One of the common ways to hack a computer is to mess with its input data. That is, if you can feed the computer data that it interprets — or misinterprets — in a particular way, you can trick the computer into doing things that it wasn’t intended to do. This is basically what a buffer overflow attack is: the data input overflows a buffer and ends up being executed by the computer process.
Well, some researchers did this with a computer that processes DNA, and they encoded their malware in the DNA strands themselves:
To make the malware, the team translated a simple computer command into a short stretch of 176 DNA letters, denoted as A, G, C, and T. After ordering copies of the DNA from a vendor for $89, they fed the strands to a sequencing machine, which read off the gene letters, storing them as binary digits, 0s and 1s.
Erlich says the attack took advantage of a spill-over effect, when data that exceeds a storage buffer can be interpreted as a computer command. In this case, the command contacted a server controlled by Kohno’s team, from which they took control of a computer in their lab they were using to analyze the DNA file.
News articles. Research paper.
from Hacking a Gene Sequencer by Encoding Malware in a DNA Strand
Via the demiurgic grey matter of Randall Munroe at XKCD.
from XKCD, Computers vs Humans
Privacy or profit, that is the question. For C-suite executives around the world, striking a balance between safeguarding their organization’s data and meeting government regulations without adversely affecting day-to-day operations has always been a careful balancing act. In light of recent high-profile cyber-attacks in 2016 and 2017 and changing government policies regarding data privacy and […]
The post C-Suite Priorities: Privacy or Profit? appeared first on Radware Blog.
from C-Suite Priorities: Privacy or Profit?
Some of the biggest online names are the among the worst when it comes to password policies
from Too many big online brands allow terrible passwords
Microsoft has now announced 42 Azure regions globally easily surpassing other cloud providers.
from Microsoft Azure Adding Two Data Centers Down Under in Australia
The threat to data is real. According to our 2017 Global Data Threat Report, 68 percent of respondents have experienced a breach in the past, with 26 percent experiencing a…
The post Privacy and Data Protection: A Priority, and now a Product appeared first on Data Security Blog | Thales e-Security.
from Privacy and Data Protection: A Priority, and now a Product
When you’re installing an Android app, pause before you approve one that asks for a lot of permissions – do you really need that app on your device?
from How shared Android libraries could be weaponized for data theft
Chris Lattner, a legend in the world of Apple software, has joined another rival of the iPhone maker: Alphabet Inc.’s Google, where he will work on artificial intelligence.
from Google Hires Former Star Apple Engineer for Its AI Team
A benevolent hacker has helped a family regain access to their car after they misplaced its corresponding one-of-a-kind key.
David Bisson reports.
from Friendly neighborhood hacker helps family regain access to locked car
Unless your department is still in the early stages of your analytics journey, analytic skills should be one of your hiring and promotion criteria. In an earlier post I outlined 10 Signs Mgmt Doesn’t Really Support Analytics. One of the … Continue reading →
from Require Analytic Skills to Hire and Promote