Wearable Devices Could Use Your Breathing Patterns Like a Password
New Scientist
Chris Stokel-Walker
July 31, 2021
Cleveland State University's Jafar Pourbemany and colleagues have developed a protocol that generates a 256-bit encryption key every few seconds based on the way a user breathes; the key can then be sent to a wearable device to keep the two in sync. The protocol employs a respiratory inductance plethysmography sensor to measure the user's breathing, with an accelerometer on the chest providing additional data on the way it moves during each breath. The wearer's unique breathing pattern is translated into an encrypted key that can be used to confirm that a device matches correctly with the wearable. Pourbemany said, "Devices need to have a shared secure key for encryption to ensure that an attacker cannot compromise the process."
EU Fines Amazon Record $888 Million Over Data Violations |
Malware Developers Turn to 'Exotic' Programming Languages to Thwart Researchers
ZDNet
Charlie Osborne
July 27, 2021
Cybersecurity service provider BlackBerry's Research & Intelligence team has found that malware developers are increasingly employing "exotic" coding languages to foil analysis. A report published by the team cited an "escalation" in the use of Go (Golang), D (DLang), Nim, and Rust to "try to evade detection by the security community, or address specific pain-points in their development process." Malware authors are experimenting with first-stage droppers and loaders written in these languages to evade detection on a target endpoint; once the malware has bypassed existing security controls that can identify more typical forms of malicious code, they are used for decoding, loading, and deploying malware. The researchers said cybercriminals’ use of exotic programming languages could impede reverse engineering, circumvent signature-based detection tools, and enhance cross-compatibility over target systems.
Honeypot Security Technique Can Stop Attacks in Natural Language Processing |
Cybersecurity Technique Keeps Hackers Guessing
U.S. Army DEVCOM Army Research Laboratory
July 27, 2021
Development Command's Army Research Laboratory (ARL) has designed a machine learning-based framework to augment the security of in-vehicle computer networks. The DESOLATOR (deep reinforcement learning-based resource allocation and moving target defense deployment framework) framework is engineered to help an in-vehicle network identify the optimal Internet Protocol (IP) shuffling frequency and bandwidth allocation to enable effective, long-term moving target defense. Explained ARL's Terrence Moore, "If you shuffle the IP addresses fast enough, then the information assigned to the IP quickly becomes lost, and the adversary has to look for it again." ARL's Frederica Free-Nelson said the framework keeps uncertainty sufficiently high to defeat potential attackers without incurring excessive maintenance costs, and prevents performance slowdowns in high-priority areas of the network.
As Cyberattacks Surge, Security Startups Reap the Rewards
The New York Times
Erin Woo
July 26, 2021
Security startups have seen venture capital flooding in as cyberattacks ramp up. Research firm PitchBook estimates investors have injected over $12.2 billion into startups that offer cloud security, identify verification, and privacy protection so far this year, compared to $10.4 billion during all of 2020. Capital is flowing into companies developing anti-hack measures related to the shift to cloud computing, like identity verification software supplier Qomplx and cloud security provider Netskope. Cloud security startup Lacework, whose products use artificial intelligence to identify threats, got a $525-million funding boost in January, which CEO David Hatfield credits to "the combination of all of these ransomware and nation-state attacks, together with people moving to the cloud so aggressively."
*May Require Paid Registration
Ancient Printer Security Bug Affects Millions of Devices Worldwide
TechRadar
Mayank Sharma
July 21, 2021
Cybersecurity researchers at SentinelOne have identified a highly severe privilege escalation vulnerability in HP, Samsung, and Xerox printer drivers. The vulnerability appears to have been present since 2005. The researchers said millions of devices and users worldwide likely have been impacted by the buffer overflow vulnerability, which can be exploited whether or not a printer is connected to a targeted device. SentinelOne's Asaf Amir said, "Successfully exploiting a driver vulnerability might allow attackers to potentially install programs; view, change, encrypt, or delete data, or create new accounts with full user rights." Hackers would need local user access to the system to access the affected driver and take advantage of the vulnerability.
Hackers Got Past Windows Hello by Tricking Webcam
Ars Technica
Lily Hay Newman
July 18, 2021
Researchers at the security firm CyberArk uncovered a security feature bypass vulnerability in Microsoft's Windows Hello facial-recognition system that permitted them to manipulate a USB webcam to unlock a Windows Hello-protected device. CyberArk's Omer Tsarfati said, "We created a full map of the Windows Hello facial-recognition flow and saw that the most convenient for an attacker would be to pretend to be the camera, because the whole system is relying on this input." Hackers would need a good-quality infrared image of the victim's face and physical access to the webcam to take advantage of the vulnerability. Said Tsarfati, "A really motivated attacker could do those things. Microsoft was great to work with and produced mitigations, but the deeper problem itself about trust between the computer and the camera stays there." Microsoft has released patches to fix the issue.
Test of Time Award Bestowed for Data Privacy Paper
Penn State News
Sarah Small
July 23, 2021
ACM's Special Interest Group on Management of Data (SIGMOD) has named Dan Kifer, professor of computer science and engineering at Pennsylvania State University, and Duke University's Ashwin Machanavajjhala, recipients of its 2021 Test of Time award. The 2011 paper explored how an individual's information can be incorporated in datasets in a manner that can complicate privacy protection. The awards committee cited the paper as raising "fundamental questions on how to define privacy, and the situations when differential private mechanisms provide meaningful semantic privacy guarantees." The committee also said the research covered by the paper led to enhanced privacy frameworks.
Russia Disconnects from Internet in Tests as It Bolsters Security |
TSA Issues Cybersecurity Rules for Pipeline Companies
The Washington Post
Aaron Gregg
July 20, 2021
A U.S. Transportation Security Administration (TSA) directive imposes new rules requiring pipeline operators to strengthen their cyberdefenses. The order coincides with the first-ever disclosure by the Department of Homeland Security and the Federal Bureau of Investigation that Chinese state-sponsored hackers targeted 23 U.S. natural gas pipeline operators between 2011 and 2013. The announcement offers few details on the directive or its enforcement, as much is classified to keep hackers in the dark about pipeline operators' cybersecurity measures. The directive requires pipeline operators to deploy safeguards against ransomware on information technology (IT) systems commonly targeted by hackers, as well as on physical fuel-flow controls. Operators also must review their IT infrastructures and develop hacking response plans.
*May Require Paid Registration