Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 87

The ubiquity of electronic devices makes it essential to use encryption and anti-counterfeiting tools to protect the privacy and security of users. With the growing expansion of the Internet of Things, protection against attacks that violate the authenticity of products is increasingly necessary. Traditionally, message protection has been based on different systems: passwords, digital signatures or encryption. This cryptography is based on unknown keys to a possible attacker, but unfortunately these systems are becoming obsolete as new more invasive attacks appear: malware, API attacks or physical hardware attacks.

While quantum computing slowly progresses towards the cryptographic paradigm, the so-called physically unclonable functions (PUFs) are presented as the choice to ensure unique and effective identification. A PUF is a device that has unique and non-repeatable physical properties that can be translated into usable bits of information. The idea of applying random to identify systems or people is not new: for example, the identification of individuals using the fingerprint dates from the 19th century. More recently, the identity of electronic devices has been established using PUFs, which are “electronic fingerprints” of an integrated circuit.

Authentication based on PUFs comprises a chip manufactured by intrinsically random processes that make cloning almost impossible, even though all the details of the manufacturing process are known. The measurements of the various physical properties of the PUF depend on the properties of the chip at the nanoscale, thus constitute a very powerful anti-fraud and anti-counterfeiting technology. To be implementable at an industrial level, this chip must be low cost, scalable and its properties must be easily measurable by means of an identifiable function.

Read more | >

A database containing 5.4m Twitter users’ data is reportedly for sale on a popular criminal forum. Twitter is investigating the issue, which the seller said exploited a vulnerability in its systems reported in January.

The seller, using the nickname ‘devil,’ advertised the data on the Breached Forums site and demanded at least $30,000 for it. They said that the database contains the phone numbers and email addresses of users, including celebrities and companies.

The hack reportedly exploits a vulnerability first reported by a HackerOne user known as ‘zhirinovskiy.’ That bug enabled “an attacker with a basic knowledge of scripting/coding” to find a Twitter user’s phone number and email address, even if the user has hidden them in privacy settings. The attacker explained how to exploit the bug in their HackerOne report. Twitter acknowledged the bug and fixed it five days later.

Read more | >

A research team led by Rice University neuroengineers has created wireless technology to remotely activate specific brain circuits in fruit flies in under one second.

The team – an assemblage of experts in genetic engineering, nanotechnology, and electrical engineering – used magnetic signals to activate targeted neurons that controlled the body position of freely moving fruit flies in an enclosure.

The researchers first created genetically modified flies bred to express a special heat-sensitive ion channel in neurons that cause flies to partially spread their wings, a common mating gesture. They then injected magnetic nanoparticles that could be heated with an applied magnetic field.

Read more | >

- IMAGINARY
ANTHEM: “Anthem of the Human empire“
same tune as “The Flag Parade” by John Williams from Star Wars Episode I

- MODERATION POLICY
1) Keep comments civil.
2) Ideological and political comments are not allowed.
3) Comment section under explicit political videos will be deactivated. Same with old toxic comment sections.
4) Comments under video with mild political implications will be reviewed first.
5) SPAM = BAN
6) Warning at first infraction, recidivists will be blocked.
7) Serious offenders will be blocked with no warning.
8) Insult me and you will be blocked with no warning.
9) “Satire” is not an excuse made using Flag 3D screensaver, available here:
http://www.3planesoft.com/holidays-screensavers/flag-3d-screensaver/

- CONTACTS (I speak Italian and English)
FACEBOOK http://www.facebook.com/TheFlagAnthemGuy-1385863208300909/
TWITTER http://twitter.com/Flag_Anthem.
DEVIANTART http://theflagandanthemguy.deviantart.com/
REDDIT: http://www.reddit.com/user/TheFlagandAnthemGuy/
TUMBLR: tumblr.com/blog/theflagandanthemguy.

- BACKUP CHANNELS:

Continue reading “Flag and anthem of Human empire” | >

Circa 2015

New software being developed at MIT is proving able to autonomously repair software bugs by borrowing from other programs and across different programming languages, without requiring access to the source code. This could save developers thousands of hours of programming time and lead to much more stable software.

Bugs are the bane of the software developer’s life. The changes that must be made to fix them are often trivial, typically involving changing only a few lines of code, but the process of identifying exactly which lines need to be fixed can be a very time-consuming and often very frustrating process, particularly in larger projects.

But now, new software from MIT could take care of this, and more. The system, dubbed CodePhage, can fix bugs which have to do with variable checks, and could soon be expanded to fix many more types of mistakes. Remarkably, according to MIT researcher Stelios Sidiroglou-Douskos, the software can do this kind of dynamic code translation and transplant (dubbed “horizontal code transplant,” from the analogous process in genetics) without needing access to the source code and across different programming languages, by analyzing the executable file directly.

Continue reading “MIT system can fix your software bugs on its own (by borrowing from other software)” | >

An Israel-based company was exposed for employing a malware that exploited a vulnerability in Google’s search engine to access the personal data of co.

Cybersecurity researchers were able to link a zero-day vulnerability in Google’s search engine to a US-sanctioned Israeli spyware company that targets journalists throughout West Asia.

On 21 July, cybersecurity company Avast reported that the Israeli spyware company, Candiru, was behind the DevilsTongue malware that has targeted dozens of journalists in Lebanon, Turkey, Yemen, and Palestine.

The malware was injected through an exploit, a program designed to take advantage of a vulnerability, identified as CVE-2022–2294.

Continue reading “Cybersecurity firms expose the role of Israeli-made spyware in attack on journalists” | >