Tag Archive for: hacking

Tackling next generation cyber hacking the focus of new training lab – FOX13 News Memphis

/in


Washington, D.C. — New cyber hacks are emerging every day and the targets aren’t just businesses, governments and universities.

The next generation of hacks can even affect systems we rely on every day to get to work, or get household products delivered to our door.

“There are nation states, China, Russia, Iran, North Korea…that are coming after us in the cyber domain,” said Jamil N. Jaffer, founder and executive director of the National Security Institute.

These evolving cyber hacks are even discussed at the highest levels of government.

“We need to be able to both defend ourselves, but also take the fight to our adversaries and deter them from engaging in behavior that might affect our nation,” said Jaffer.

Inside a pilot lab located on George Mason University’s Arlington, Virginia campus, there’s testing ground for these new cyber security threats. Jaffer said this Commonwealth Cyber Initiative (CCI) Living Innovation Lab is critical for training the next generation to defend against new hacks.

“Students have the ability to see how the systems work, how the hackers might come in, how they might get in how they might establish persistence, and then how they might take action on those targets, to make them do things you don’t expect,” said Jaffer.

In the lab, students are learning about security for self-driving cars and researching how to streamline self-driving car signals and keep them secure.

“We’re able to work on commercial grade equipment so the same kinds of equipment that you see out in the real world, not just, you know, theoretical ideas on simulated on a computer,” said Liza Wilson Durant, Associate provost for strategic initiatives and community engagement at George Mason University.

Liza Wilson Durant runs the lab on campus and she showed us some of the equipment they work with.

Download the FOX13 Memphis app to receive alerts from breaking news in your neighborhood.

CLICK HERE TO DOWNLOAD

Trending stories:

“Each one of these steps could be hacked by an outsider whether they’re trying to disrupt the robots or the machine itself,” she said.

As supply chain issues and higher prices hit the country, Durant said a mini factory helps research…

Source…

Locked Out of ‘God Mode,’ Runners Are Hacking Their Treadmills

/in


JD Howard just wanted to watch cloud security tutorials. Howard, a construction industry worker on sabbatical, spent $4,000 on a NordicTrack X32i treadmill, lured in by its 32-inch HD screen and the opportunity to exercise body and mind. His plan was to spend his time away from work exercising while watching technical videos from learning platforms such as Pluralsight and Udemy. But his treadmill had other ideas.

Despite having a huge display strapped to it, NordicTrack’s hardware pushes people to subscribe to exercise software operated by iFit, its parent company, and doesn’t let you watch videos from other apps or external sources. iFit’s content includes exercise classes and running routes, which automatically change the incline of the treadmill depending on the terrain on the screen. But Howard, and many other NordicTrack owners, weren’t drawn to the hardware by iFit’s videos. They were drawn in by how easy the fitness machines were to hack.

To get into his X32i, all Howard needed to do was tap the touchscreen 10 times, wait seven seconds, then tap 10 more times. Doing so unlocked the machine—letting Howard into the underlying Android operating system. This privilege mode, a sort of God mode, gave Howard complete control over the treadmill: He could sideload apps and, using a built-in browser, access anything and everything online. “It wasn’t complicated,” Howard says. After accessing privilege mode he installed a third-party browser that allowed him to save passwords and fire up his beloved cloud security videos.

While NordicTrack doesn’t advertise privilege mode as a customer feature, its existence isn’t exactly a secret. Multiple unofficial guides tell people how to get into their machines, and even iFit’s support pages explain how to access it. The whole reason Howard bought the X32i, he says, was because he could access God mode. But the good times didn’t last long.

Since October, NordicTrack has been automatically updating all of its exercise equipment—its bikes, ellipticals, and rowing machines all have big screens attached—to block access to privilege mode. The move has infuriated customers who are now fighting back and finding workarounds that…

Source…

Israel Is Hacking the Phones of Palestinian NGOs

/in


The Dublin-based digital rights NGO Front Line Defenders (FLD) published a major report earlier this month that found that six Palestinian human rights staff, working for NGOs later designated by the Israeli defense ministry as terror groups, were hacked by the technology company NSO Group’s Pegasus spyware. The hack was, apparently, part of an Israeli campaign to criminalize the advocacy efforts of the Palestinian NGOs. It sought compromising information that would buttress the government’s claims that they are affiliates of the banned Popular Front for the Liberation of Palestine and funnel donations to fund its terror activities.

A number of these Palestinian groups, along with several Israeli human rights NGOs, have testified before international bodies that Israel has engaged in war crimes against Palestinians. Israel views this as what it calls “delegitimation,” an attempt to destroy the state of Israel by political means. It considers such acts as existential threats. One past government minister even went so far as to call for the “civil targeted assassination” of the leaders of the global Boycott, Divestment, and Sanctions (BDS) movement. The attacks portrayed in the FLD report are an integral part of that campaign.

FLD laid out a detailed timeline of events that ties the defense ministry’s designation of the NGOs as terror groups directly to the phone hacking. The first hacking victim came forward on October 16, giving his phone to FLD for a forensic analysis. It immediately shared the device logs with the Citizen Lab, the cyber-forensic detectives who specialize in detecting NSO’s spyware. The following day, the Dublin group met with the six Palestinians and confirmed their phones had been infiltrated.

Presumably, NSO and the Israeli internal security service Shin Bet discovered that their operation had been compromised and exposed almost simultaneously. That would explain why the following day, October 18, Salah Hammouri, one of the six whose phones were targeted, was notified that his Jerusalem…

Source…

Cybersecurity – Mobile Security

/in