News
-
"Blame Human Error for WWE and Verizon’s Massive Data Exposure"Recent incidents of data exposure due to improperly configured databases and cloud repositories highlight the dangers of misconfiguration brought upon by human error. Even though mistakes made by companies may be small, they could still have massive… -
DHS S&T Cyber Division Funding ResearchNew story out on Federal News Radio talks about the work that the Department of Homeland Security is doing in funding and transition cybersecurity research. I found some interesting tidbits.
-
"What is GhostCtrl? Android malware 'possesses' devices to spy, steal and do its bidding"Android malware by the name of “GhostCtrl”, which is a variant of Omni RAT malware, has been launched to target Android, Mac, Windows, and Linux systems in order to snoop on victims’ activity and steal sensitive data such as SMS records, contacts, phone…
-
"Experts Recover AES256 Encryption Key From a PC's Electromagnetic Emissions"With the use of an inexpensively self-built device, researchers from Fox-T and Riscure were able to recover encryption keys from the electromagnetic waves emitted by a computer in close distance. The device built by researchers performs a notable side-…
-
"Nasty Bug Left Thousands of Internet of Things Devices Open to Hackers"Security researchers have discovered a new bug, which has been dubbed, “Devil’s Ivy”. This bug was discovered within an open source software library by the name of gSOAP during the examination of an IoT camera manufactured by Axis. Canon, Cisco,…
-
NSA.gov Highlights Winners of of NSA Awards at ISEFThe National Security Agency recognized 10 students who received recognition with an article posted to NSA.gov. While the winners are not new for the avid SoS-VO reader, this posting hopefully increases awareness of the contributions to the greater…
-
"Researchers prove the security of the Vector Stream Cipher"Researchers from Kyoto University have demonstrated Vector Stream Cipher’s (VSC) strength as revealed in a sequence of papers that have been published in IEEE Transactions on Information Forensics and Security and IEICE Nonlinear Theory and Its…
-
"Why you might trust a quantum computer with secrets, even over the internet"Researchers in Singapore and Australia have discovered a technique that could allow data, calculations, and programs being ran by a user to be hidden from the quantum computer, of which the user is operating over the internet. The technique…
-
"Industrial control security practitioners worry about threats … for a reason"The SANS Institute recently surveyed professionals within the Industrial Control Systems (ICS) security field to collect information and get a better understanding of their mindsets towards the security of their systems in regards to threats,…
-
"Watch out for this money stealing macOS malware which mimics your online bank"A strain of Apple Mac malware by the name of OSX.Dok was first discovered in May 2017 to have infected all versions of the older OS X operating system. This malware infection was originally launched to snoop on the web traffic of victims, however it has…
-
"How Active Intrusion Detection Can Seek and Block Attacks"John Ventura, practice manager for applied research at Optiv, will be demonstrating a more effective method to performing intrusion prevention at Black Hat USA. This method includes the placement of situations where attackers can accidentally expose…
-
"Researchers Remotely Hijack Oracle OAM 10g Sessions"Security researchers, Nabeel Ahmed and Tom Gilis, have discovered issues within Oracle Access Manager (OAM) 10g that could allow attackers to remotely hijack sessions. As revealed by the researchers, these issues include the redirection of users…