News Items

  • news

    Visible to the public Winner of 7th Paper Competition is Evaluating Fuzz Testing

    The winning paper is Evaluating Fuzz Testing by George Klees, Andrew Ruef, Benji Cooper, Shiyi Wei, and Michael Hicks. This paper was presented at ACM SIGSAC Conference on Computer and Communications Security (CCS '18) in Toronto.

  • news

    Visible to the public NSA Launches Latest Codebreaker Challenge

    By Betsy Stein NSA/CSS Communications Officer

    FORT MEADE, MD, Sept. 20, 2019 --

    Are you a U.S. undergraduate or graduate student interested in attempting to crack a cyber-challenge similar to those that regularly threaten national security? Then sign up for the 2019 NSA Codebreaker Challenge!

  • news

    Visible to the public NIST Releases Draft Security Feature Recommendations for IoT Devices

    NIST Releases Draft Security Feature Recommendations for IoT Devices

    "Core Baseline" guide offers practical advice for using everyday items that link to computer networks.

    August 01, 2019

  • news

    Visible to the public NSA-approved cybersecurity law and policy course now available online

    NSA-approved cybersecurity law and policy course now available online

    Cyber Scoop

    Shannon Vavra

    August 27th, 2019

    Anyone who is interested in cybersecurity law and policy can now take an online course that was partly shaped by National Security Agency.

  • news

    Visible to the public NSA-approved cybersecurity law and policy course now available online

    NSA-approved cybersecurity law and policy course now available online

    Cyber Scoop

    Shannon Vavra

    August 27th, 2019

    Anyone who is interested in cybersecurity law and policy can now take an online course that was partly shaped by National Security Agency.

  • news

    Visible to the public Logical Foundations of Cyber-Physical Systems (15-424)

    This video sequence accompanies the textbook on Logical Foundations of Cyber-Physical Systems, which teaches undergraduate students the core principles behind CPSs. Designing algorithms for CPSs is challenging due to their tight coupling with physical behavior, while it is vital that these algorithms be correct because we rely on them for safety-critical tasks.

  • news

    Visible to the public 2019 SaTC PI Meeting – Save the Dates

    The 2019 SATC PI meeting will be held at the Hilton Alexandria Mark Center in Alexandria, VA at 5000 Seminary Rd, Alexandria, VA 22311 from October 27-29, 2019. More details regarding registration will be sent shortly, and will be available through https://cps-vo.org/group/satc-pimtg19.

  • news

    Visible to the public Verification Tool Competition

    ARCH brings together researchers and practitioners to establish a curated set of benchmarks for verification, testing and reachability, and evaluate them in a friendly competition. ARCH started in 2014 and has sustained a vibrant community since. Since 2017, ARCH has organized as a part of the workshop the International Competition on Verifying Continuous and Hybrid Systems (ARCH-COMP, https://cps-vo.org/group/ARCH/), now in its 3rd iteration.

  • news

    Visible to the public Game-theoretic Paper Wins Annual Paper Competition

    The winner of the 6th Annual Best Scientific Cybersecurity Paper Competition is How Shall We Play a Game? A Game-theoretical Model for Cyber-warfare Games by Tiffany Bao, Yan Shoshitaishvili, Ruoyu Wang, Christopher Kruegel, Giovanni Vigna, and David Brumley. These researchers are from Carnegie Mellon University and University of California, Santa Barbara. This paper was originally accepted at 30th IEEE Computer Security Foundations Symposium (CSF '17).

    To learn more visit the competition homepage: https://cps-vo.org/group/sos/papercompetition/pastcompetitions

  • news

    Visible to the public Secretary of Energy Rick Perry Announces $68.5 Million for Advanced Vehicle Technologies Research

    WASHINGTON, D.C. - Today, U.S. Secretary of Energy Rick Perry announced up to $68.5 million in available funding for early-stage research of advanced vehicle technologies that will enable more affordable mobility, strengthen domestic energy security, and enhance U.S. economic growth.

