Researchers
-
Blog
Almost half of US organizations still using Kaspersky, researchers claim
Almost half (40%) of US organizations are still using Kaspersky software despite a ban enacted in the summer, new research from Bitsight has revealed. Though the ban went into effect months ago, active use of Kaspersky products remains high, with more than 1,000 US organizations observed to be connecting to Kaspersky servers post-ban. Bitsight said only 58% of US organizations…
Read More » -
Blog
Researchers claim an AMD security flaw could let hackers access encrypted data
Researchers have exposed an issue with the memory implementation on AMD’s data center chips that could threaten the integrity of data, but the chipmaker has hit back at the claims. In a paper due to be presented at IEEE in 2025, researchers from University of Lübeck, KU Leven, and University of Birmingham highlighted a potential weakness in AMD’s secure encrypted…
Read More » -
Blog
New EagleMsgSpy Android spyware used by Chinese police, researchers say
A previously undocumented Android spyware called ‘EagleMsgSpy’ has been discovered and is believed to be used by law enforcement agencies in China to monitor mobile devices. According to a new report by Lookout, the spyware was developed by Wuhan Chinasoft Token Information Technology Co., Ltd. and has been operational since at least 2017. Lookout presents abundant evidence linking EagleMsgSpy to…
Read More » -
Blog
Security researchers set up an API honeypot to dupe hackers – and the results were startling
Attackers are quick off the mark in targeting and accessing APIs to enter company networks and steal data, according to the results of an API ‘honeypot’. API security firm Wallarm set up their trap last month, and has now reported on its first 20 days of activity. “We expected that it might take longer to have compelling data to report,…
Read More » -
Blog
Are ‘ghost engineers’ stunting productivity in software development? Researchers claim nearly 10% of engineers do “virtually nothing” and are a drain on enterprises
Just under a tenth (9.5%) of software engineers do almost no work, according to new research from academics at Stanford University. One researcher, Yegor Denisov-Blanch, posted the findings to his X account, dubbing the staff who work less than 10% as hard as the median engineer as ‘ghost’ engineers. These engineers do “virtually nothing,” Denisov-Blanch said, and it’s possible that…
Read More » -
Blog
Researchers discover first UEFI bootkit malware for Linux
The first UEFI bootkit specifically targeting Linux systems has been discovered, marking a shift in stealthy and hard-to-remove bootkit threats that previously focused on Windows. Named ‘Bootkitty,’ the Linux malware is a proof-of-concept that works only on some Ubuntu versions and configurations rather than a fully fledged threat deployed in actual attacks. Bootkits are malware designed to infect a computer’s…
Read More » -
Blog
Researchers sound alarm over hackers exploiting critical ProjectSend vulnerability
Researchers have warned that threat actors are actively exploiting a critical vulnerability in a widely-used open source file sharing app. A report from vulnerability intelligence platform VulnCheck warned that potentially thousands of instances of ProjectSend are impacted by a serious flaw rated 9.8 on the CVSS. ProjectSend is an open source file sharing web application used by businesses to securely…
Read More » -
Blog
Researchers claim Fortinet’s FortiJump patch was ‘incomplete’ and left users vulnerable
Fortinet’s patch for FortiJump, a critical missing authentication RCE flaw in FortiManager, left new vulnerabilities on the table for threat actors to exploit, according to new research. A new report from watchTowr Labs described how when trying to recreate the initial FortiJump vulnerability, researchers discovered a series of additional flaws, and one they considered particularly worrying. “[We] stumbled upon a…
Read More » -
Blog
Germany drafts law to protect researchers who find security flaws
The Federal Ministry of Justice in Germany has drafted a law to provide legal protection to security researchers who discover and responsibly report security vulnerabilities to vendors. When security research is conducted within the specified boundaries, those responsible will be excluded from criminal liability and the risk of prosecution. “Those who want to close IT security gaps deserve recognition—not a…
Read More » -
Blog
Data centers will be critical to UK economic growth in the coming decade – but researchers have warned of a ‘data doomsday’ unless energy infrastructure is improved
The UK’s data center industry could grow tenfold by 2035, according to new analysis from techUK, but only if the government takes action on energy supply and planning reforms. A new report from the trade body found data centers are already contributing £4.7 billion in Gross Value Added (GVA) annually to the UK economy, £640 million in tax revenue, and…
Read More »