Researchers develop cybersecurity system to test for vulnerabilities in technologies that use GPS

Southwest Research Institute has developed a cybersecurity system to test for vulnerabilities in automated vehicles and other technologies that use GPS receivers for positioning, navigation and timing. “This is a legal way for us to improve the cyber resilience of autonomous vehicles by demonstrating a transmission of spoofed or manipulated GPS signals to allow for…

Researchers develop new technique to identify malware in embedded systems

A technique for detecting types of malware that use a system’s architecture to thwart traditional security measures has been developed by researchers from North Carolina State University and the University of Texas at Austin. The new detection approach works by tracking power fluctuations in embedded systems. “Embedded systems are basically any computer that doesn’t have…

Detecting Trojan attacks against deep neural networks

A group of researchers with CSIRO’s Data61, the digital innovation arm of Australia’s national science agency, have been working on a system for run time detection of trojan attacks on deep neural network models. Although it has yet to be tested in the text and voice domain, their system is highly effective when it comes…

Helping researchers with IoT firmware vulnerability discovery

John Toterhi, a security researcher with IoT security company Finite State, believes that many of the security problems plaguing IoT devices are solvable problems through transparency. “Manufacturers who make their firmware public and follow GPL practices are doing themselves a huge favor: by making firmware public, manufacturers are enabling a world-wide network of the best…

Vulnerable Android password managers make phishing attacks easier

Android password managers can be tricked into entering valid login credentials into phishing apps, a group of researchers has discovered. They have also found that Instant Apps, a Google technology that allows users to “try” Android apps without the need to fully install them, can make phishing attacks more practical. The research Simone Aonzo, Alessio…

New insider attack steals passwords by reading thermal energy from keyboards

After entering a password, your regular computer keyboard might appear to look the same as always, but a new approach harvesting thermal energy can illuminate the recently pressed keys, revealing that keyboard-based password entry is even less secure than previously thought. Computer Science Ph.D. students Tyler Kaczmarek and Ercan Ozturk from UC Irvine’s Donald Bren…

How cybercriminals abuse the travel and hospitality industry

The travel and hospitality industry suffers billions of losses each year due to fraud. “With the right combination of other underground services (compromised accounts, credit cards, etc.) it is possible to cover almost every aspect of the holidays, including food and restaurants, shopping, entertainment, guided tours and more – way beyond flights and hotels,” Vladimir…

The privacy implications of email tracking

Emails are a widely used means for third parties to tie your email address to your activities across the web, Princeton University researchers have discovered. The extent of email tracking Email tracking was originally aimed at allowing senders to know whether the recipient has read the sent email. Unfortunately, many third parties also receive this…