Research Archives

On Dec. 27, VulnCheck detailed the vulnerability, tracked as CVE-2024-12856, wherein an attacker can leverage default credentials in Four-Faith F3x24 and F3x36 routers to remotely inject commands into the operating system. (Getty Images)

Thousands of industrial routers vulnerable to command injection flaw

The vulnerability, found in versions of Four-Faith routers, appears to have been exploited in the wild and has been connected to attempted infections of Mirai.

Dec 30, 2024 By Derek B. Johnson

Turla was able bypass traditional security measures and gain long-term access to Ukrainian military networks. (Getty Images)

Turla living off other cybercriminals’ tools in order to attack Ukrainian targets

A Russian nation-state threat actor has been observed leveraging tools from other cybercriminal groups to compromise targets in Ukraine, a recent report by Microsoft Threat Intelligence disclosed.…

Dec 11, 2024 By Greg Otto

Latest round of MITRE ATT&CK evaluations put cybersecurity products through rigors of ransomware

The sixth round of tests included two ransomware variants, while also incorporating macOS for the first time.

Dec 11, 2024 By Greg Otto

How a Russian man’s harrowing tale shows the physical dangers of spyware

Citizen Lab and a Russian exile-led human rights group investigated spyware implanted on his phone after he was detained, beaten up and released.

Dec 5, 2024 By Tim Starks

The Russian flag flies over the country’s embassy in Washington, D.C., on Feb. 16, 2024. (Photo by Brendan SMIALOWSKI / AFP)

Russian-linked Turla caught using Pakistani APT infrastructure for espionage

Both Microsoft and Lumen’s BlackLotus Labs found Turla spying on Afghanistan and India via Pakistani infrastructure.

Dec 4, 2024 By Greg Otto

Here’s how simple it is for script kiddies to stand up DDoS services

How plug-and-play hacking tools and lax configs helped a Russian script kiddie start a scheme.

Nov 26, 2024 By Christian Vasquez

Shakhtar Donetsk’s Ukrainian midfielder #10 Georgiy Sudakov (C) vies for the ball during the UEFA Champions League football match FC Shakhtar Donetsk vs BSC Young Boys in Gelsenkirchen, western Germany, on November 6, 2024. Hackers were recently found to be exploiting Jupyter notebooks to host illegal streams of this particular Champions League game. (Photo by INA FASSBENDER/AFP via Getty Images)

Attackers are hijacking Jupyter notebooks to host illegal Champions League streams

Normally reserved for data analysis, a cybersecurity firm caught online content pirates hosting soccer matches.

Nov 19, 2024 By Christian Vasquez

Palo Alto Networks headquarters in Silicon Valley; Palo Alto Networks, Inc. is an American multinational cyber security company. (Getty Images)

More bugs in Palo Alto Expedition see active exploitation, CISA warns

Hackers have been actively targeting the firewall management software through multiple vulnerabilities.

Nov 15, 2024 By Christian Vasquez

The United Nations logo is seen at the United Nations headquarters on May 20, 2021 in New York City. (Photo by Angela Weiss / AFP) (Photo by ANGELA WEISS/AFP via Getty Images)

HackerOne urges U.S. to advocate for research protections in UN cybercrime treaty

The company responsible for bug bounty platforms warns in a letter to top U.S. officials that the treaty’s vague language could undermine ethical security research.

Nov 14, 2024 By Greg Otto

Safe Mode

Securing the Skies: Aerospace Cybersecurity with David Brumley

David Brumley, Cybersecurity Professor at Carnegie Mellon & CEO of Mayhem Security; Danny Jenkins, Co-Founder & CEO of ThreatLocker

Nov 14, 2024 By CyberScoop Staff