial Intelligence Malware Risk Government

Insights about the first five years of Right to be Forgotten requests at Google

Elie

DECEMBER 12, 2019

So in January 2016, as a preparation to providing better statistical analysis, our RTBF reviewers started manually annotating each requested URL with additional data, including the site category, the type of page content, and the requesting entity. The result of this study was published in a research paper at. paper table 3.

Media

Media Government Internet Internet

New Year’s resolution: keeping cybercriminals and scammers at bay

BH Consulting

JANUARY 4, 2023

Research from the World Economic Forum found “young people who leave school during recessions are significantly more likely to become involved in crime”. Back in October, we blogged about how phishing scams are becoming more common. Remind people that we tend to put email and text messages into the ‘urgent and important’ category.

Scams

Scams Banking Cybercrime Insurance

Security Roundup October 2021

BH Consulting

OCTOBER 12, 2021

A new category for this edition is ‘insecure design’. We also cover this attack vector in our comprehensive white paper on ransomware. Research from Respect in Security found that 35 per cent of cybersecurity professionals have experienced harassment in person at industry events, in the workplace, or at work social occasions.

VPN

VPN Ransomware InfoSec Scams

Q&A on the MITRE D3FEND Framework

Cisco Security

FEBRUARY 25, 2022

In this blog post, I talk to Pete Kaloroumakis from MITRE, who has developed the D3FEND framework. I got into and fell in love with research and development. After some research, we were surprised to find that nothing available came close to meeting our needs regarding both abstraction and technical detail.

Engineering

Engineering Technology Cybersecurity Internet

Cyber Threats to the FIFA World Cup Qatar 2022

Digital Shadows

NOVEMBER 10, 2022

That’s why we’ve decided to start our research well ahead of time and use all our resources to showcase some interesting examples of how threat actors could exploit the Qatar 2022 World Cup to conduct malicious activity. At the same time, mobile apps constitute an expansion of the attack surface for every organization.

Cyber threats

Cyber threats Media Social Engineering Mobile

Focus Threat Intel Capabilities at Detection Engineering (Part 4)

Anton on Security

OCTOBER 18, 2023

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. This is our topic in this part of the blog series. Intel done for research can be slow, but intel done for detection cannot be. ?IOCs Ideally, bi-directional CTI-DE comms are established…

Engineering

Engineering Threat Detection Threat Reports Passwords

GUEST ESSAY: Understanding the security limits of the static and dynamic passwords we rely on

The Last Watchdog

JANUARY 31, 2022

Every year, researchers find weaknesses in such password managers. This refers to parametric, dynamic, recoverable, generated-on demand, pseudo-random passwords that are not stored in an electronic or paper form. Multi-factor authentication, or MFA, methods belong to this category. Dynamical passwords.

Passwords

Passwords Computers and Electronics Password Management Artificial Intelligence

Administrator’s Guide, Part 2: Passwords Are Safer Than Biometrics, PINs Are Just Passwords, and Other Tall Tales

Duo's Security Blog

JULY 1, 2021

Part of our Administrator's Guide to Passwordless blog series See the video at the blog post. Switching to local evaluation of a user’s identity eliminates several entire categories of attacks that impact organizations and individuals today. Even weak local authentication stops most remote attacks cold.

Passwords

Passwords Surveillance Authentication Risk

How Passwordless Can Elevate Higher Education

Duo's Security Blog

OCTOBER 20, 2021

From the protection of research and intellectual property to the safeguarding of student data and financial information, the job of securing a university environment is a serious one. To address whether a headline like “The Time for Passwordless Is Now” applies to higher education, begin with the lens of security.

Education

Education Authentication Passwords CISO

The Hacker Mind Podcast: The Hacker Revolution Will Be Televised

ForAllSecure

FEBRUARY 22, 2023

WIENS: Yeah, so So Vector 35 grew out of a number of folks that were playing CTFs that were doing vulnerability research doing reverse engineering for government contracting purposes and then thought like, you know what, it'd be nice to see sunshine, have a window at her office, get outside, do more Hilton commercial.

Engineering

Engineering Hacking Wireless Marketing

The bleak picture of two-factor authentication adoption in the wild

Elie

DECEMBER 20, 2018

This post looks at two-factor authentication adoption in the wild, highlights the disparity of support between the various categories of websites, and illuminates how fragmented the two factor ecosystem is in terms of standard adoption. Support for various categories. Thank you for reading this blog post till the end!

Authentication

Authentication Internet Internet Software

Cyber Security Informer

GhostTouch: how to remotely control touchscreens with EMI

Using WiFi connection probe requests to track users

Trending Sources

PACMAN, a new attack technique against Apple M1 CPUs

Effective AI Regulation Requires Adaptability and Collaboration

Insights about the first five years of Right to be Forgotten requests at Google

New Year’s resolution: keeping cybercriminals and scammers at bay

Security Roundup October 2021

Q&A on the MITRE D3FEND Framework

Cyber Threats to the FIFA World Cup Qatar 2022

Focus Threat Intel Capabilities at Detection Engineering (Part 4)

GUEST ESSAY: Understanding the security limits of the static and dynamic passwords we rely on

Administrator’s Guide, Part 2: Passwords Are Safer Than Biometrics, PINs Are Just Passwords, and Other Tall Tales

How Passwordless Can Elevate Higher Education

The Hacker Mind Podcast: The Hacker Revolution Will Be Televised

The bleak picture of two-factor authentication adoption in the wild

Stay Connected