Phishing remains the most common type of cyberattack. The Anti-Phishing Working Group observed the most phishing attacks in history in the first quarter of 2022, as the quarterly volume of attacks surpassed 1 million for the first time. Organizations…

A long-desired holy grail in cryptography is about to change the way sensitive data is protected. Existing standard encryption schemes are all-or-nothing as data is inaccessible to anyone who does not have the secret key once it is scrambled. This has…

​Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.

The author of node-ipc, a software library with over a million downloads weekly, deliberately broke their code in March 2022. If the code detects that it is being executed within Russia or Belarus, it attempts to replace the contents of every file on the…

The US Treasury Department's Federal Insurance Office (FIO) wants to know if a national cyber insurance program should enforce that policyholders implement basic cybersecurity measures. In a request for comment set to be published in the Federal Register…

Security researchers at Cisco Talos discovered a malicious campaign in August 2022 that relied on modularized attack techniques to deliver Cobalt Strike beacons and used them in follow–on attacks.  The researchers stated that the threat actors…

Canon Medical's Vitrea View is a widely used tool for securely sharing medical images between radiologists, physicians, and other healthcare providers on a patient care team.  Researchers at Trustwave's SpiderLabs have recently discovered two…

According to researchers at the University of Guelph, Canada's wide-open farm fields are vulnerable to cyberattacks and data privacy attacks, as well as unethical data use. Dr. Rozita Dara, a professor in the College of Engineering and Physical Sciences…

The National Cybersecurity Alliance and CybSafe surveyed 3,000 people in the US, UK, and Canada, finding that while 58 percent of tech users who had access to cybersecurity training or education say they are better at recognizing phishing messages and…

The National Security Agency (NSA), the nation’s preeminent cybersecurity agency, has designated LSU as a Center of Academic Excellence in Cyber Operations, or CAE-CO. LSU joins only 21 other universities and colleges in the U.S. with the designation,…

The Internal Revenue Service (IRS) is warning US taxpayers of an “exponential” increase in text-based phishing attempts and is urging users to report campaigns to help the government disrupt them.  The tax agency said it had identified thousands of…

A project funded by the National Science Foundation (NSF) and led by faculty members at the University at Buffalo's School of Engineering and Applied Sciences will provide critical training in Cyber-Infrastructure (CI) technologies for the next…