DARPA, the U.S. military’s R&D arm, announced this week that it will pay US $2 million to the winner of its Cyber Grand Challenge, a contest aimed at developing an automated network defense system that actively searches for and identifies vulnerabilities and patches them on the fly. “Today, our time to patch a newly discovered security flaw is measured in days,” Mike Walker, DARPA program manager, told Kaspersky Threatpost. “Through automatic recognition and remediation of software flaws, the term for a new cyberattack may change from zero-day to zero-second,” says Walker.
U.S. Government Snooping
Lawyers at the Electronic Frontier Foundation say that a secret bill being discussed in both houses of the U.S. Congress would ensure the continued collection of Americans’ records and shore up the legal basis for domestic spying.
Critical Infrastructure in the Crosshairs
Bugs in equipment used to run the U.S. Emergency Alert System, which sends out notifications in the case of a natural disaster or other serious situation, could still let an attacker send fake alerts—three months after a researcher reported the vulnerabilities.
A hacker armed with an antenna can wreak havoc on unpatched industrial automation software vital to operations in the oil and gas industries and in water and electric utilities from as far as 50 kilometers away.
In Other Cybercrime News…
A U.S. federal court in Idaho recently ordered a software developer's computer seized and its contents copied without prior notice because the developer described himself as a "hacker" on his website
Microsoft and Symantec are pushing for a uniform way to vet companies and individuals around the world in order to stem the alarming growth in malware signed with fraudulently obtained keys and code-signing certificates.
Apple released more than 100 security updates to fix holes in eight different products including iTunes media player, the Safari browser, and the most recent iteration of its mobile operating system, iOS 7.
Six Romanians and one Albanian have been indicted on allegations that they operated a multimillion-dollar cyber fraud scheme selling nonexistent cars, boats, and other high-value items through eBay and other sites.