Security News

New MIT protocol protects sensitive data during cloud-based computation
2024-09-26 08:50

Deep-learning models have found applications across various industries, from healthcare diagnostics to financial forecasting. However, their high computational demands often require powerful...

MIT Researchers Discover New Flaw in Apple M1 CPUs That Can't Be Patched
2022-06-13 23:59

It leverages "Speculative execution attacks to bypass an important memory protection mechanism, ARM Pointer Authentication, a security feature that is used to enforce pointer integrity," MIT researchers Joseph Ravichandran, Weon Taek Na, Jay Lang, and Mengjia Yan said in a new paper. The vulnerability is rooted in pointer authentication codes, a line of defense introduced in arm64e architecture that aims to detect and secure against unexpected changes to pointers - objects that store a memory address - in memory.

4 ways to defend against the Dark Web's cybercrime ecosystem, according to MIT researchers
2021-02-19 13:00

The Dark Web allows cybercriminals to create a Cyber Attacks-as-a-Service ecosystem that outmaneuvers security defenses. Cybersecurity researchers Keman Huang, Michael Siegel, Keri Pearlson and Stuart Madnick in their paper Casting the Dark Web in a New Light, published in the MIT Sloan Management Review, asked whether attackers-who more often than not are one or two steps ahead of cyberdefenders-are more technically adept, or is it something else? The paper was written in 2019, but the material is as relevant now as it was then, and maybe even more so.

MIT scientists unveil cybersecurity aggregation platform to gauge effective measures
2020-09-03 11:00

Scientists from MIT's Computer Science and Artificial Intelligence Lab have stepped up trying to change that with a newly built platform called SCRAM. The acronym, which stands for "Secure Cyber Risk Aggregation and Measurement," seeks to address this longstanding cybersecurity reporting issue by taking advantage of new cryptographic tools that can calculate aggregate statistics without needing organizations to disclose information about their own attacks and losses to anyone else-even to the scientists themselves. MIT released a study on the platform, in which it took internal data from seven billion-dollar companies and examined the security incidents they dealt with.

How an MIT spin-off is using contact tracing to fight COVID-19, and so can you
2020-05-12 13:20

Previously, manual contact tracing was used during pandemics. The process of getting a list of everyone a patient has been in touch with, then contacting them, has a formal name called contact tracing.

MIT finds massive security flaws with blockchain voting app
2020-02-14 20:40

"The makers of the blockchain voting platform Voatz have had to go on the offensive to address assertions from MIT researchers that their app is insecure and can be easily hacked into. MIT researchers released a lengthy paper on Thursday that said hackers could change votes through the app, which has already been used in Oregon, West Virginia, Washington, and Utah since 2018."Their security analysis of the application, called Voatz, pinpoints a number of weaknesses, including the opportunity for hackers to alter, stop, or expose how an individual user has voted," MIT said in a news release. Michael Specter, a graduate student in MIT's Department of Electrical Engineering and Computer Science and a member of MIT's Internet Policy Research Initiative, and James Koppel, also a graduate student in EECS, described what went wrong with Voatz and how they discovered the vulnerabilities in their paper, "The Ballot is Busted Before the Blockchain: A Security Analysis of Voatz, the First Internet Voting Application Used in U.S Federal Elections."

MIT Researchers: Online Voting App Has Security Flaws
2020-02-14 19:33

Security researchers at the Massachusetts Institute of Technology have published a technical paper that describes several security flaws in Voatz, a smartphone app used for limited online voting during the 2018 U.S. midterm elections. In their paper, the MIT researchers note that they were unable to obtain complete information about how Voatz engineers developed the company's voting application, nor were they able to access the full backend of the company's infrastructure to investigate how the app checks and verifies identity.

MIT Researchers Find Vulnerabilities in Voatz Voting App
2020-02-14 13:44

Vulnerabilities in the Voatz Internet voting app could allow adversaries to alter, stop, or expose a user's vote, security researchers from the Massachusetts Institute of Technology have discovered. Developed by the private Boston-based Voatz, the application is the first Internet voting app to have been used in high-stakes U.S. federal elections and is "On track to be used in the 2020 Primaries," the researchers point out.

Voatz of no confidence: MIT boffins eviscerate US election app, claim fiends could exploit flaws to derail democracy
2020-02-13 21:58

Only a week after the mobile app meltdown in Iowa's Democratic Caucus, computer scientists at MIT have revealed their analysis of the Voatz app used in West Virginia's 2018 midterm election. They claim the Android app is vulnerable to attacks that could undermine election integrity in the US state.

How MIT researchers use machine learning to detect IP hijackings before it occurs
2019-10-08 16:25

The goal is to predict incidents in advance by tracing it back to the actual hijackers.