  • news

    Visible to the public 2018 NSF CPS Program Solicitation

    The 2018 Cyber-Physical Systems Program Solicitation has been released. The submission window for proposals is April 27, 2018 - May 8, 2018. Please see the full solicitation for additional details and the summary of program requirements: https://cps-vo.org/node/45729

  • news

    Visible to the public NSA SoS Lablet Call for Proposals is Open

    The National Security Agency has distributed its BAA (really a request for proposals) for its next generation of SoS Lablets. These lablets include lablets on the 5 Hard Problem areas in Science of Security, on the Science of Privacy and dealing with Cyber Physical Systems. Proposals are due August 21. While the SoS team is not the point of contact for the contracting process, we can aid in directing: https://cps-vo.org/group/SoS/contact

  • news

    Visible to the public U.S. Department of Transportation Launches Smart City Challenge to Create a City of the Future

    Smart City Challenge

  • news

    Visible to the public NEW 2016 NSF-USDA Solicitation: Innovations at the Nexus of Food, Energy, and Water Systems (INFEWS)

    Innovations at the Nexus of Food, Energy and Water Systems (INFEWS)


    Program Solicitation
    NSF 16-524

    National Science Foundation

  • news

    Visible to the public Sticky News Item

    This news item always appears at the top of the 'recent news' list because the 'pin to top of lists' box is checked under 'publishing options' below. News Items can also be set to show in the spotlight slideshow feature.

  • news

    Visible to the public Sticky News Item

    This news item always appears at the top of the 'recent news' list because the 'pin to top of lists' box is checked under 'publishing options' below. News Items can also be set to show in the spotlight slideshow feature.

  • news

    Visible to the public "BitPaymer Ransomware Attackers Exploit Apple Flaw to Bypass Detection"

    A zero-day flaw in iTunes for Windows and iCloud for Windows has been patched by Apple. The actual bug was contained by Bonjour, a component that comes with iTunes for Windows machines used to deliver updates and help services discover each other. According to researchers at Morphisec, the bug is an unquoted service path, which occurs when a file path to an executable service is not surrounded by quotation marks. The bug has been exploited by attackers to circumvent users' security defenses such as antivirus software and run BitPaymer ransomware, also known as IEncrypt. This article continues to discuss the zero-day flaw that was contained by the Bonjour updater in relation to what type of vulnerability it was, its exploitation by attackers to execute ransomware, and how it was addressed by Apple, in addition to the effectiveness of the exploit.

    SC Media reports "BitPaymer Ransomware Attackers Exploit Apple Flaw to Bypass Detection"

  • news

    Visible to the public "Attackers Hide Behind Trusted Domains, HTTPS"

    A new report from Webroot brings further attention to the use of HTTPS domains to host phishing attacks. Hypertext Transfer Protocol Secure (HTTPS) is the secure version of HTTP that uses the Transport Layer Security (TLS) protocol to secure connections between browsers and web servers in order to prevent the eavesdropping of users' private information, including passwords and web searches. The presence of "https" and a green padlock symbol in a browser's address bar gives users a false sense of security as there is no guarantee that the information encrypted and securely delivered by HTTPS is going to a safe destination. This article continues to discuss the use of trusted domains and HTTPS by attackers in addition to the increased targeting of older operating systems and the rise in malware variants.

    Dark Reading reports "Attackers Hide Behind Trusted Domains, HTTPS"

  • news

    Visible to the public "Combination of Techniques Could Improve Security for IoT Devices"

    A team of researchers at Penn State World Camp have developed an approach consisting of a combination of different techniques to bolster the security of Internet of Things (IoT) devices such a smart TVs, smart speakers, wearables, and home video cameras. According to one researcher, the number of IoT devices in operation will reach 20 billion by 2020, which increases the vulnerability of users to security breaches. The breach of IoT devices could pose a threat to the privacy and safety of users. The approach created by the researchers to maintain the security of IoT systems and identify attacks involves the use of statistical data, machine learning, intrusion detection tools, visualization tools, and more. This article continues to discuss the techniques and tools applied in the team's approach, as well as how this approach will help security professionals strengthen IoT device security.

