Close

Hello. My name is Dudu Mimran and I write about tech, mostly about cyber security, machine learning, and startups. 

United We Stand, Divided We Fall.

If I had to single out an individual development that elevated the sophistication of cybercrime by order of magnitude, it would be sharing. Codesharing, vulnerabilities sharing, knowledge sharing, stolen passwords, and anything else one can think of. Attackers that once worked in silos, in essence competing, have discovered and fully embraced the power of cooperation and collaboration. I was honored to present a high-level overview on the topic of cyber collaboration a couple of weeks ago at the kickoff meeting of a new advisory group to the CDA (the Cyber Defense Alliance), called the ?Group of Seven? established by the Founders Group. Attendees included Barclays? CISO Troels Oerting and CDA CEO Maria Vello as well as other key people from

Read More »

Rent my Brain and Just Leave me Alone

Until AI is intelligent enough to replace humans in complex tasks there will be an interim stage, and that is the era of human brain rental. People have diverse intelligence capabilities, and many times these are not optimally exploited due to living circumstances. Other people and corporations which know how to make money many times lack the brainpower required to scale their business. Hiring more people into a company is complicated, and the efficiency level of new hires decelerates with scale. With a good reason – all the personality and human traits combined with others disturb efficiency. So it makes sense that people will aspire to build tools for exploiting just the intelligence of people (better from remote) in the

Read More »

Right and Wrong in AI

Background The DARPA Cyber Grand Challenge (CGC) 2016 competition has captured the imagination of many with its AI challenge. In a nutshell, it is a contest where seven highly capable computers compete, and a team owns each computer. Each group creates a piece of software that can autonomously identify flaws in their computer and fix them and identify flaws in the other six computers and hack them. A game inspired by the Catch The Flag (CTF) game is played by real teams protecting their computer and hacking into others aiming to capture a digital asset which is the flag. In the CGC challenge, the goal is to build an offensive and defensive AI bot that follows the CTF rules. In

Read More »

Is Chatbots a Passing Episode or Here to Stay?

Chatbots are everywhere. It feels like the early days of mobile apps where you either knew someone who is building an app or many others planning to do so. Chatbots have their magic. It?s a frictionless interface allowing you to chat with someone naturally. The main difference is that on the other side there is a machine and not a person. Still, one as old as I got to think whether it is the end game concerning human-machine interaction, or is it just another evolutionary step in the long path of human-machine interactions. How Did We Get Here? I?ve noticed chatbots for quite a while, and it piqued my curiosity concerning the possible use cases as well as the underlying

Read More »

Cyber-Evil Getting Ever More Personal

Smartphones will soon become the target of choice for cyber attackers?making cyber warfare a personal matter. The emergence of mobile threats is nothing new, though until now, it has mainly been a phase of testing the waters and building an arms arsenal. Evil-doers are always on the lookout for weaknesses?the easiest to exploit and the most profitable. Now, it is mobile’s turn. We are witnessing a historic shift in focus from personal computers, the long-time classic target, to mobile devices. And of course, a lofty rationale lies behind this change. Why Mobile? The dramatic increase in usage of mobile apps concerning nearly every aspect of our lives, the explosive growth in mobile web browsing, and the monopoly that mobile has

Read More »

Is It GAME OVER?

Targeted attacks take many forms, though there is one common tactic most of them share: Exploitation. To achieve their goal, they need to penetrate different systems on-the-go. The way this is done is by exploiting unpatched or unknown vulnerabilities. More common forms of exploitation happen via a malicious document that exploits vulnerabilities in Adobe Reader or a malicious URL that exploits the browser in order to set a foothold inside the end-point computer. Zero-Day is the buzzword today in the security industry, and everyone uses it without necessarily understanding what it really means. It indeed hides a complex world of software architectures, vulnerabilities, and exploits that only a few thoroughly understand. Someone asked me to explain?the topic, again, and when

Read More »

