Tag Archive for: recognition

Louisiana Tech students receive positive recognition for hacking | North Louisiana

/in


Cyber engineering, computer science team publishes a paper and presents research on popular app vulnerabilities

Hacking a safety app netted a Louisiana Tech University Computer Science graduate student a publishing credit, a trip to Hawaii, and the opportunity to present the research at an international conference.

Louisiana Tech Cyber Engineering alumnus and current MS Computer Science and CyberCorps Scholarship for Service student Jonah Fitzgerald (‘22), along with fellow Cyber Engineering program alumni Thomas Mason (‘22) and Brian Mulhair (‘22), discovered a vulnerability in the Louisiana Department of Health COVID Defense contact tracing app that allows hackers to attack neighboring devices.

As seniors researching a paper assignment for Dr. William Bradley Glisson’s Computer Science 448/543, Cyber Engineering 404 “Reverse Engineering” class, the team discovered the symptoms history share feature of the app could be modified to send a malicious link via email, WIFI, and nearby share systems. The team was able to demonstrate two attacks using the link: They were able to harvest credentials by redirecting users to a fake page resembling the My.LA.Gov page and installing an Android app on the target phone to access all the information in that phone.

With additional guidance from Glisson, the team improved their results, presented the research to Glisson’s Cybersecurity Information Technology Exploration Research Group, and submitted the paper to the conference.

Fitzgerald then had the opportunity to travel to Ka’anapali Beach on the island of Maui to present the team’s findings at the 56th Hawaii International Conference on System Sciences “Internet and the Digital Economy” track and “Cybercrime” mini-track.

“I wanted to get involved with this research because I felt I could make a meaningful contribution to improving mobile app security and fighting the COVID-19 pandemic,” Fitzgerald said. “I feel that my Tech education in cyber engineering prepared me for success in solving these types of problems by rapidly learning new concepts like reverse engineering and tackling tough challenges in…

Source…

Week in review: Kali Linux gets on Linode, facial recognition defeated, Log4j exploitation

/in


Week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Dealing with threats and preventing sensitive data loss
Recently, Normalyze, a data-first cloud security platform, came out of stealth with $22.2M in Series A funding. This was the perfect time to catch up with co-founder and CEO Amer Deeba. In this interview with Help Net Security, he talks about the path data security as well as visibility challenges.

Who are the best fraud fighters?
Seasoned fraud expert PJ Rohall has recently become the new Head of Fraud Strategy & Education at SEON. In this Help Net Security interview, he talks about how he entered the industry, about the evolving fraud landscape, and offers advice to other fraud fighters.

Linode + Kali Linux: Added security for cloud instances
Kali Linux, the popular open source Linux distribution specialized for penetration testing, ethical hacking and security auditing, can now be used by Linode customers.

Researchers defeat facial recognition systems with universal face mask
Can attackers create a face mask that would defeat modern facial recognition (FR) systems? A group of researchers from from Ben-Gurion University of the Negev and Tel Aviv University have proven that it can be done.

Microsoft fixes exploited zero-day in Windows CSRSS (CVE-2022-22047)
The July 2022 Patch Tuesday is upon us and has brought fixes for 84 CVEs in various Microsoft products, including an actively exploited zero-day: CVE-2022-22047, an elevation of privilege bug in Windows’ Client/Server Runtime Subsystem (CSRSS).

Phishers steal Office 365 users’ session cookies to bypass MFA, commit payment fraud
A massive phishing campaign has been targeting Office 365 (i.e., Microsoft 365) users in over 10,000 organizations since September 2021 and successfully bypassing multi-factor authentication (MFA) set up to protect the accounts.

PayPal-themed phishing kit allows complete identity theft
Sometimes phishers are just after your username and password, but other times they are after every scrap of sensitive information they can extract from you. To do that, they use tools like the phishing kit recently analyzed by Akamai researchers.

How to…

Source…

Jesse Watters spins facts beyond recognition with claims that Hillary Clinton paid to hack and frame Trump

/in


Fox News host Jesse Watters falsely accused Hillary Clinton of paying hackers to break into former President Donald Trump’s computers and plant fabricated evidence that would frame Trump for collusion with the Russian government.

The elaborate scheme Watters described is a massive distortion of a Feb. 11 court filing that has attracted attention from conservative media in the week after it dropped.

The filing came from special counsel John Durham, selected by former Trump Attorney General William Barr to examine the reasons for the Justice Department’s investigation into Russian interference in the 2016 election. Special counsel Robert Mueller led the initial investigation that culminated in a report published in 2019.

Watters claimed Durham’s work now implicates Clinton.

“If there was ever any doubt that Clinton was behind the Russia hoax, that’s officially gone,” Watters said on his prime-time show Feb. 14. “Durham’s documents show that Hillary Clinton hired people who hacked into Trump’s home and office computers before and during his presidency, and planted evidence that he colluded with Russia. Yeah. You heard that right.”

“Hillary broke into a presidential candidate’s computer server and a sitting president’s computer server, spying on them,” he went on. “There, her hackers planted evidence, fabricated evidence connecting Trump to Russia, then fed that doctored material to the feds and the media.”

None of what Watters said on that program about an effort to hack and frame Trump with fake evidence is borne out by Durham’s filing, which he cited. The document never even mentioned hacking.

Still, the narrative echoed elsewhere on Fox News, where talk of hacking and an offense “worse than Watergate” stretched across programs, according to TVEyes, a media monitoring service.

The chyrons on “Jesse Watters Primetime” on Feb. 14 focused on Hillary Clinton and special counsel John Durham’s investigation. (PolitiFact)

One of the first headlines posted to Fox News’s website inaccurately declared that the Clinton campaign paid to “infiltrate” Trump’s servers. The word “infiltrate” was never used in…

Source…

As Facebook moves to shut down facial recognition, online security experts emphasize internet safety – CIProud.com

/in


TRICOUNTY PRESSER

News /

Veterans Voices: Fist bumps with a purpose at Tremont Grade School

News /

Low-income tenants welcomed into East Bluff Community Homes with ribbon

News /

WATCH: Tri-County health officials hold COVID-19 press conference

News /

Lawsuit against Unit 5 schools being transferred to McLean County court

News /

With community support, one Bloomington business is helping get warm winter gear into the hands of those in need through ‘The Giving Fence’

News /

Leaders in East Peoria want to add more trails to riverfront

News /

Amy McFarland announces run for 11th judicial circuit court judge position

News /

Rivian hitting the stock market soon

News /

CITYLINK ON THE MOVE

News /

As Facebook moves to shut down facial recognition, online security experts emphasize internet safety

News /

‘When I get out of homelessness, then I will be more steady on my feet:’ Salvation Army Pekin is more than a place to find shelter

News /

Source…