acm-header
Sign In

Communications of the ACM

News


bg-corner

An edited collection of advanced computing news from Communications of the ACM, ACM TechNews, other ACM resources, and news sites around the Web.


New Attack Method to Bypass Popular Web Application Firewalls
From ACM TechNews

New Attack Method to Bypass Popular Web Application Firewalls

Researchers devised a method that could be used by attackers to access sensitive business and customer information by bypassing Web application firewalls to infiltrate...

CISA Warns of Critical Vulnerabilities in Industrial Control System Software
From ACM TechNews

CISA Warns of Critical Vulnerabilities in Industrial Control System Software

Industrial Control Systems advisories from the U.S. Cybersecurity and Infrastructure Security Agency focus on vulnerabilities in software from ETIC Telecom, Nokia...

IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack
From ACM TechNews

IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack

Researchers at FortiGuard Labs reported that an Internet of Things (IoT) botnet malware identified in mid-June has been evolving rapidly.

Gootkit Loader Resurfaces with Updated Tactic to Compromise Targeted Computers
From ACM TechNews

Gootkit Loader Resurfaces with Updated Tactic to Compromise Targeted Computers

Researchers have found the operators of the Gootkit access-as-a-service malware now are using legal documents to get unsuspecting users to download them.

Experts Uncover 'CosmicStrand' UEFI Firmware Rootkit Used by Chinese Hackers
From ACM TechNews

Experts Uncover 'CosmicStrand' UEFI Firmware Rootkit Used by Chinese Hackers

Rootkit hides in firmware images of Gigabyte or ASUS motherboards, all related to designs using the H81 chipset.

'Retbleed' Speculative Execution Attack Affects AMD, Intel CPUs
From ACM TechNews

'Retbleed' Speculative Execution Attack Affects AMD, Intel CPUs

The "Retbleed" flaw targets older AMD and Intel central processing units as a channel for Spectre-based speculative-execution attacks.

Multiple Backdoored Python Libraries Caught Stealing AWS Secrets, Keys
From ACM TechNews

Multiple Backdoored Python Libraries Caught Stealing AWS Secrets, Keys

Packages found in the official third-party software repository include loglib-modules, pyg-modules, pygrata, pygrata-utils, and hkg-sol-utils.

MIT Researchers Discover New Flaw in Apple M1 CPUs That Can't Be Patched
From ACM News

MIT Researchers Discover New Flaw in Apple M1 CPUs That Can't Be Patched

The vulnerability is rooted in pointer authentication codes.

Brokenwire Hack Could Let Remote Attackers Disrupt Electric Vehicle Charging
From ACM TechNews

Brokenwire Hack Could Let Remote Attackers Disrupt Electric Vehicle Charging

Researchers have identified a method for attacking the Combined Charging System and interrupting electric vehicle charging sessions.

Flaws Discovered in Cisco's Network Operating System for Switches
From ACM TechNews

Flaws Discovered in Cisco's Network Operating System for Switches

Technology conglomerate Cisco has issued software patches to correct four security flaws that hackers could exploit to commandeer affected systems.

Critical Wormable Security Flaw Found in Several HP Printer Models
From ACM TechNews

Critical Wormable Security Flaw Found in Several HP Printer Models

F-Secure Labs researchers reported two eight-year-old vulnerabilities affecting 150 HP multifunction printers could be exploited to commandeer target devices.

Hackers Turning to 'Exotic' Programming Languages for Malware Development
From ACM News

Hackers Turning to 'Exotic' Programming Languages for Malware Development

For example, earlier this year, enterprise security firm Proofpoint discovered new malware written in Nim and Rust.

Cybersecurity Executive Order 2021: What It Means for Cloud and SaaS Security
From ACM News

Cybersecurity Executive Order 2021: What It Means for Cloud and SaaS Security

Understanding the fundamentals of the White House Executive Order on Improving the Nation's Cybersecurity.

Poor Password Security Led to Recent Water Treatment Facility Hack
From ACM News

Poor Password Security Led to Recent Water Treatment Facility Hack

The breach involved an unsuccessful attempt by an adversary to increase sodium hydroxide in the water supply to dangerous levels via the water treatment plant's...

Hackers-For-Hire Group Develops 'PowerPepper' In-Memory Malware
From ACM TechNews

Hackers-For-Hire Group Develops 'PowerPepper' In-Memory Malware

Kaspersky cybersecurity researchers revealed a previously undiscovered in-memory Windows backdoor for executing remote malware and stealing data.

Hackers Targeting IoT Devices With a P2P Botnet Malware
From ACM TechNews

Hackers Targeting IoT Devices With a P2P Botnet Malware

Qihoo 360's Netlab security team has discovered the HEH Botnet, which hijacks Internet-connected smart devices to carry out nefarious tasks.

Flaws in Top Antivirus Software Could Make Computers More Vulnerable
From ACM TechNews

Flaws in Top Antivirus Software Could Make Computers More Vulnerable

CyberArk researcher Eran Shimony has revealed security vulnerabilities in popular antivirus solutions.

Critical Flaws Discovered in Popular Industrial Remote Access Systems
From ACM TechNews

Critical Flaws Discovered in Popular Industrial Remote Access Systems

Researchers found critical defects in two popular industrial remote access systems that attackers could exploit.

Researchers Crack 1024-Bit Rsa Encryption in Gnupg Crypto Library
From ACM News

Researchers Crack 1024-Bit Rsa Encryption in Gnupg Crypto Library

A team of researchers found that the "left-to-right sliding window" method used by the libgcrypt library for carrying out the mathematics of cryptography leaks...

Cryptography Expert Says, 'pgp Encryption Is Fundamentally Broken, Time For Pgp to Die'
From ACM Opinion

Cryptography Expert Says, 'pgp Encryption Is Fundamentally Broken, Time For Pgp to Die'

A Senior cryptography expert has claimed multiple issues with PGP email encryption—an open source end-to-end encryption to secure email.
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account