Exploit in the Wild, Caught Red-Handed

Imagine a futuristic security technology that can stop any exploit at the exact moment of exploitation?regardless of the way the exploit was built, its evasion techniques, or any mutation it might have or was possibly imagined to have. This technology is truly agnostic for any form of attack. An attack prevented with its attacker captured and caught red-handed at the exact point in time of the exploit…Sounds dreamy, no? For the guys at the stealth startup Morphisec?it’s a daily reality. So, I decided to convince the team?in the malware analysis lab to share some of their findings from today, and I have?to brag about it a bit:) Exploit Analysis The target software is Adobe Flash and the vulnerability is CVE-2015-0359

Read More »

Time to Re-think Vulnerabilities Disclosure

Public disclosure of vulnerabilities has always bothered me and I wasn’t able to put a finger on the reason until now. As a person who has been involved personally in vulnerabilities disclosure, I am highly appreciative of the contribution security researchers on awareness and it is very hard to imagine what would the world be like without disclosures. Still, the way attacks are being crafted today and their links to such disclosures got me into thinking whether we are doing it in the best way possible. So I twitted this and got a lot of “constructive feedback”:) from the team in the cyber labs at Ben-Gurion of how do I dare? One has to wonder whether the growth in #cyber

Read More »

Most cyber attacks start with an exploit – I know how to make them go away

Yet another new Ransomware with a new sophisticated approach?http://blog.trendmicro.com/trendlabs-security-intelligence/crypvault-new-crypto-ransomware-encrypts-and-quarantines-files/ Pay attention that the key section in the description on the way it operates is “The malware arrives to affected systems via an email attachment.?When users?execute the attached malicious JavaScript file, it will?download four files from its C&C server:” When users execute the JavaScript files it means the JavaScript was loaded into the browser application and exploited the browser in order to get in and then start all the heavy lifting. The browser is vulnerable, software is vulnerable, it’s a given fact of an imperfect world. I know a startup company, called Morphisec which is eliminating those exploits in a very surprising and efficient way.? In general vulnerabilities are considered to

Read More »

No One is Liable for My Stolen Personal Information

The main victims of any data breach are actually the people, the customers, whom their personal information has been stolen and oddly?they don?t get the deserved attention. Questions like what was the impact of the theft on me as a customer, what can I do about it?and whether I deserve some compensation are rarely dealt with publicly. Customers face several key problems when their data was?stolen, questions such as: Was their data stolen at all? Even if there was a breach it is not clear whether my specific data has been stolen. Also, the multitude of places where my personal information resides?makes it impossible?to track whether and where my data has been stolen from. What pieces of information about me

Read More »

Cyber Tech 2015 – It’s a Wrap

It has been a crazy two days at Israel?s Cyber Tech 2015?in a good way! The exhibition hall was split into three sections: the booths of the established companies, the startups pavilion and the Cyber Spark arena. It was like examining an x-ray of the emerging cyber industry in Israel, where on one hand you have the grown-ups whom are the established players, the startups/sprouts seeking opportunities for growth, and an engine which generates such sprouts?the Cyber Spark. I am lucky enough to be part of the Cyber Spark?growth engine which is made up of the most innovative contributors to the cyber industry in Israel?giants like EMC and Deutsche Telekom, alongside Ben-Gurion university and JVP Cyber Labs. The Cyber Spark

Read More »

A Brief History on the Emerging Cyber Capital of the World: Beer-Sheva, Israel

The beginning of the cyber park There are very few occasions in life where you personally experience a convergence of unrelated events that lead to something?something BIG! I am talking about Beer-Sheva, Israel?s desert capital. When I started to work with Deutsche Telekom Innovation Laboratories at Ben-Gurion University 9 years ago it was a cool place to be, though still quite small. Back then, security?which was not yet referred to as cybersecurity?was one of the topics we covered, but definitely not the only one. At that time, we were the first and only activity related to cyber in this great desert. No one knew, or at least I didn’t, that it was going to be a blossoming cyber powerhouse. Actually,

Read More »

