Microsoft: Russian, North Korean hackers target vaccine work

Microsoft said it has detected attempts by state-backed Russian and North Korean hackers to steal valuable data from leading pharmaceutical companies and vaccine researchers.

Find out more at https://ift.tt/38GOTXB
via TechXplore.com

DNS cache poisoning ready for a comeback

Agroup led by UC Riverside computer security researchers unveiled discovery of a series of critical security flaws that could lead to a revival of DNS cache poisoning attacks this week at the 2020 ACM SIGSAC Conference on Computer and Communications Security. The attack succeeds by derandomizing the source port and works on all layers of caches in the DNS infrastructure, such as forwarders and resolvers.

Find out more at https://ift.tt/38yccmE
via TechXplore.com

Researchers develop open-source tool to check for data leakage from AI systems

Many smartphone applications, such as speech-to-text program and Google Assistant, are powered by Artificial Intelligence (AI). Companies also use AI to improve marketing strategies, recommend products and services to users, or even generate predictions about possible health risks for patients.

Find out more at https://ift.tt/32wilvK
via TechXplore.com

New tool detects unsafe security practices in Android apps

Computer scientists at Columbia Engineering have shown for the first time that it is possible to analyze how thousands of Android apps use cryptography without needing to have the apps’ actual codes. The team’s new tool, CRYLOGGER, can tell when an Android app uses cryptography incorrectly—it detects the so-called ‘cryptographic misuses’ in Android apps. When given a list of rules that should be followed for secure cryptography—guidelines developed by expert cryptographers and organizations such as NIST and IETF that define security standards to protect sensitive data—CRYLOGGER detects violations of these rules.

Find out more at https://ift.tt/2Un4FPn
via TechXplore.com