PowerHammer, The Mains Exploitation →

April 16, 2018 by Marc Handelman in Information Security, Cybersecurity, Data Leakage, Education, Security Science, Security Research, State of Israel, Must Read, Security Leadership

A new research paper has attracted my attention at arXiv.org; and from Mordechai Guri, Boris Zadov, Dima Bykhovsky, Yuval Elovici, all from the astonishingly prolific Ben-Gurion University of the Negev, in southern Israel's blooming desert - the Negev. Interestingly, all working in the Cyber-Security Research Center a component - if you will - of the Department of Software and Information Systems Engineering.

This is one of those seemingly easy to grasp, easy to execute (for the right entities, and with the apropos hardware and software exfiltration tools) in which, data may be slurped-up, with minimal invasive telltale artifacts left behind, simply from sampling the modulated goodness of the electrical power connection to the targeted device.

Importantly, this form of attack would be devestating to the target, of which, has essentially no in-built incusion defense watching over the electrical power flow into the machies PDU (other than the usual gatekeeping set up around and amongst whatever payload is being sought (think diretory services, database passwords, API security, tokens, et cetera). Certainly, today's Must Read.

National Security Agency Research Directorate's 6th Annual Scientific Cybersecurity Paper Competition →

February 03, 2018 by Marc Handelman in Security Education, Security Research, Security Science, Information Security, Cybersecurity, USCSS, USNSA

The National Security Agency's 6th Annual Scientific Cybersecurity Paper Competition has been announced, along with the following Distinguished Experts and other Pertinent Particulars of the Competition (eg., the submittal criteria et cetera). Interested? Read On... A superlative conclave of security luminaries will examine the nominations and provide their specific submittal preferences to the National Security Agency's Research Directorate.

PROF. L. JEAN CAMP, Indiana University
DR. ROBERT CUNNINGHAM, Lincoln Laboratory
DR. WHITFIELD DIFFIE, Cybersecurity Advisor
DR. DAN GEER, In-Q-Tel
DR. JOHN MCLEAN, Naval Research Laboratory
PROF. STEFAN SAVAGE, University of California, San Diego
MR. PHIL VENABLES, Goldman Sachs
PROF. DAVID WAGNER, University California at Berkeley
DR. JEANNETTE WING, Columbia University

Here are the all-important dates:

Submission Period Begins: December 15, 2017
Submission Period for Entries Ends: March 30, 2018 11:59 PM, EST.
Evaluation Process for Entries Begins: April 2, 2018
Winners Notified: By September 14, 2018
Winners Announced: Fall 2018

Post-Quantum Safe Crypto Algorithm and PAKE Protocol, The Interview →

May 24, 2017 by Marc Handelman in All is Information, Information Security, Security Research, Security Science

Outstanding interview ov Jintai Ding, Ph.D. (Author of Post-Quantum Safe Crypto Algorithm and PAKE Protocol) by Chris Daly Security Architect (and Founder) of ActiveCyber. Enjoy.