    EurekAlert! reports "Combination of Techniques Could Improve Security for IoT Devices"

  • news

    Visible to the public "Hackers Bypassing Some Types of 2FA Security FBI Warns"

    It has been discovered by the FBI that some types of two-factor authentication (2FA) security can no longer be guaranteed to keep adversaries out. Their are several methods cyber actors use to circumvent popular multi-factor authentication techniques in order to obtain the one-time passcode and access protected accounts. The most common bypass method is SIM swap fraud, in which the attacker convinces a mobile network (or bribes an employee) to port a target's mobile number, allowing them to receive 2FA security codes sent via SMS text. Using any form of 2FA is still better than relying on a password and username on its own even with some being vulnerable. If one wants to have the strongest possible 2FA security, one will probably have to consider using FIDO2 hardware tokens, a technology that has yet to be undermined by hackers in real-world attacks.

    Naked Security reports: "Hackers Bypassing Some Types of 2FA Security FBI Warns"

  • news

    Visible to the public "Using Machine Learning to Hunt Down Cybercriminals"

    Researchers at MIT and the University of California at San Diego (UCSD) have developed a new machine-learning (ML) system that can be used to prevent IP hacking incidents before they occur by identifying serial IP hijackers. IP hijacking is a type of cyberattack in which cybercriminals exploit a flaw in the routing protocol for the Internet, Border Gateway Protocol (BGP). Through the performance of a BGP hijack, nearby networks can be convinced that a malicious actor's network has the best path to reach a specific IP address. The researchers gathered information from network operator mailing lists and historical BGP data to identify the common traits and behaviors of serial hijackers. Using the collected information, researchers trained their system to identify those traits and behaviors, allowing IP hacking incidents to be predicted in advance. This article continues to discuss the concept of IP hijacking, the ML system developed to detect such attacks before they occur, and the identification of false positives.

    MIT News report "Using Machine Learning to Hunt Down Cybercriminals"

  • news

    Visible to the public "Twitter Admits It Used Two-Factor Phone Numbers and Emails for Serving Targeted Ads"

    Another incident has raised concerns over the misuse of customer data by social media giants. Twitter recently admitted to using phone numbers and email addresses provided by users to enable two-factor authentication on their accounts for targeted advertising. According to a statement released by the company, this issue derived from its advertising system that allows companies to upload their own marketing list, match with Twitter users, and directly target them in their campaigns. This article continues to discuss the incident, the importance of two-factor authentication, a similar incident that was faced by Facebook last year, and other notable security mistakes made by Twitter.

    TechCrunch reports "Twitter Admits It Used Two-Factor Phone Numbers and Emails for Serving Targeted Ads"

  • news

    Visible to the public "A Controversial Plan to Encrypt More of the Internet"

    Google and Mozilla plan to encrypt a fundamental element of the Internet, the Domain Name System (DNS). Security was not considered in the design of DNS, allowing hackers to abuse weaknesses and vulnerabilities in the Internet system through a variety of different attacks such as DNS hijacking. The increase in such attacks has prompted this push to encrypt DNS. Two different methods that apply web encryption to DNS requests, called DNS over HTTPS (DoH) and DNS over TLS (DoT), have already been codified by the Internet Engineering Task Force standards body. This article continues to discuss the concept of DNS, the insecurity of DNS requests, the two protocols aimed at encrypting these requests, and concerns surrounding the encryption of DNS requests among cybersecurity professionals.

    Wired reports "A Controversial Plan to Encrypt More of the Internet"

  • news

    Visible to the public "Majority of IT Departments Leave Major Holes in Their USB Drive Security"

    In a new study, it was found that even though 87% of organizations use USB drives, the majority of IT departments aren't implementing tools to manage USB device usage. Nearly 6 out of 10 organizations (58%) do not use port control / whitelisting software to manage USB device usage. More than a quarter of organizations (26%) do not use software-based encryption, and less than half of organizations (47%) require the deployment of encryption for data stored on the USB drive. An overwhelming 91% of employees that participated in this study thought that encrypted USB drives should be mandatory.

