Defensive Mechanisms Virtual Institute

Defense mechanisms can be categorized into groups such as Authentication and Encryption, Malware and Intrusion Detection, and Software Vulnerability.

Abstract

The research projects of the Defensive Mechanisms Virtual Institute advance resiliency by investigating the foundations needed to detect, respond and mitigate cyber attacks. This requires theory, models and tools at each stage of the cyber attack timeline. In addition, this field includes the necessary research to balance performance and security in responding to threats.  

 

PROJECTS 

"UMass Amherst Researchers Bring Dream Of Bug-Free Software One Step Closer to Reality"

"UMass Amherst Researchers Bring Dream Of Bug-Free Software One Step Closer to Reality"

A team of computer scientists led by the University of Massachusetts (UMass) Amherst announced a new method to automatically generate whole proofs that can be used to prevent software bugs and verify the correctness of the underlying code. Baldur is the new method involving Large Language Models' (LLMs) Artificial Intelligence (AI) power. Combined with the Thor tool, an efficacy of nearly 66 percent is reached.

Submitted by Gregory Rigby on

"Consumers Prepared to Ditch Brands After Cybersecurity Issues"

"Consumers Prepared to Ditch Brands After Cybersecurity Issues"

According to Vercara, businesses faced about 800,000 cyberattacks in 2023, with over 60,000 of them being Distributed Denial-of-Service (DDoS) attacks and 4,000 falling victim to ransomware. Consumers have nuanced perceptions of cybersecurity incidents and are oftentimes unaware of their role in maintaining cyber hygiene within a business. These findings highlight the importance of brand trust in the digital landscape, with 75 percent of consumers expressing their willingness to cut ties with a brand after any cybersecurity incident.

Submitted by Gregory Rigby on

"FTC Offers $25,000 Prize for Detecting AI-Enabled Voice Cloning"

"FTC Offers $25,000 Prize for Detecting AI-Enabled Voice Cloning"

The U.S. Federal Trade Commission (FTC) has recently started accepting submissions for its Voice Cloning Challenge, a public competition with a $25,000 top prize for ideas that protect consumers from the danger of AI-enabled voice cloning for fraudulent activity.  The Challenge was announced in mid-November in an effort to find ways to counter the misuse of voice cloning technology as it becomes more sophisticated due to the improvement of text-to-speech with the help of artificial intelligence.

Submitted by Adam Ekwall on

"Zeppelin Ransomware Source Code Sold for $500 on Hacking Forum"

"Zeppelin Ransomware Source Code Sold for $500 on Hacking Forum"

A threat actor named "RET" claims to have sold the source code and a cracked version of the Zeppelin ransomware builder for $500. The threat intelligence company KELA discovered the claim on a cybercrime forum. Although the offer's legitimacy has yet to be confirmed, screenshots from the seller suggest that the package is real. The buyer could use the malware to launch a new Ransomware-as-a-Service (RaaS) operation or create a new Zeppelin-based locker. Zeppelin stems from the Delphi-based Vega/VegaLocker malware family, which was active between 2019 and 2022.

Submitted by Gregory Rigby on

"'Cyber Toufan' Hacktivists Leaked 100-Plus Israeli Orgs in One Month"

"'Cyber Toufan' Hacktivists Leaked 100-Plus Israeli Orgs in One Month"

Since mid-November, an Iran-linked hacktivist group called Cyber Toufan has breached over 100 organizations in and around Israel. The group has wiped servers, leaked sensitive data, and conducted follow-on attacks down the supply chain. Cyber Toufan compromised Signature-IT, an Israeli company specializing in hosting international websites for businesses, on November 16. The hacktivists were able to reach dozens of major Israeli companies and government organizations, as well as international companies.

Submitted by Gregory Rigby on

"Google Patches Six Vulnerabilities With First Chrome Update of 2024"

"Google Patches Six Vulnerabilities With First Chrome Update of 2024"

Google recently announced the first Chrome security update of 2024, which resolves six vulnerabilities, including four reported by external researchers.  Google noted that all the four externally reported security defects are high-severity memory safety flaws, but bug bounty rewards were handed out only for three of them.  The first two bugs, tracked as CVE-2024-0222 and CVE-2024-0223, are use-after-free and heap buffer overflow vulnerabilities in the graphics rendering engine ANGLE.

Submitted by Adam Ekwall on

"4.5 Million Individuals Affected by Data Breach at HealthEC"

"4.5 Million Individuals Affected by Data Breach at HealthEC"

Health technology company HealthEC has recently disclosed a data breach impacting close to 4.5 million customers of its business partners.  The company said that, between July 14, 2023, and July 23, 2023, an unauthorized actor accessed certain systems and exfiltrated files entrusted to HealthEC by its business partners.  The stolen files contained personal information such as names, addresses, dates of birth, Social Security numbers, taxpayer identification numbers, medical information, health insurance information, and billing and claims information.

Submitted by Adam Ekwall on

"Estes Express Lines Says Personal Data Stolen in Ransomware Attack"

"Estes Express Lines Says Personal Data Stolen in Ransomware Attack"

Freight shipping giant Estes Express Lines has recently started informing more than 21,000 individuals that their personal information was stolen in a ransomware attack.  The incident was identified on October 1, 2023, and the investigation into the matter determined that the attackers gained access to the company's network on September 26, 2023.  Estes told the Maine Attorney General's Office that the personal information that was compromised in the attack included names, other personal identifiers, and Social Security numbers.

Submitted by Adam Ekwall on

"Qualcomm Chip Vulnerability Enables Remote Attack by Voice Call"

"Qualcomm Chip Vulnerability Enables Remote Attack by Voice Call"

Qualcomm has disclosed a critical vulnerability that would enable remote attacks through malicious voice calls over LTE networks. The company listed 26 vulnerabilities, four of which are critical, affecting Qualcomm chipsets. According to Qualcomm, the most severe vulnerability, tracked as CVE-2023-33025 with a CVSS score of 9.8, involves a buffer overflow flaw. It causes memory corruption in the data modem, which happens during Voice-over-LTE (VoLTE) calls when the Session Description Protocol (SDP) body is non-standard.

Submitted by Gregory Rigby on
Subscribe to