Education and Academia


  • Popular Samsung, LG Android Phones Open to ‘Spearphone’ Eavesdropping

    July 23, 2019

    A Spearphone attacker can use the accelerometer in LG and Samsung phones to remotely eavesdrop on any audio that’s played on speakerphone, including calls, music and voice assistant responses. A new way to eavesdrop on people’s mobile phone calls has come to light in the form of Spearphone – an attack that makes use of Android ...

  • Lancaster University students’ data stolen by cyber-thieves

    July 23, 2019

    Students’ personal data has been stolen in a “sophisticated and malicious” phishing attack at Lancaster University. Officials said the information had been used to send bogus invoices to applicants. “A very small number” of student records, phone numbers and ID documents were also accessed, it said. The breach has been reported to police and the Information Commissioner’s Office. In ...

  • Cybersecurity staff burnout risks leaving organisations vulnerable to cyberattacks

    June 25, 2019

    Cybersecurity professionals are overworked and stressed out to such an extent that it threatens to provide hackers and cybercriminals with a better chance of conducting cyberattacks against the enterprise. A study by Goldsmiths, University of London and cybersecurity company Symantec surveyed over 3,000 CISOs and senior cybersecurity decision makers across the UK, France and Germany and ...

  • Is it still a good idea to publish proof-of-concept code for zero-days?

    March 18, 2019

    More often than not, the publication of proof-of-concept (PoC) code for a security flaw, especially a zero-day, has led to the quick adoption of a vulnerability by threat actors who usually start attacks within hours or days, and don’t give end-users enough time to patch impacted systems. There has been a debate about this issue, especially ...

  • Theoretical Ransomware Attack Could Lead to Global Damages Says Report

    January 29, 2019

    According to a speculative cyber risk scenario prepared by Cambridge University for risk management purposes, a ransomware strain that would manage to impact more than 600,000 businesses worldwide within 24 hours would potentially lead to damages of billions not covered by insurers. First of all, it is important to understand that although the numbers look very scary, this type of ...

  • Government Should Name And Shame Companies With Poor Cyber Security, Say Academics

    January 22, 2019

    The UK government should name and shame companies whose cyber security measures fail to protect consumers’ data, according to a new report from King’s College London’s Cyber Security Research Group, which promotes research into cyber security, and the Policy Institute, an independent research institution which works to solve societal challenges with evidence. The report, called UK Active ...

  • IDA and CIT champion new ‘Cyber Ireland’ infosec cluster

    December 13, 2018

    Could ambitious endeavour make Ireland the Fort Knox of infosec? IDA Ireland and Cork Institute of Technology (CIT) have joined forces on an initiative to establish Cyber Ireland, a national cybersecurity cluster. Cyber Ireland will provide a collective voice to represent the needs of the cybersecurity sector across the country and will address key challenges including skills needs, ...

  • Rowhammer attacks can now bypass ECC memory protections

    November 22, 2018

    Academics from the Vrije University in Amsterdam, Holland, have published a research paper today describing a new variation of the Rowhammer attack. For readers unfamiliar with the term, Rowhammer is the name of a class of exploits that takes advantage of a hardware design flaw in modern memory cards. By default, a memory card stores temporary data ...

  • New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data

    November 3, 2018

    A team of security researchers has discovered another serious side-channel vulnerability in Intel CPUs that could allow an attacker to sniff out sensitive protected data, like passwords and cryptographic keys, from other processes running in the same CPU core with simultaneous multi-threading feature enabled. The vulnerability, codenamed PortSmash (CVE-2018-5407), has joined the list of other dangerous side-channel vulnerabilities ...

  • Hungary increases its scientific cooperation with NATO

    October 12, 2018

    Scientists and other experts from NATO and Hungary discussed future projects of cooperation at the NATO Science for Peace and Security (SPS) Programme Information Day held in Budapest on 11 October 2018. ungary is currently leading an SPS project in the area of chemical, biological, radiological and nuclear (CBRN) defence. The multi-year initiative aims to develop ...

