Hackers and cybercriminals can do a lot of damage using mobile phone numbers. Using mobile phone numbers, malicious actors could execute SIM swapping attacks, conduct surveillance, and gain access to an individual's online profiles such as Facebook,…

Security researchers from Recorded Future have found that new deepfake products and services are cropping up across the Dark Web.  Cybercriminals are increasingly sharing, developing, and deploying deepfake technologies to bypass biometric security…

Security researchers at vpnMentor have discovered a misconfigured AWS S3 bucket leaking personal information on 70,000 customers of a popular paleolithic lifestyle site.  The researchers found the 290MB trove on February 4 and traced it back to…

Embracing neurodiversity could serve as an advantage to the cybersecurity field and help fill the cybersecurity workforce gap. The term "neurodiversity" covers conditions, including autistic spectrum disorders, ADHD, dyslexia, OCD, and other conditions…

A security researcher claims that the credit scores of almost every American were exposed through an API tool used by the Experian credit bureau, which he said was left open on a lender site without even basic security protections.  Experian, for…

Wyoming's Department of Health (WDH) has recently announced the accidental exposure of personal health information belonging to more than a quarter of people living in Wyoming on GitHub.com.  The data breach occurred when fifty-three files…

Ralf-Philipp Weinmann, CEO of Kunnamon, and Benedikt Schmotzle of Comsecuris demonstrated the use of a drone carrying a Wi-Fi dongle to hack and open a Tesla's doors remotely. The remote hack requires no interaction from anyone inside the car. According…

The Internet Systems Consortium (ISC) released updates for the BIND DNS software, patching vulnerabilities that could allow threat actors to perform denial-of-service (DoS) attacks and remote code execution. One of the flaws earned a CVSS score of 8.1.…

Researchers have discovered that the threat actors behind the notorious Emotet botnet managed to collect over four million victim email addresses over the past few years.  In all, 4,324,770 email addresses were found from a wide range of countries…

​Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.

Researchers at Informa Tech surveyed enterprises with 3,000 or more employees. They found that 70 percent of organizations perform penetration tests as a way to measure their security posture and 69 percent to prevent breaches, yet only 38 percent test…

Researchers at the University of Georgia (UGA) have identified weaknesses that pose a threat to the safety and efficiency of automated electric vehicles. In a new paper published in the IEEE Journal of Emerging and Selected Topics in Power Electronics,…