Security News

The US Federal Bureau of Investigation and cybersecurity experts believe Chinese hackers are trying to steal research on developing a vaccine against coronavirus, two newspapers reported Monday. The FBI and Department of Homeland Security are planning to release a warning about the Chinese hacking as governments and private firms race to develop a vaccine for COVID-19, the Wall Street Journal and New York Times reported.

Foreign state hackers are trying to brute-force their way into pharmaceutical and medical research agencies hunting for a COVID-19 vaccine, British and American infosec agencies are warning. The National Cyber Security Centre and America's Cybersecurity and Infrastructure Security Agency cautioned of a "Password spraying" campaign targeting healthcare and medical research organisations.

Gould also told Parliament's Human Rights Committee that data harvested from Britons through NHSX's COVID-19 contact tracing app would be "Pseudonymised" - and appeared to leave the door open for that data to be sold on for "Research". Key to those is a big green button that the user presses to send 28 days' worth of contact data to the NHS. Written by tech arm NHSX, Britain's contact-tracing app breaks with international convention by opting for a centralised model of data collection: all the contact-tracing data is kept under one roof in one central government database.

A new study from research organization CyberNews.com found that malware is becoming increasingly easy to buy and deploy, even for those without technical backgrounds. CyberNews researchers looked at 10 so-called DarkNet marketplaces and found that buying malware is easy and fast, with cheap or even free programs allowing people to own malware.

Cisco has conducted a research project on bypassing fingerprint authentication systems and it achieved a success rate of roughly 80 percent, but the company's experts were unsuccessful against Windows devices. In the case of mobile phones, the researchers bypassed fingerprint authentication on a majority of devices.

Acronis, a global leader in cyber protection, announced the appointment of Candid Wüest as Vice President of Cyber Protection Research at Acronis. Wüest will lead accelerated research into the latest trends in the threat landscape and new protection methods designed to continuously enhance the world's most innovative cyber protection solutions.

RepRisk, a pioneer and leader in ESG data science announces the launch of its upgraded ESG Risk Platform - the world's largest and most comprehensive due diligence database on ESG and business conduct risks. "RepRisk has been on the cutting edge of ESG data science for over a decade, becoming the first firm to leverage big data techniques to better understand ESG risks in 2006" said Philipp Aeby, CEO of RepRisk.

Microsoft Edge is one of the least private web browsers - even more so than other popular browsers like Google Chrome and Mozilla Firefox - according to academic researchers. According to the analysis, from Douglas Leith with the School of Computer Science and Statistics at Trinity College in Ireland, Edge sends privacy-invasive telemetry to Microsoft's back-end servers - including "Persistent" device identifiers and URLs typed into browsing pages.

TRR is short for Target Row Refresh, a high-level term used to describe a series of hardware protections that the makers of memory chips have been using in recent years to protect against rowhammering. Incidentally, reading out a row essentially wipes its value by discharging it, so immediately after any read, the row is refreshed by saving the extracted data back into it, where it's ready to be accessed again.

Quantifying risk is a significant challenge in cybersecurity. Wade Baker of Cyentia Institute discusses recent research projects.