Author: esimantiras

Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered

Posted on by esimantiras

Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered

source: thehackernews.com  |  image: pexels.com

Two new security weaknesses discovered in several electric vehicle (EV) charging systems could be exploited to remotely shut down charging stations and even expose them to data and energy theft.

The findings, which come from Israel-based SaiFlow, once again demonstrate the potential risks facing the EV charging infrastructure.

The issues have been identified in version 1.6J of the Open Charge Point Protocol (OCPP) standard that uses WebSockets for communication between EV charging stations and the Charging Station Management System (CSMS) providers. The current version of OCPP is 2.0.1.

“The OCPP standard doesn’t define how a CSMS should accept new connections from a charge point when there is already an active connection,” SaiFlow researchers Lionel Richard Saposnik and Doron Porat said.

Continue reading “Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered”

IT Leaders Reveal Cyber Fears Around ChatGPT

Posted on by esimantiras

IT Leaders Reveal Cyber Fears Around ChatGPT

source: infosecurity-magazine.com  |  image: pexels.com

 

The majority (51%) of security leaders expect ChatGPT to be at the heart of a successful cyber-attack within a year, according to new research by BlackBerry.

The survey of 1500 IT decision makers across North America, the UK and Australia also found that 71% believe nation-states are likely to already be using the technology for malicious purposes against other countries.

ChatGPT is an artificially intelligence (AI) powered language model developed by OpenAI, which has been deployed in a chatbot format, allowing users to receive a prompt and detailed response to any questions they ask it. The product was launched at the end of 2022.

Cyber-Threats from ChatGPT

Despite its enormous potential, information security experts have raised concerns over its possible use by cyber-threat actors to launch attacks, including malware development and convincing social engineering scams.

Continue reading “IT Leaders Reveal Cyber Fears Around ChatGPT”

Ants can detect the scent of cancer in urine

Posted on by esimantiras

Ants can detect the scent of cancer in urine

source: livescience.com, contributed by FAN Steve Page  |  image: pexels.com

 

Ants use their antennae to sniff out cancer

Ants can be trained to detect cancer in urine, a new study finds.

Although ant sniffing is a long way from being used as a diagnostic tool in humans, the results are encouraging, the researchers said.

Because ants lack noses, they use olfactory receptors on their antennae to help them find food or sniff out potential mates. For the study, published Jan. 25 in the journal Proceedings of the Royal Society B: Biological Sciences(opens in new tab), scientists trained nearly three dozen silky ants (Formica fusca) to use these acute olfactory receptors for a different task: finding tumors.

In a lab, scientists grafted slices of breast cancer tumors from human samples onto mice and taught the 35 insects to “associate urine from the tumor-bearing rodents with sugar,” according to The Washington Post(opens in new tab). Once placed in a petri dish, the ants spent 20% more time next to urine samples containing cancerous tumors versus healthy urine, according to the study.

Continue reading “Ants can detect the scent of cancer in urine”

NSA leader pushes lawmakers to keep key surveillance power

Posted on by esimantiras

NSA leader pushes lawmakers to keep key surveillance power

source: axios.com (contributed by FAN, Bill Amshey)  |  image: nsa.gov

 

The head of the National Security Agency made his case Thursday for lawmakers to keep a key NSA surveillance power intact ahead of a tough reauthorization battle this year.

The big picture: Section 702 of the Foreign Intelligence Surveillance Act is set to expire at the end of the year, jeopardizing a surveillance authority that allows intelligence agencies to collect warrantless online communications from foreign persons.

  • The fight over whether to keep Section 702 intact will take up much of Capitol Hill’s cybersecurity attention throughout the year.

Driving the news: Gen. Paul Nakasone, the head of the NSA and the U.S. Cyber Command, said during an event Thursday that the surveillance power has allowed the U.S. to stop active terrorist plots, foreign ransomware attacks and planned cyber espionage schemes.

