Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 154

Digital identity capabilities from Trust Stamp are now being integrated with Mastercard’s Wellness Pass solution, which it will launch in cooperation with Gavi in West Africa. Proving identity without revealing any information about it is the idea behind Trust Stamp’s zero knowledge approach to online identity verification, according to a profile by Mastercard.

Gareth Genner, Trust Stamp co-founder and CEO, explains in an interview how the company’s Evergreen Hash technology uses biometrics without taking on the risk of spoofing or a data breach that he says come with standard biometric implementations.

The Evergreen Hash is created from the customers face, palm or fingerprint biometrics, which the company uses to generate a “3D mask,” discarding raw data and adding encryption to associate the data with the user.

Read more | >

2020 is officially a movie:

Russian hackers are trying to steal COVID-19 vaccine and treatment research from pharmaceutical and academic institutions, according to Britain’s National Cyber Security Centre.

Hackers backed by the Russian state are trying to steal COVID-19 vaccine and treatment research from academic and pharmaceutical institutions around the world, Britain’s National Cyber Security Centre (NCSC) said on Thursday.

Read more | >

Scott Morrison will unveil $748m in new cyber security initiatives, with the planned reallocation of resources from within the defence portfolio rising to $1.35bn over a decade once the government unveils a new cyber security strategy in coming months.

Resources reallocated from defence portfolio are planned to rise to $1.35bn over a decade with 500 new jobs created.

Read more | >

A deep tech startup building cryptographic solutions to secure hardware, software, and communications systems for a future when quantum computers may render many current cybersecurity approaches useless is today emerging out of stealth mode with $7 million in funding and a mission to make cryptographic security something that cannot be hackable, even with the most sophisticated systems, by building systems today that will continue to be usable in a post-quantum future.

PQShield (PQ being short for “post-quantum”), a spin out from Oxford University, is being backed in a seed round led by Kindred Capital, with participation also Crane Venture Partners, Oxford Sciences Innovation and various angel investors, including Andre Crawford-Brunt, Deutsche Bank’s former global head of equities.

PQShield was founded in 2018, and its time in stealth has not been in vain.

Read more | >

Researchers at Ben-Gurion University of the Negev (BGU) have determined how to pinpoint the location of a drone operator who may be operating maliciously or harmfully near airports or protected airspace by analyzing the flight path of the drone.

Drones (small commercial unmanned ) pose significant security risks due to their agility, accessibility and low cost. As a result, there is a growing need to develop methods for detection, localization and mitigation of malicious and other harmful aircraft operation.

The paper, which was led by senior lecturer and expert Dr. Gera Weiss from BGU’s Department of Computer Science, was presented at the Fourth International Symposium on Cyber Security, Cryptography and Machine Learning (CSCML 2020) on July 3rd.

Read more | >

Electronic systems – from the processors powering smartphones to the embedded devices keeping the Internet of Things humming – have become a critical part of daily life. The security of these systems is of paramount importance to the Department of Defense (DoD), commercial industry, and beyond. To help protect these systems from common means of exploitation, DARPA launched the System Security Integration Through Hardware and Firmware (SSITH) program in 2017. Instead of relying on patches to ensure the safety of our software applications, SSITH seeks to address the underlying hardware vulnerabilities at the source. Research teams are developing hardware security architectures and tools that protect electronic systems against common classes of hardware vulnerabilities exploited through software.

To help harden the SSITH hardware security protections in development, DARPA today announced its first ever bug bounty program called, the Finding Exploits to Thwart Tampering (FETT) Bug Bounty. FETT aims to utilize hundreds of ethical researchers, analysts, and reverse engineers to deep dive into the hardware architectures in development and uncover potential vulnerabilities or flaws that could weaken their defenses. DARPA is partnering with the DoD’s Defense Digital Service (DDS) and Synack, a trusted crowdsourced security company on this effort. In particular, FETT will utilize Synack’s existing community of vetted, ethical researchers as well as artificial intelligence (AI) and machine learning (ML) enabled technology along with their established vulnerability disclosure process to execute the crowdsourced security engagement.

Bug bounty programs are commonly used to assess and verify the security of a given technology, leveraging monetary rewards to encourage hackers to report potential weaknesses, flaws, or bugs in the technology. This form of public Red Teaming allows organizations or individual developers to address the disclosed issues, potentially before they become significant security challenges.

Read more | >