News & Trends
2018-08-14  

Title: Venezuela assassins use killer drones in failed bid to kill President Nicolas Maduro

 

Author: The New Daily

 

Date: 05 August 2018

 

Abstract:

Venezuela’s embattled President Nicolas Maduro has survived an assassination attempt that saw him attacked by bomb-laden drones while addressing a rally of his supporters and military backers.The explosions prompted a mass panic that saw the assembled troops break ranks and flee the scene on a main thoroughfare in Caracas, the South American nation’s capital.

A shaken but uninjured Mr Maduro was bundled from the scene by bodyguards as authorities began an immediate hunt for the would-be assassins.Venezuelan authorities on Monday morning (AEST) said they detained six people over drone attack.

 

Source: https://thenewdaily.com.au/news/world/2018/08/05/nicolas-maduro-survives-drone-assassination/?utm_source=Adestra&utm_medium=email&utm_campaign=Morning%20News%2020180806

2018-08-14  

Title: 'Silly, naive': Fanboy faces jail over 3D-printed guns

 

Author: Georgina Mitchell, Sydney Morning Herald

 

Date: 06 August 2018

 

Abstract:

A Sydney pop culture fan facing possible jail time for making replica guns with a 3D printer claims he had no idea his hobby could land him in such strife.Sicen Sun, 28, was arrested in February 2017 after he advertised one of his imitation weapons for sale for "$1 million negotiable" on a Facebook buy, swap and sell group.The replica SIG Sauer P250 pistol was advertised for three days on the group for military items, and two weeks later police arrived at Mr Sun's home in Waverley with a search warrant.Officers found multiple replica guns, a 3D printer, and blueprints downloaded from the internet which detailed how to make the replicas.Mr Sun, who worked in advertising, made "full admissions" and told police he was a "cosplay enthusiast" who used the guns in his pastime of dressing up as film and video game characters.

 

Source: https://www.smh.com.au/national/nsw/silly-naive-fanboy-faces-jail-over-3d-printed-guns-20180806-p4zvu2.html
2018-08-14  

Title: The Sensors That Power Smart Cities are a Hacker’s Dream

 

Author: Lily Hay Newman, WIRED

 

Date: 09 August 2018

 

Abstract:

At this point, it seems like every so-called consumer smart device—from routers and baby monitors to connected thermostats and garage door openers—has been shown to have vulnerabilities. But that same security crisis has also played out on a macro scale, exposing municipal works and public safety sensors to manipulation that could destabilize traffic lights, undermine radiation sensors, or even create a calamity like causing a dam to overflow because of tainted water level data.Researchers from IBM Security and data security firm Threatcare looked at sensor hubs from three companies—Libelium, Echelon, and Battelle—that sell systems to underpin smart city schemes. Smart city spending worldwide is estimated to reach about $81 billion globally in 2018, and the three companies all have different areas of influence. Echelon, for example, is one of the top suppliers of smart street lighting deployments in the world. Fundamentally, though, the systems the researchers analyzed are similar. By setting up an array of sensors and integrating their data, a municipality can get more nuanced insight into how to solve interconnected problems. These sensors monitor things like weather, air quality, traffic, radiation, and water levels, and can be used to automatically inform fundamental services like traffic and street lights, security systems, and emergency alerts.

 

Source: https://www.wired.com/story/sensor-hubs-smart-cities-vulnerabilities-hacks/

2018-08-14  

Title: Hack causes pacemakers to deliver life-threatening shocks

 

Author: Dan Goodin, Ars Technica

 

Date: 10 August 2018

 

Abstract:

Life-saving pacemakers manufactured by Medtronic don’t rely on encryption to safeguard firmware updates, a failing that makes it possible for hackers to remotely install malicious wares that threaten patients’ lives, security researchers said Thursday.At the Black Hat security conference in Las Vegas, researchers Billy Rios and Jonathan Butts said they first alerted medical device maker Medtronic to the hacking vulnerabilities in January 2017. So far, they said, the proof-of-concept attacks they developed still work. The duo on Thursday demonstrated one hack that compromised a CareLink 2090 programmer, a device doctors use to control pacemakers after they’re implanted in patients.Because updates for the programmer aren’t delivered over an encrypted HTTPS connection and firmware isn’t digitally signed, the researchers were able to force it to run malicious firmware that would be hard for most doctors to detect. From there, the researchers said, the compromised machine could cause implanted pacemakers to make life-threatening changes in therapies, such as increasing the number of shocks delivered to patients.

 

Source: https://arstechnica.com/information-technology/2018/08/lack-of-encryption-makes-hacks-on-life-saving-pacemakers-shockingly-easy/

more
VFAC Review
no image
2017-01-24
 
The VFAC Review is a bimonthly multi-disciplinary review of the issues and trends in cybercrime.

Issue 12 contains information on:

  • Conferences and Events
  • News & Trends
  • Recent Publications


Articles on:

  • A Geneva Convention or Declaration for Cyberspace
  • Cyber Conflict and Retribution: Uncertainties in the Dark


more
Book Review
no image
2018-08-14
  

Title: Internet- and cloud-of-things cybersecurity research challenges and advances
 

Authors: Kim-Kwang Raymond Choo, Matt Bishop, William Glisson, Kara Nance

 

Date: May 2018

 

Abstract: Increasing digital device sales, increasing regulatory requirements, and increasing generation and storage of digital transactions through the integration of the diverse entities within the “Internet of Things” (IoT) all increase the attack surface for users. As technology become increasingly ubiquitous in daily life, cybercrime and cybersecurity tools and techniques evolve concurrently. This fuels the need to develop innovative managerial, technological and strategic solutions. The tight coupling of the technologies and tools necessitates a variety of responses to use them effectively to combat cybercrime. For example, malware generally uses deception to disguise what it is doing; cybersecurity techniques such as digital forensics can be used to identify deception and determine what has occurred or will occur.

Due to the constant evolution of cybercrime and advances in technology, identifying and validating technical solutions that access data, investigating the impact of these solutions, and understanding how technologies can be abused is crucial to the viability of government, commercial, academic, and legal communities, all of which affect national security.

 

DOI: https://doi.org/10.1016/j.cose.2018.02.008

more