  • “This authority provides the U.S. government irreplaceable insights, whether we’re reporting on cybersecurity threats, counterterrorism threats, or protecting U.S. and allied forces,” Nakasone said.
  • “We have saved lives because of 702,” he added.

Why it matters: Nakasone’s comments set the stage for the arguments that the intelligence community is likely to make as lawmakers debate the merits of the program throughout the year.

Yes, but: Civil liberties and privacy advocates have long argued that Section 702 sweeps up far too many Americans’ electronic communications, such as emails and text messages, when they talk with people in other countries.

  • Some Republican lawmakers are also likely to argue for either letting 702 expire or limiting its scope as their party grows more critical of the intelligence agencies.

A Sneaky Ad Scam Tore Through 11 Million Phones

Posted on by esimantiras

A Sneaky Ad Scam Tore Through 11 Million Phones

source: wired.com  |  image: pexels.com

Some 1,700 spoofed apps, 120 targeted publishers, 12 billion false ad requests per day—Vastflux is one of the biggest ad frauds ever discovered.

 

EVERY TIME YOU open an app or website, a flurry of invisible processes takes place without you knowing. Behind the scenes, dozens of advertising companies are jostling for your attention: They want their ads in front of your eyeballs. For each ad, a series of instant auctions often determines which ads you see. This automated advertising, often known as programmatic advertising, is big business, with $418 billion spent on it last year. But it’s also ripe for abuse.

Security researchers today revealed a new widespread attack on the online advertising ecosystem that has impacted millions of people, defrauded hundreds of companies, and potentially netted its creators some serious profits. The attack, dubbed Vastflux, was discovered by researchers at Human Security, a firm focusing on fraud and bot activity. The attack impacted 11 million phones, with the attackers spoofing 1,700 app and targeting 120 publishers. At its peak, the attackers were making 12 billion requests for ads per day.

“When I first got the results for the volume of the attack, I had to run the numbers multiple times,” says Marion Habiby, a data scientist at Human Security and the lead researcher on the case. Habiby describes the attack as both one of the most sophisticated the company has seen and the largest. “It is clear the bad actors were well organized and went to great lengths to avoid detection, making sure the attack would run as long as possible—making as much money as possible,” Habiby says. 

Continue reading “A Sneaky Ad Scam Tore Through 11 Million Phones”

T-Mobile Breached Again, This Time Exposing 37M Customers’ Data

Posted on by esimantiras

T-Mobile Breached Again,

This Time Exposing 37M Customers’ Data

source: darkreading.com  |  image: pexels.com

This time around, weak API security allowed a threat actor to access account information, the mobile phone giant reported.

T-Mobile has disclosed a new, enormous breach that occurred in November, which was the result of the compromise of a single application programming interface (API). The result? The exposure of the personal data of more than 37 million prepaid and postpaid customer accounts.

For those keeping track, this latest disclosure marks the second sprawling T-Mobile data breach in two years and more than a half-dozen in the past five years.

And they’ve been expensive.

Continue reading “T-Mobile Breached Again, This Time Exposing 37M Customers’ Data”

Riddle solved: Why was Roman concrete so durable?

Posted on by esimantiras

Riddle solved: Why was Roman concrete so durable?

 

source: sciencedaily.com  |  image: pixabay.com

The ancient Romans were masters of engineering, constructing vast networks of roads, aqueducts, ports, and massive buildings, whose remains have survived for two millennia. Many of these structures were built with concrete: Rome’s famed Pantheon, which has the world’s largest unreinforced concrete dome and was dedicated in A.D. 128, is still intact, and some ancient Roman aqueducts still deliver water to Rome today. Meanwhile, many modern concrete structures have crumbled after a few decades.

Researchers have spent decades trying to figure out the secret of this ultradurable ancient construction material, particularly in structures that endured especially harsh conditions, such as docks, sewers, and seawalls, or those constructed in seismically active locations.

Continue reading “Riddle solved: Why was Roman concrete so durable?”