    Help Net Security reports: "Majority of IT Departments Leave Major Holes in Their USB Drive Security"

  • news

    Visible to the public "New Report Outlines IoT Security Vulnerabilities"

    A new Internet of Things (IoT) report released by consulting and research firm, Independent Security Evaluators (ISE), details the presence of IoT security vulnerabilities in 13 popular small office/home office (SOHO) routers and network-attached storage (NAS) devices. The study of these devices resulted in 125 CVEs (Common Vulnerabilities and Exposures). According to the report, all 13 devices that were examined in this research contained one or more web app vulnerabilities. The exploitation of these vulnerabilities could allow attackers to compromise additional network devices, obtain sensitive information transmitted via devices, disable networks, and more. This article continues to discuss key findings of the IoT security report, the impact IoT security vulnerabilities, how these IoT weaknesses can be eliminated, what improvements have been made in IoT security, and the need for IoT device manufacturers to prioritize security.

    CPO Magazine reports "New Report Outlines IoT Security Vulnerabilities"

  • news

    Visible to the public "Wireless Security Institute Established at Idaho National Laboratory to Improve 5G Technology"

    5G is the next generation of wireless technology that is expected to bring improvements in regard to bandwidth, capacity, and reliability. However, the arrival of 5G networks is also expected to introduce new security vulnerabilities. As the implementation of 5G technology continues to increase, data protection technologies and 5G security protocols need to be developed and validated. Idaho National Laboratory (INL) has established the INL Wireless Security Institute to lead research conducted by government, academia, and private industry aimed at making 5G wireless technology more secure and reliable. The INL Wireless Security Institute will work with public and private leaders in the wireless communication field to prioritize security tasks and increase efforts to improve security. This article continues to discuss what it is expected of 5G wireless technology and how the INL Wireless Security Institute will support efforts towards improving this technology.

    INL reports "Wireless Security Institute Established at Idaho National Laboratory to Improve 5G Technology"

  • news

    Visible to the public "Phishing Attempts Increase 400%, Many Malicious URLs Found on Trusted Domains"

    In a news study, it has been discovered that nearly a quarter (24%) of malicious URLs are found to be hosted on trusted domains. This is done, because hackers know trusted domain URLs raise less suspicion among users and are more difficult for security measures to block. It was also discovered that 1 in 50 URLs (1.9%) were found to be malicious, which is high given that nearly a third (33%) of office workers click more than 25 work-related links per day. Nearly a third (29%) of detected phishing web pages use HTTPS as a method to trick users into believing they're on a trusted site via the padlock symbol. Phishing attempts grew rapidly, with a 400% increase in URLs discovered from January to July 2019. The top industries impersonated by phishing include: SaaS/Webmail providers (25%), financial institutions (19%), social media (16%), retail (14%), file hosting (11%), and payment services companies (8%).

    Help Net Security reports: "Phishing Attempts Increase 400%, Many Malicious URLs Found on Trusted Domains"

  • news

    Visible to the public "New Tech Aims to Tell Pilots When Their Plane Has Been Hacked"

    U.S. defense contractor, Raytheon, is developing new technology that would alert pilots in the event that their planes are being hacked. The U.S. military expects the act of hacking a plane to be a major tactic in warfare in the future. The Cyber Anomaly Detection System will give pilots details about a hacking incident in real time, which will allow them to make decisions as to what needs to be done to resolve the problem. Most aircraft have important electronics and avionics systems connected to a serial data bus, which is said to lack security in many U.S. military planes. A plane's attack surface for cyber threats grows as more technology and commercial products are added to the aircraft. This article continues to discuss a potential scenario in which a helicopter is hacked, the growing vulnerability of aviation platforms to being infiltrated by hackers, the discovery of vulnerabilities in the F-15E Stroke Eagle fighter jet, and the Cyber Anomaly Detection System aimed at alerting pilots about cyberattacks on their planes.

    Defense One reports "New Tech Aims to Tell Pilots When Their Plane Has Been Hacked"

  • news

    Visible to the public "Hacking for the Public Good"

    A panel at the Black Hat USA 2019 conference highlighted the use of hacking skills for good as hacking is often perceived as bad. It was emphasized that white-hat hackers and IT security industry groups are applying their skills in a way that bolsters digital security for the public and private sector. Ethical hacking can lead to the discovery of security vulnerabilities in products and an increase in awareness about how these vulnerabilities can be exploited by malicious actors. This article continues to discuss the importance of ethical hackers, the Electronic Frontier Foundation, the introduction of new threats, and efforts to increase understanding surrounding these threats.

