Leaking (a lot of) Data from Air-Gapped Computers via the (small) Hard Drive LED (LED-it-GO)

Highly secure systems are often ‘Air Gapped’, or removed from any internet connected network to make it more difficult to illegally or maliciously access them. Attacks in recent years have shown that it is possible and perhaps not even particularly complex to have users load malicious software onto an air gapped computer (e.g. with a …

Revenge Porn and Mental Health: A Qualitative Analysis of the Mental Health Effects of Revenge Porn on Female Survivors

Samantha Bates at Simon Fraser University has examined the emotional and mental health effects on survivors of revenge pornography. This form of non-consensual distribution of intimate images occurs after partners exchange intimate photos during a relationship, but when the relationship breaks down, one of the former partners distribute the images to the family, friends, employers …

Terrorist Use of the Internet by the Numbers: Quantifying Behaviors, Patterns, and Processes

Terrorism and the Internet is a hot button topic with the dangers posed by online groups being the subject of near constant debate and news headlines.  A question that bears closer examination is the effect that the Internet has on would be terrorists. Does content or contact online cause a change in behaviour or does …

Zero Days, Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their Exploits

RAND obtained a dataset of information about zero-day software exploits through a research connection. It is a rich dataset, as some of these exploits have been found by others and some have not. The dataset spans 14 years (2002–2016) and contains information about more than 200 zero-day exploits and the vulnerabilities that they take advantage …

U.S. Charges Russian FSB Officers and Their Criminal Conspirators for Hacking Yahoo and Millions of Email Accounts

A grand jury Northern District of California has indicted four defendants, including two officers of the Russian Federal Security Service (FSB), for computer hacking, economic espionage and other criminal offenses in connection with a conspiracy, beginning in January 2014, to access Yahoo’s network and the contents of webmail accounts. The defendants are Dmitry Aleksandrovich Dokuchaev, 33, …

La cybersécurité est-elle possible?

Entrevue avec Sébastien Gambs dans le cadre de la conférence « La cybersécurité est-elle possible? » au Cœur des sciences de l’Université du Québec à Montréal (UQAM). Sébastien Gambs est professeur d’informatique à l’UQAM. Ses travaux de recherche portent principalement sur la protection de la vie privée et la sécurité informatique, en particulier pour les …

Security and AI: A Bayesian Approach

Euvgeny Naumov Delve Labs presented at the SERENE-RISC Workshop in 2017 The rapid rise in the number and ubiquity of internet services and internet-facing devices has increased pressure to automate cybersecurity monitoring. However, vulnerabilities discovered by automated solutions per scan can number in the thousands and beyond, still placing a considerable burden on security teams …