Cyber Platgorm

21/02/2022

IBM Cost of Data Breach 2021 Report Pegs Incident Cost at $4.2 MillionIBM’s annual report titled Cost of a Data Breach claims that the average cost of a breach now stands at $4.2 million per incident, the highest ever. The report has been prepared by the Michigan-based Ponemon Institute for IBM Security.

Takeaways from the report
The data breach report analyzed over 500 organizations that experienced network intrusions during the Covid-19 pandemic.
The average cost of a data breach surged by 10% in 2021 as compared to last year.
The U.S. suffered the highest data breach cost at $9.05 million per incident, followed by the Middle East at $6.93 million and Canada at $5.4 million.
Healthcare, financial services, and pharmaceuticals industries were the most affected, with an average cost of $9.23 million, $5.72 million, and $5.04 million per incident, respectively.
It took an average of 287 days to detect and contain a data breach, seven days longer than the previous year.
Companies employing advanced security solutions based on AI, machine learning, analytics, and encryption saved firms an average of between $1.25 million and $1.49 million.

Top threat
The most common attack vector included compromised credentials. Adversaries obtained login credentials mostly from data dumps on online platforms or via brute-force attacks. Once inside a network, they primarily targeted customers’ Personally Identifiable Information (PII).

21/02/2022

Malware Hidden Inside Neural Network Models has Over 90% EfficacyA new attack method has been discovered that allows hiding malware inside the image classifier within a neural network and bypassing security barriers. Surprisingly, the model’s accuracy remained above 93%.

What was discovered?
Researchers Zhi Wang, Chaoge Liu, and Xiang Cui demonstrated that it is possible to replace up to 50% of neurons in the AlextNet model with malware that can go undetected under security scanners.
In the demonstration, they embedded malware of size 36.9MB inside an AlexNet model of size 178 MB, within a 1% accuracy loss.
For this, the researchers had selected a layer within the already-trained image classifier model and then embedded the malware in that layer.
According to them, if the model does not have sufficient neurons, the same attack method can be used with an untrained model as well.
Attackers could train the model using the same data used in the original model, thus producing the same performance.
Moreover, the model was tested on VirusTotal to determine the efficiency of the malware. After validation by 58 antivirus engines, no suspicious activities were detected inside the model, indicating a successful evasion technique.

21/02/2022

Google debuts new Private Compute features in ramp up of Android securityGoogle has introduced new features to Android's Private Compute Core, a secure environment currently in the beta stages of development.On Thursday, Suzanne Frey, VP, Product, Android & Play Security and Privacy said in a blog post that the new suite will "provide a privacy-preserving bridge between Private Compute Core and the cloud."

Currently in Android 12 Beta, Private Compute Core is an open source platform that aims to isolate itself from other apps and the main operating system on an Android device to improve privacy and security.

The new features are:

Live Caption: Captions added to media using on-device speech recognition
Now Playing: Machine learning (ML) algorithms able to recognize music playing nearby
Smart Reply: Suggests relevant responses based on the messaging and active conversations
While these features, in themselves, aren't privacy-based, Google says that new functionality will be implemented with each Android release -- and each one brings the sandboxed Android area closer to completion.

Each feature utilizes ML and to keep data gathered by them private and secure -- including speech records, environmental noise detection, and the context of conversations, should users enable it -- they will be processed in the Private Compute Core and will not be shared with other apps unless expressly permitted by the handset owner.

Frey added that the core will "let your device use the cloud (to download new song catalogs or speech-recognition models [for example]) without compromising your privacy."

21/02/2022

Quantum cryptography: This air-filled fiber optic cable can transport un-hackable keys, say researchers
Hollow core fiber is filled only with air, but the technology's applications for security could be very promising.A new type of optical fiber filled with nothing but thin air has been found to be particularly effective for carrying out quantum key distribution (QKD), a security protocol that is in principle un-hackable and could play a key role in protecting sensitive data against ever-more sophisticated cyberattacks. Optical fiber is typically made of solid strands of glass that carry information by channeling light signals emitted by laser transmitters. Hollow core fiber, on the other hand, has a hollow center filled with air, which runs the entire length of the cable and is encased in a ring of glass.

21/02/2022

A New Approach to Detect Stealthy Malware on IoT DevicesA new approach has been devised by security teams that leverage electromagnetic field emanations to detect evasive malware on IoT devices. The approach works even in obfuscation scenarios.

What’s the fuss about?
The recent findings are presented by researchers from the Research Institute of Computer Science and Random Systems (IRISA) at the Annual Computer Security Applications Conference (ACSAC).
Hackers use the side channel details to detect anomalies in emanations when they differ from previously observed patterns and suspicious behavior in the system’s normal state.
Without any on-device modification, the method enables detection along with the classification of kernel-level rootkits, ransomware, or unseen variants.
The electromagnetic emanation calculated from the device is nearly undetectable by the malware. Thus, in this case, malware evasion tactics cannot be applied directly unlike for dynamic software monitoring.
Further, malware usually does not have any sort of control on outside hardware-level, and a protection system using hardware features cannot be taken down, even when malware has maximum privilege.

21/02/2022