    GCN reports "Hacking for the Public Good"

  • news

    Visible to the public "APT Groups Exploiting Flaws in Unpatched VPNs, Officials Warn"

    The National Security Agency (NSA) and the National Cyber Centre (NCSC) in the United Kingdom issued alerts pertaining to the exploitation of vulnerabilities in outdated VPN technologies from Pulse Secure, Fortinet, and Palo Alto Networks by state-sponsored advanced persistence threat (APT) groups. According to the alerts, the exploitation of these vulnerabilities could allow APT actors to gain access to VPN devices, change configuration settings, run secondary exploits, and more. Officials recommend a number of mitigation techniques for these vulnerabilities, which include applying patches for VPNs, updating existing credentials, and using multi-factor authentication. This article continues to discuss the release of warnings about the abuse of flaws in unpatched VPNs, the vulnerabilities contained by outdated VPN technologies, and mitigation techniques recommended by officials.

    Threatpost reports "APT Groups Exploiting Flaws in Unpatched VPNs, Officials Warn"

  • news

    Visible to the public "Researcher Shows How Adversaries Can Gather Intel on U.S. Critical Infrastructure"

    A researcher known as Wojciech used open source intelligence (OSINT) and a tool that he developed, called Kamerka, to demonstrate the ease at which adversaries can collect intelligence on U.S. critical infrastructure. Through the use of the Kamerka tool, Wojciech was able to discover 26,000 internet-exposed industrial control system (ICS) devices in the U.S. The tool also allowed Wojciech to determine the geographical locations of these industrial controls systems as well as the critical infrastructure targets that would be the most attractive to threat actors. Atlanta, Houston, Chicago, New York, Denver, and Philadelphia are the cities in which the highest percentage of these ICS devices were found. This article continues to discuss Kamerka's capabilities, the discovery of exposed ICS devices in the U.S., the vulnerabilities contained by such devices, and the potential use of OSINT by adversaries to perform reconnaissance on U.S. critical infrastructure.

    Security Week reports "Researcher Shows How Adversaries Can Gather Intel on U.S. Critical Infrastructure"

  • news

    Visible to the public "218 million Words With Friends Players Lose Data to Hackers"

    It has been discovered that Words With Friends, Zynga's popular multiplayer crossword-style game has been affected by a breach. The hacker/hacker group named GnosticPlayers had gotten access to details on more than 218 million users. Details of all Android and iOS game players who installed and signed up for the game on and before September 2nd 2019 was obtained. The information that was obtained include: names, email addresses, login IDs, Hashed passwords, SHA1 with salt, password reset token (if ever requested), phone numbers (if provided), Facebook ID (if connected), and Zynga account ID. Luckily it is not believed that they got any credit card information used for payments within the application.

    Naked Security reports: "218 million Words With Friends Players Lose Data to Hackers"

  • news

    Visible to the public "Research Aims to Help Social Media Users Secure Their Information"

    Researchers at the University of North Georgia (UNG) are working on developing tools aimed at helping Facebook, Twitter, and Instagram users protect their sensitive data. Dr. Ahmad Ghafarian and three UNG students are performing experiments in which the amount of information stored on computers and web browsers by social media users is examined. The researchers want to find out how easy it would be for an attacker to exfiltrate personal data when a social media user is logged into their account on a particular machine. In addition, researchers are looking for security vulnerabilities contained by popular social media platforms to develop tools to help people protect their accounts and information. This article continues to discuss the goals, activities, and support of this research.

    UNG reports "Research Aims to Help Social Media Users Secure Their Information"

  • news

    Visible to the public "Iranian Hackers Targeted a U.S. Presidential Campaign, Microsoft Says"

    Researchers from the Microsoft Threat Intelligence Center discovered more than 2,000 attempts supposedly made by Iranian hackers to compromise email accounts associated with a U.S. presidential campaign, government officials, journalists, and prominent Iranians that live outside of Iran. The hacking group, called Phosphorus, executed attacks against 241 email accounts, four of which were successfully hacked. According to researchers, the hackers were able to gain access to the four accounts by abusing password reset features using a large amount of personal information. This article continues to discuss the attempted hacks on a U.S. presidential campaign regarding their perpetrators, targets, and impact, as well as other incidents that have raised concerns surrounding the 2020 election.

