Md Shohel Rana^1,2,3,4,*, Tonmoy Ghosh³, Mohammad Nur Nobi⁵, Anichur Rahman^1,6,*, Andrew H. Sung⁴

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-38, 2026, DOI:10.32604/cmc.2025.069212 - 10 November 2025

Abstract Zero-click attacks represent an advanced cybersecurity threat, capable of compromising devices without user interaction. High-profile examples such as Pegasus, Simjacker, Bluebugging, and Bluesnarfing exploit hidden vulnerabilities in software and communication protocols to silently gain access, exfiltrate data, and enable long-term surveillance. Their stealth and ability to evade traditional defenses make detection and mitigation highly challenging. This paper addresses these threats by systematically mapping the tactics and techniques of zero-click attacks using the MITRE ATT&CK framework, a widely adopted standard for modeling adversarial behavior. Through this mapping, we categorize real-world attack vectors and better understand how… More >

Tae-hyeon Yun¹, Moohong Min^2,*

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.2, pp. 2707-2731, 2025, DOI:10.32604/cmes.2025.072357 - 26 November 2025

Abstract The dynamic, heterogeneous nature of Edge computing in the Internet of Things (Edge-IoT) and Industrial IoT (IIoT) networks brings unique and evolving cybersecurity challenges. This study maps cyber threats in Edge-IoT/IIoT environments to the Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework by MITRE and introduces a lightweight, data-driven scoring model that enables rapid identification and prioritization of attacks. Inspired by the Factor Analysis of Information Risk model, our proposed scoring model integrates four key metrics: Common Vulnerability Scoring System (CVSS)-based severity scoring, Cyber Kill Chain–based difficulty estimation, Deep Neural Networks-driven detection scoring, and frequency… More >

So-Eun Jeon¹, Sun-Jin Lee¹, Eun-Young Lee¹, Yeon-Ji Lee², Jung-Hwa Ryu², Jung-Hyun Moon², Sun-Min Yi², Il-Gu Lee^1,2,*

CMC-Computers, Materials & Continua, Vol.75, No.2, pp. 4231-4253, 2023, DOI:10.32604/cmc.2023.034287 - 31 March 2023

Abstract Recently, with the normalization of non-face-to-face online environments in response to the COVID-19 pandemic, the possibility of cyberattacks through endpoints has increased. Numerous endpoint devices are managed meticulously to prevent cyberattacks and ensure timely responses to potential security threats. In particular, because telecommuting, telemedicine, and tele-education are implemented in uncontrolled environments, attackers typically target vulnerable endpoints to acquire administrator rights or steal authentication information, and reports of endpoint attacks have been increasing considerably. Advanced persistent threats (APTs) using various novel variant malicious codes are a form of a sophisticated attack. However, conventional commercial antivirus and… More >