Security: Defcon, Carbon Black, Open-Source Cyber Fusion Centre, Open Source Security Podcast and Avaya
-
DARPA's $10 million voting machine couldn't be hacked at Defcon (for the wrong reasons)
For the majority of Defcon, hackers couldn't crack the $10 million secure voting machine prototypes that DARPA had set up at the Voting Village. But it wasn't because of the machine's security features that the team had been working on for four months. The reason: technical difficulties during the machines' setup.
Eager hackers couldn't find vulnerabilities in the DARPA-funded project during the security conference in Las Vegas because a bug in the machines didn't allow hackers to access their systems over the first two days. (DARPA is the Defense Advanced Research Projects Agency.) Galois brought five machines, and each one had difficulties during the setup, said Joe Kiniry, a principal research scientist at the government contractor.
"They seemed to have had a myriad of different kinds of problems," the Voting Village's co-founder Harri Hursti said. "Unfortunately, when you're pushing the envelope on technology, these kinds of things happen."
It wasn't until the Voting Village opened on Sunday morning that hackers could finally get a chance to look for vulnerabilities on the machine. Kiniry said his team was able to solve the problem on three of them and was working to fix the last two before Defcon ended.
-
At hacking conference, Pentagon's transparency highlights voting companies' secrecy
At the country's biggest election security bonanza, the US government is happy to let hackers try to break into its equipment. The private companies that make the machines America votes on, not so much.
The Def Con Voting Village, a now-annual event at the US's largest hacking conference, gives hackers free rein to try to break into a wide variety of decommissioned election equipment, some of which is still in use today. As in the previous two years, they found a host of new flaws.
The hunt for vulnerabilities in US election systems has underscored tensions between the Voting Village organizers, who argue that it's a valuable exercise, and the manufacturers of voting equipment, who didn't have a formal presence at the convention. -
Carbon Black Open-Source Binary Emulator Eases Malware Analysis
Carbon Black, the cybersecurity and endpoint protection software provider, has unveiled the Binee open-source binary emulator for real-time malware analysis. The company announced Binee at last week’s DEF CON 27 hacker conference in Las Vegas, Nevada.
[...]
Carbon Black also has been gaining momentum with MSPs and MSSPs over the past few months. In fact, Carbon Black recorded revenue of $60.9 million and a net loss of $14.6 million in the second quarter of 2019; both of these figures generally beat Wall Street’s expectations.
-
Concordia receives $560K for a new Open-Source Cyber Fusion Centre
The call for collaborative projects in the area of information communication technologies led to the genesis of the Open-Source Cyber Fusion Centre, a project that will provide companies with a wide array of tools and methodologies for cybersecurity.
The project is a joint initiative with Carleton University and two industrial partners, eGloo and AvanTech, all of which have recognized expertise in open-source software application programming interfaces (APIs) and technology stacks.
[...]
The Open-Source Cyber Fusion Centre’s ongoing research will help strengthen and democratize the Canadian economy. By mitigating cyberthreats, projects of this kind promote entrepreneurship and help nurture a more diverse economy.
In addition, the centre provides students with unique opportunities to participate in an ever-changing, complex cybersecurity industry that is becoming increasingly prevalent in Canada.
SMEs can get in touch with the centre and its partners to receive support on their security operations. They can install advanced technologies in their corporate network as a free service to monitor the security of their operations.
-
Open Source Security Podcast Ep. 151– The DARPA Cyber Grand Challenge with David Brumley
Open Source Security Podcast helps listeners better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers, the pair covers a wide range of topics including IoT, application security, operational security, cloud, devops, and security news of the day.
-
McAfee Discovers Vulnerability in Avaya VoIP Phones
McAfee researchers have uncovered a remote code execution (RCE) vulnerability in open-source software from a popular line of Avaya VoIP phones.
McAfee is warning organizations that use Avaya VoIP phones to check that firmware on the devices have been updated. Avaya’s install base covers 90% of the Fortune 100, with products targeting customers from small business and midmarket, to large corporations.
- Login or register to post comments
- Printer-friendly version
- 2949 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago