Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 198

Answer: Quite possibly because Facebook’s already forced you to log out and back into your account today.

The news: Facebook said hackers exploited a software flaw to access the records of almost 50 million customers. The firm said it had fixed the vulnerability and reported the breach to law enforcement.

The hack: The company said that the hackers had exploited a coding glitch that affected the service’s “View As” feature, which lets people see what their own profile looks like when someone else takes a look at it online. This allowed them to get hold of digital “tokens,” which are software keys that let people access their account without having to log back in every time.

Read more

ABERDEEN PROVING GROUND, Md. — Future American Soldiers will be better protected in combat by stronger and lighter body armor thanks to innovative work at the U.S. Army Research Laboratory. Materials science engineers are using nature as the inspiration for breakthroughs in additive manufacturing.

“My project is to design a system that can 3D print armor ceramics that will allow production of parts with graded structures similar to an abalone structure in nature that will improve the ceramic armor’s toughness and survivability with lower weight,” said Joshua Pelz, a materials science and engineering doctoral candidate at the University of California San Diego. He spent this summer working with Army scientists at ARL’s Rodman Materials Science Laboratory at APG to design and build a unique 3D printer.

Two syringes containing distinct, viscous ceramic slurries are connected to a custom-made auger and print head. Pelz took advantage of his computer programming skills to hack into the 3D printer, tricking it into using its own fan controls to manipulate the ratio of materials being printed. He designed a custom auger and print head and even used the same 3D printer to create those parts.

Read more

As corporations struggle to fight off hackers and contain data breaches, some are looking to artificial intelligence for a solution.

They’re using machine learning to sort through millions of malware files, searching for common characteristics that will help them identify new attacks. They’re analyzing people’s voices, fingerprints and typing styles to make sure that only authorized users get into their systems. And they’re hunting for clues to figure out who launched cyberattacks—and make sure they can’t do it again.

As hackers get smarter and more determined, artificial intelligence is going to be an important part of the solution.

Read more

I woke up this morning to the sad news that maker-pal and pioneering hobby roboticist, Gordon McComb, had passed away. I wrote a brief eulogy on Make:

It is with a heavy heart that we here at Make: announce the passing of hobby robotics pioneer, Gordon McComb. He died on Monday, Sept 10th, apparently of a heart attack. Gordon was a great friend to Make: and to makers and robotics hobbyists from around the world.

Gordon’s Robot Builder’s Bonanza book, first published in 1987, arguably marks the beginning of hobby robotics as a significant maker category. It was the book that I bought in the late 80s that got me into robot building, and by extension, all forms of hardware hacking…

Read more

We write often here about the security vulnerabilities of Android devices that are due, at least in part, to how much of a delay there can be in the latest software updates making the rounds. Which can leave some handsets dangerously vulnerable if the device manufacturer is slow on the uptake.

Which means we’re constantly writing posts like this one: Researchers from Nightwatch Cybersecurity this week put out an advisory about an Android vulnerability that purportedly exposes information about a user’s device to all applications running on the device. There’s a fix for it, but not if you’re running a too-old version of Android.

According to the advisory, the information includes “the Wi-Fi network name, BSSID, local IP addresses, DNS server information and the MAC address. Some of this information (MAC address) is no longer available via APIs on Android 6 and higher, and extra permissions are normally required to access the rest of this information. However, by listening to these broadcasts, any application on the device can capture this information thus bypassing any permission checks and existing mitigations.”

Read more

Wealthy Singapore is hyper-connected and on a drive to digitise government records and essential services, including medical records which public hospitals and clinics can share via a centralised database.

But authorities have put the brakes on these plans while they investigate the cyberattack. A former judge will head a committee looking into the incident.

While the city state has some of the most advanced military weaponry in the region, the government says it fends off thousands of cyberattacks every day and has long warned of breaches by actors as varied as high-school students in their basements to nation states.

Read more