    CNET reports "Iranian Hackers Targeted a U.S. Presidential Campaign, Microsoft Says"

  • news

    Visible to the public "Intel Proposes New SAPM Memory Type to Protect Against Spectre-Like Attacks"

    Intel recently published a paper in which details about a new type of computer memory were shared. The new type of CPU memory, called Speculative-Access Protected Memory (SAPM), was designed to protect against Spectre, Meltdown, Zombieload, and other speculative execution side-channel attacks. Speculative execution side-channel attacks refer to vulnerabilities deriving from the prediction of future instructions by high-performance microprocessors. Misspeculations leave traces of information behind that could be exploited via side-channels by hackers to gain access to sensitive data stored in memory. A team of researchers at Intel STORM (Strategic Offensive Research and Mitigation) have proposed the replacement of the current CPU memory system with SAPM. SAPM will work as an alternative to existing hardware and software-level mitigations. This article continues to discuss speculative side-channel attacks as well as the new SAPM memory type proposed by Intel to protect against such attacks.

    ZDNet reports "Intel Proposes New Sapm Memory Type to Protect Against Spectre-Like Attacks"

  • news

    Visible to the public "Alabama Hospitals Pay Out in Ransomware Attack Amid FBI Warning of More to Come"

    It has been discovered that Alabama-based DCH Health System paid off the hackers behind a ransomware attack that severely disrupted operations at three hospitals. The specific ransomware variant involved in the attack is called Ryuk. Ryuk has recently become a global threat. There is good evidence that Ryuk attacks may be coordinated by a single cybercrime group based out of Russia known as GRIM SPIDER. Ransomware attacks are becoming more targeted, sophisticated, and costly, even as the overall frequency of attacks remains consistent. It is suggested that one does not pay the ransom if affected by ransomware, because sometimes the attacker does not give the person affected the key to decrypt their files, and sometimes the attacker will perform a ransomware attack again on the same individual in the future, because they know that the person is more likely to pay the ransom, since they already had before.

    GIZMODO reports: "Alabama Hospitals Pay Out in Ransomware Attack Amid FBI Warning of More to Come"

  • news

    Visible to the public "How Kids Get into Hacking"

    A new study conducted by researchers from Michigan State University on the characteristics and gender-specific behaviors that lead kids to juvenile hacking. Research has focused on the scope and threat posed by hacking. However, there is a lack of understanding surrounding the background factors, social connections, and personality traits that lead to a path of hacking. Thomas Holt, lead author and MSU cybercrime expert in the School of Criminal Justice, determined the predictors for hacking by examining responses from 50,000 teens. Predictors include low self-control, negative peer-associations, and obsession with playing computer games. It was also discovered that there is a difference in predictors between boys and girls. This article continues to discuss the predictors of juvenile hacking, the differences in predictors based on gender, and how parents can encourage their kids to use their skills in a positive way.

    Homeland Security News Wire reports "How Kids Get into Hacking"

  • news

    Visible to the public "URGENT/11: FDA Issues Alert for Cyber Vulnerability That Threatens Medical Devices, Networks"

    An alert has been issued by the U.S. Food and Drug Administration (FDA) for healthcare organizations, IT professionals, device manufacturers, and patients pertaining to a collection of security vulnerabilities, called URGENT/11, that affect connected medical devices and hospital networks. According to FDA officials, the exploitation of URGENT/11 vulnerabilities could allow attackers to perform malicious activities such as hijacking medical devices remotely, changing device functions, launching denial-of-service attacks, leaking sensitive information, and more. The vulnerabilities affect at least six different operating systems including VxWorks, INTEGRITY, and ZebOS. This article continues to discuss what the abuse of URGENT/11 vulnerabilities can allow attackers to do, which operating systems are affected by the security flaws, and suggestions on how to address these vulnerabilities.