  • OilRig APT Continues Its Ongoing Malware Evolution

    September 13, 2018

    The Iran-linked APT appears to be in a state of continuous tool development, analogous to the DevOps efforts seen in the legitimate software world. OilRig, an APT group believed to have ties to Iran, has been spotted in yet another campaign in the Middle East – this time targeting victims within an undisclosed government using an ...

  • Side-Channel Attack Allows Remote Listener to ‘Hear’ On-Screen Images

    August 27, 2018

    A stealthy side-channel tactic for digital surveillance has been uncovered, which allows an attacker to “hear” on-screen images. According to a team of academic researchers from Columbia University, the University of Michigan, University of Pennsylvania and Tel Aviv University, inaudible acoustic noises emanating from within computer screens can be used to detect the content displayed on ...

  • Researchers Disclose New Foreshadow (L1TF) Vulnerabilities Affecting Intel CPUs

    August 14, 2018

    Academics and private sector researchers have revealed details today about three new vulnerabilities affecting Intel CPUs. All three are Spectre-class attacks that take advantage of a CPU design feature named speculative execution —a feature found in all modern CPUs that has the role of improving performance by computing operations in advance and later discarding unneeded data. These flaws target ...

  • Researchers Developed Artificial Intelligence-Powered Stealthy Malware

    August 9, 2018

    Artificial Intelligence (AI) has been seen as a potential solution for automatically detecting and combating malware, and stop cyber attacks before they affect any organization. However, the same technology can also be weaponized by threat actors to power a new generation of malware that can evade even the best cyber-security defenses and infects a computer network ...

  • How to Steal Bitcoin Wallet Keys (Cold Storage) from Air-Gapped PCs

    April 23, 2018

    Dr. Mordechai Guri, the head of R&D team at Israel’s Ben Gurion University, who previously demonstrated various methods to steal data from an air-gapped computer, has now published new research named “BeatCoin.” BeatCoin is not a new hacking technique; instead, it’s an experiment wherein the researcher demonstrates how all previously discovered out-of-band communication methods can be ...

  • The cybersecurity skills gap caused 40% of IT pros to stall their cloud migrations

    April 15, 2018

    Though virtually all organizations are moving some assets to the cloud, a lack of cybersecurity talent is slowing migration for 40% of IT professionals, according to a Monday report from McAfee. Of the 1,400 IT professionals surveyed worldwide, 97% said their organization is using some type of cloud service—up from 93% last year. However, those with ...

  • Australian universities and NGOs targeted by Iranian and Chinese hackers

    February 27, 2018

    Australian universities have been targeted by hackers with connections to Iran in recent months, and “a number of investigations” are in progress, according to cybersecurity firm CrowdStrike. “There are a lot of things that are happening geopolitically that are driving a lot of attacks,” the company’s vice president for technology strategy Michael Sentonas told journalists in ...

  • Govt to help cyber security geeks commercialise their ideas with fresh funds

    January 18, 2018

    Cyber security academicians in the UK will soon be able to receive grants of up to £16,000 from the National Cyber Security Centre if they come up with innovative ideas that can be commercialised. Grants offered by the National Cyber Security Centre to academics in the field of cyber security will come from a £500,000 ...

  • Australian National University establishes interdisciplinary Institute to focus on cybersecurity and innovation

    October 29, 2017

    The Australian National University (ANU) announced the establishment of the nation’s first interdisciplinary Cyber Institute on October 29. The announcement was made during a visit to Israel by a major Australian cyber security and innovation delegation, led by the Minister Assisting the Prime Minister on Cyber Security, Dan Tehan. Mr. Tehan welcomed the announcement. The ANU Cyber Institute ...

  • Singapore to have new academy to train cybersecurity professionals

    September 19, 2017

    More needs to be done even as Singapore has made “good progress” in building up its cybersecurity capabilities, as it is more exposed than many other countries to cyberattacks, said Acting Prime Minister Teo Chee Hean on Tuesday (Sep 19). To address this, and as part of efforts to invest in its people, Mr Teo said the ...