Cybersecurity trends in 2023 that will directly impact everyday life

Posted on by esimantiras

Cybersecurity trends in 2023 that will directly impact everyday life

source: cybersecuritydive.com  |  image: Pixabay.com

 

The scale of cyberthreats are growing, spilling into the mainstream. In 2023, expect the spotlight to add pressure to businesses that have underinvested in security.

 

There are a few certainties in cybersecurity: ransomware will cause headaches for companies; third parties will spark cyber incidents; and every December, cybersecurity analysts will put together lists of their predictions and trends they believe will have an impact in the coming year. 

Most of the predictions are designed to help organizations build out their security programs, but every so often a trend will build slowly over time until its impact is clear.

Sometimes these trends will reach far beyond an individual company and impact society at large. 

Here are some of the biggest trends Cybersecurity Dive is watching this year. Are there any security patterns you are watching closely? Email us at cybersecurity.dive.editors@industrydive.com.

The global impact of state-sponsored activities

State-sponsored threats trend every year, but as we begin 2023, those threats have a different, more menacing, feel to them. The countries responsible for much of the state-sponsored activity — Russia, China and Iran — are embroiled in conflict. 

“In the past year, we’ve seen [Russia’s] invasion of Ukraine; a worsening of the relationship between China and the West combined with tightening control by Xi Jinping and further pressure on Taiwan; and a growing concern in Iran about dissident activity and pressures on the regime both internally and abroad,” said Mike McLellan, director of intelligence for the Secureworks Counter Threat Unit. 

Continue reading “Cybersecurity trends in 2023 that will directly impact everyday life”

Divided in the Face of Defeat: The Schism Forming in the Russian Elite

Posted on by esimantiras

Divided in the Face of Defeat: The Schism Forming in the Russian Elite

source: indiandefencereview.com, contributed by FAN Bill Amshey  |  image: pexels.com

 

Russia is heading toward a final battle between the radicals, for whom escalation is a way of life, and the realists, who understand that continuing to up the ante could lead to their country’s collapse.

 

There was already talk of a possible split within the Russian elite two months ago, after Russia’s hurried retreat from Ukraine’s Kharkiv region. Since then, Russian troops have also been forced to withdraw from the key city of Kherson, and the predicted schism is taking shape. Members of the elite are dividing into relative realists who are calling for a tactical pause in the fighting in order to rethink Russia’s goals, and those who advocate remorseless escalation at any price. 

Never before have Putin’s strategic decisions—generally seen as the price of stability—pushed the Russian elites to the brink of a divide. They put up little resistance to the evisceration of the oligarchs, the rise of the siloviki (security services), and the 2008 Georgian war, while the annexation of Crimea from Ukraine in 2014 was positively welcomed by many.

Continue reading “Divided in the Face of Defeat: The Schism Forming in the Russian Elite”

5 scientific breakthroughs in 2022…

Posted on by esimantiras

5 scientific breakthroughs in 2022 that should give you hope for the future

 

source: fastcompany.com  |  image: Pixabay.com

 

It’s been a challenging year on many fronts, but where science is concerned, the future is brighter than it is bleak.

While there was no shortage of upsetting news in 2022, researchers and science enthusiasts can point to a number of uplifting advancements and discoveries to revive hope in humanity. This year, the brightest minds in STEMs brought us steps closer to a revolutionary future, with breakthroughs in energy production, space exploration, and planet protection. Here are five scientific breakthroughs from 2022 to reflect on how far we’ve come. 

WE HIT A NUCLEAR-FUSION MILESTONE

It took 70 years, but physicists at the National Ignition Facility (NIF) finally had more output than energy input. Although commercial production of fusion energy is still a pipe dream, researchers at NIF in California have done what a similar project in France has yet to do. The hope for the future is more energy gains from nuclear fusion, which can provide an infinite source of clean energy that’s carbon-free and doesn’t emit radioactive waste. 

Continue reading “5 scientific breakthroughs in 2022…”