    Healthcare IT News report "Urgent/11: FDA Issues Alert for Cyber Vulnerability That Threatens Medical Devices, Networks"

  • news

    Visible to the public "Blind Spots in AI Just Might Help Protect Your Privacy"

    Significant advancements have been made in machine learning (ML) as this technology has helped in detecting cancer and predicting personal traits. ML technology has also enabled self-driving cars and highly accurate facial recognition. However, ML models remain vulnerable to attacks in which adversarial examples are used to cause the models to make mistakes. Adversarial examples are inputs designed by an attacker to cause a ML model to produce incorrect output, which can pose a threat to the safety of users in the case of self-driving cars. According to privacy-focused researchers at the Rochester Institute of Technology and Duke University, there is a bright side to adversarial examples in that such inputs can be used to protect data and defend the privacy of users. This article continues to discuss ML applications, the use of adversarial examples to disrupt the success of ML models, Facebook's Cambridge Analytic incident, the never-ending cat-and-mouse game of predicting and protecting private user data, and research surrounding the use of adversarial examples to protect data.

    Wired reports "Blind Spots in AI Just Might Help Protect Your Privacy"

  • news

    Visible to the public "WhatsApp Vulnerability Could Compromise Android Smartphones"

    Some new research has revealed that WhatsApp has a remote code execution (RCE) flaw. This flaw could be used to compromise not only the app but the mobile device the app is running on. The critical issue (CVE-2019-11932) affects users of the Android versions of the app, specifically versions 8.1 and 9.0 although not, apparently, version 8.0 (Apple's iOS doesn't appear to be affected). The attack would involve first sending a malicious GIF image using any channel, that is by email, a rival messaging app, or sent direct through WhatsApp itself. If WhatsApp is being used, and the attacker (or hapless intermediary) is on the contacts list of the user as a friend, this GIF would download to the device automatically. Execution of the flaw would happen when the recipient subsequently opens the WhatsApp Gallery even if no file is selected or sent. The exploit can allow an attacker to receive a full reverse shell, with root and complete access to all the files on that device, its SD Card, and what appears to be the WhatsApp message database.

    Naked Security reports: "WhatsApp Vulnerability Could Compromise Android Smartphones"

  • news

    Visible to the public F1/10 Autonomous Racing Grand Prix

  • news

    Visible to the public "Alabama Hospitals Forced to Close After Ransomware Attack"

    Healthcare organizations are increasingly being targeted in ransomware attacks as indicated by recent attacks on hospitals in Alabama, Ohio, West Virginia, and the Australian state of Victoria. One recent ransomware attack has resulted in the closure of three hospitals in Alabama, which are ran by a nonprofit firm, called DCH Health System. Security experts encourage the health industry to adopt a more proactive approach to disaster recovery (DR) planning, mitigating security vulnerabilities, and bolstering cybersecurity resilience. Hospitals' IT teams should update their DR strategies and invest in technologies that would ensure continuous availability of patient data and significantly decrease downtime in the event of a ransomware attack or other type of cyberattack. This article continues to discuss recent ransomware attacks on healthcare organizations and the actions that should be taken by the healthcare industry to address such attacks.

    SiliconANGLE reports "Alabama Hospitals Forced to Close After Ransomware Attack"

  • news

    Visible to the public "Magecart Web Skimming Group Targets Public Hotspots and Mobile Users"

    Magecart is composed of multiple sophisticated hacking groups aimed at stealing credit card numbers through the performance of web-based card-skimming attacks. Security researchers from IBM's X-Force Incident Response and Intelligence Services team have discovered the testing of malicious scripts by Magecart Group 5 (MG5) to inject into websites via commercial routers in order to steal payment details. Previous Magecart attacks largely focused on injecting credit-card skimmers into checkout pages to steal payment details. High-profile brands that have been targeted by Magecart include British Airways, TicketMaster, and Newegg. This article continues to discuss the new tactics being used by one Magecart group to pilfer payment card information and the X-Force team's advice for website owners on how to protect their users from such attacks.

    CSO Online reports "Magecart Web Skimming Group Targets Public Hotspots and Mobile Users"

  • news

    Visible to the public "Preventing Manipulation in Automated Face Recognition"

    The adoption and implementation of automated face recognition continues to increase. However, this method of authentication remains vulnerable to morphing attacks in which different facial images are merged together to create a fake image. A photo stored in a biometric passport that has been altered in such a manner can allow two different people to use the same passport. A team of researchers from the Fraunhofer Institute and the Heinrich Hertz Institute are working on developing a process that uses machine learning methods to prevent the success of morphing attacks in a project called ANANAS (Anomaly Detection for Prevention of Attacks on Authentication Systems Based on Facial Images). This article continues to discuss the biometric facial recognition process, the execution of morphing attacks, and the research project aimed at preventing such attacks.

