Computer systems and fab tools belonging to Taiwan Semiconductor Manufacturing Co. (TSMC), a major supplier of chips for Apple Inc.’s iPhones, were recently infected by a virus. According to TSMC, an error made in the process of software installation for…

FireEye has announced that a machine learning based software called MalwareGuard to its FireEye Endpoint Security agent. FIreEye has armed MalwareGuard with two years of extensive training, all aimed toward detecting and mitigating cyber attacks to…

Day 1 began with a briefing from Nadia Carlsten, Ph.D., on the DHS Transition to Practice program. The morning session continued with briefings from Lujo Bauer (CMU), Matt Caesar (UIUC), and Ehab Al-Shaer (UNC-Charlotte) on successes in tech…

SoS Musings #16 Biometrics Growth, Concerns, and Research

According to researchers at McAfee, there has been an increase in the growth and use of fileless malware. Fileless malware refers to a method in which system tools such as Microsoft PowerShell are used to execute attacks in order to evade detection…

Cyber Scene #23 DENIALS AND AFFIRMATIONS

The FBI has released a warning pertaining to the launch of ransomware attacks in which malware is installed on a computer system to encrypt files and demand the payment of a ransom in order to decrypt the files. Systems used by government agencies,…

Massive data breaches are becoming more and more commonplace, and often companies involved in those breaches provide subscriptions to identity theft services for the victims of those breaches, such as LifeLock. Security researcher Nathan Reese came…

A major flaw in the Bluetooth specification could allow attackers to perform malicious activities such as monitor and interfere with data transmitted wirelessly between vulnerable devices. The exploitation of this vulnerability could expose sensitive…

Security researchers have discovered vulnerabilities in smart security cameras made by Swann. These vulnerabilities could be exploited by attackers to spy on users via audio and video streams. This article continues to discuss the security flaw in…

A report recently released by Rapid7 Global Consulting explores the practice of penetration testing through the examination of results from 268 client engagements. According to the report, vulnerabilities in software and user credentials are the most…

An analysis of the dark web was performed by researchers at Positive Technologies. Researchers examined the tools and services advertised on dark web markets and how much it costs to use them in the launch of cyberattacks. This article continues to…