What’s most worrisome, one source told MIT Tech, was that the malware crosses a new ethical line.
“Targeting safety systems just seemed to be off limits morally and really hard to do technically,” Joe Slowik, a former information warfare officer in the US Navy who now works at Dragos, an industrial cybersecurity firm that’s been tracking the spread of Triton, told the magazine.
Barely a week goes by without reports of some new mega-hack that’s exposed huge amounts of sensitive information, from people’s credit card details and health records to companies’ valuable intellectual property. The threat posed by cyberattacks is forcing governments, militaries, and businesses to explore more secure ways of transmitting information.
OTTAWA — A Chinese telecommunication company secretly diverted Canadian internet traffic to China, particularly from Rogers subscribers in the Ottawa area, says an Israeli cybersecurity specialist.
The 2016 incident involved the surreptitious rerouting of the internet data of Rogers customers in and around Canada’s capital by China Telecom, a state-owned internet service provider that has two legally operating “points of presence” on Canadian soil, said Yuval Shavitt, an electrical-engineering expert at Tel Aviv University.
Shavitt told The Canadian Press that the China Telecom example should serve as a caution to the Canadian government not to do business with another Chinese telecommunications giant: Huawei Technologies, which is vying to build Canada’s next-generation 5G wireless communications networks.
To make its developers’ jobs more rewarding, Facebook is now using two automated tools called Sapienz and SapFix to find and repair low-level bugs in its mobile apps. Sapienz runs the apps through many tests to figure out which actions will cause it to crash. Then, SapFix recommends a fix to developers, who review it and decide whether to accept the fix, come up with their own, or ignore the problem.
Engineers began using Sapienz to review the Facebook app in September 2017, and have gradually begun using it for the rest of the company’s apps (which include Messenger, Instagram, Facebook Lite, and Workplace). In May, the team will describe its more recent adoption of SapFix at the International Conference on Software Engineering in Montreal, Canada (and they’re hiring).
Bug and vulnerability hunting is a big business and the need for it is getting larger and larger. Up until this point, the majority of work had been from people. Either as hackers discovered holes and released exploits or as companies paid people to do the testing.
The machine triumphed in DARPA’s Cyber Grand Challenge, where teams automated white-hat hacking.