    TechXplore reports "Preventing Manipulation in Automated Face Recognition"

  • news

    Visible to the public "As Health Sector Grapples With Ransomware, a Search for Better Incident Data"

    In recent years, there have been a lot of ransomware infections, which have forced healthcare organizations across the U.S. to confront their security weaknesses. Yet largely missing from the equation has been a reliable and thorough set of public data on healthcare ransomware incidents that tracks things like payouts, the number of victims, and strains of malware. There is a new push to create an open source data set with information pertaining to rasnomware attacks on healthcare organizations. This dataset will have to be updated daily, since healthcare organizations are affected by ransomware frequently.

    Cyberscoop reports: "As Health Sector Grapples With Ransomware, a Search for Better Incident Data"

  • news

    Visible to the public "PDFex Attacks Can Exfiltrate Content From Encrypted PDF Documents"

    Researchers from Ruhr University Bochum and Munster University of Applied Sciences developed PDFex attacks that can be used to exfiltrate plaintext content from encrypted PDF documents. These attacks were successfully tested against 27 popular desktop and browser-integrated PDF viewers, including Adobe Acrobat, Nitro, and Chrome's built-in PDF viewer. According to researchers, some PDF viewers do not encrypt all of the content of a PDF document, resulting in the success of direct exfiltration attacks. CBC gadgets can also be used by attackers to exfiltrate plaintext from encrypted PDF documents. This article continues to discuss the PDFex attacks devised by researchers and the disclosure of these attacks to vendors.

    Help Net Security reports "PDFex Attacks Can Exfiltrate Content From Encrypted PDF Documents"

  • news

    Visible to the public "Legit-Looking iPhone Lightning Cables That Hack You Will Be Mass Produced and Sold"

    A security researcher created a tool called the O.MG cable, which is a modified Apple lightning cable capable of hacking a computer remotely. In addition to performing the normal functions of an Apple cable such as charging phones and transferring data, the O.MG cable enables hackers to remotely hijack a victim's computer, run payloads, and more. According to the security researcher behind this creation, the tool will be mass produced. Once the tool is ready, it will be sold via the penetration testing hardware website, Hak5. This article continues to discuss the capabilities of the O.MG cable as well as the mass production and distribution of this tool.

    Motherboard reports "Legit-Looking iPhone Lightning Cables That Hack You Will Be Mass Produced and Sold"

  • news

    Visible to the public "Why AI Could Help in the Industrial Security Space"

    Industrial companies are increasingly turning to artificial intelligence (AI) technology to help bolster the cybersecurity of their critical infrastructure devices as cyberattacks against such infrastructure grows in frequency. The Norwegian aluminum company, Norsk Hydro, recently experienced a ransomware attack that resulted in the disruption of its operations. This incident prompted the company to develop its own AI tools that would be used to detect unusual activity on its industrial equipment and prevent a potential cyberattack. This article continues to discuss the increasing interest in industrial AI, the potential uses of AI by industrial companies, as well as the demands and limits of this technology that should be considered in its adoption by companies with critical infrastructure environments.

    CyberScoop reports "Why AI Could Help in the Industrial Security Space"

  • news

    Visible to the public "Apple iOS Has Permanent Bootrom Vulnerability"

    A new flaw has been discovered. The flaw enables bypassing the security protections present in most Apple mobile devices. While the vulnerability can't be patched, an attacker would need physical access to exploit it. The exploit, targets a flaw in the bootrom, also known as "SecureROM". "SecureROM" is code on a read-only memory chip that iOS loads during startup. Numerous models of iPhones have the flaw, ranging from the iPhone 4s with A5 chip, to the newer iPhone 8 and iPhone X, which has an A11 chip. The flaw is also present on other devices that run iOS, such as iPads, watches and Apple's TV products. Devices using Apple's A12 and later chips are not vulnerable.

    Bank Info Security reports: "Apple iOS Has Permanent Bootrom Vulnerability"