Distributed Cyber Warfare

One of the core problems with cybercriminals and attackers is the lack of a clear target. Cyber attacks are digital in nature and as such, they are not tied to specific geography, organization, and or person – finding the traces to the source is non-deterministic and ambiguous. In a way, it reminds me of real-life terrorism as an effective distributed warfare model which is also difficult to mitigate. The known military doctrines always assumed a clear target and in a way, they are not relevant anymore against terrorism. The terrorists are taking advantage of the concept of distributed entities where attacks can hit anything, anytime and can originate from everywhere on the planet using an unknown form of attack. A

Read More »

Taming The Security Weakest Link(s)

Overview The security level of a computerized system is as good as the security level of its weakest links. If one part is secure and tightened properly and other parts are compromised, then your whole system is compromised, and the compromised ones become your weakest links. The weakest link fits well with attackers? mindset which always looks for the least resistant path to their goal. Third parties in computers present an intrinsic security risk for CISOs, and in general, to any person responsible for the overall security of a system. A security risk is one that is overlooked due to a lack of understanding and is not taken into account in an overall risk assessment, except for the mere mention

Read More »

The Emergence of Polymorphic Cyber Defense

Background Attackers are Stronger Now The cyber-world is witnessing a fast-paced digital arms race between attackers and security defense systems, and 2014 showed everyone that attackers have the upper hand in this match.? Attackers are on the rise due to their growing financial interest?motivating a new level of sophisticated attacks that existing defenses are unmatched to combat. The fact that almost everything today is connected to the net and the ever-growing complexity of software and hardware turns everyone and everything into viable targets. For the sake of simplicity, I will focus this post on enterprises as a target for attacks, although the principles described here apply to other domains. The complexity of Enterprise: IT has Reached a Tipping Point In

Read More »

To Disclose or Not to Disclose, That is The Security Researcher Question

Microsoft and Google are?bashing each other on the zero-day exploit in Windows 8.1 that was disclosed by Google last week following a 90 days grace period. Disclosing is a broad term when speaking about vulnerabilities and exploits – you can disclose to the public the fact that there is a vulnerability and then you can disclose how to exploit it with an example source code. There is a big difference between just telling the world about the vulnerability vs. releasing the tool to exploit it and that is the level of risk created by each alternative. In reality, most attacks are based on exploits that have been reported but have not been patched yet. Disclosing the exploit code without a

Read More »

Google Releases Windows 8.1 Exploit Code – After 90 Days Warning to Microsoft

Google Project Zero has debuted with the aim of solving the vulnerabilities problem by identifying zero-day vulnerabilities, notifying the company which owns the software, and giving them 90 days to solve the problem. After 90 days they publish the exploit. And they just did it to Microsoft. I remember quite a while ago when we decided at the cyber labs at Ben-Gurion University to adopt such a policy following our discovery of a vulnerability in Samsung KNOX. The KNOX vulnerability eventually turned into Google’s Android vulnerability with the help of some political juggling between the two companies. We disclosed the exploit to Google on the 17th of Jan 2014 and we got a notice that a patch was ready on

Read More »

Counter Attacks – Random Thoughts

The surging amount of cyber attacks against companies and their dear consequences pushes companies to the edge. Defensive measures can go only so far in terms of effectiveness, assuming they are fully deployed which is also far from being the common case. Companies are too slow to react to this new threat which is caused by a fast-paced acceleration in the level of sophistication of attackers. Today companies are at a weak point. From a CEO perspective, the options available to mitigate this threat are running out especially considering the addition of state-sponsored attacks to the game and the unclear role of the government and their inability to effectively intervene. So what can companies do? Attack back. Attacking the attackers

Read More »

Cutting Down North Korea’s Internet

Could be interesting to understand whether cutting down North Korea from the internet was a defensive measure due to a huge amount of ongoing attacks or was it just a preventive measure. Definitely cutting down the internet has become another weapon in the war chest of the US. The question is now: do other countries have such power of cutting down areas? The net infrastructure should be evaluated for such attack vector.

Read More »

A Tectonic Shift in Superpowers or What Sony Hack Uncovered to Everyone Else

Sony hack has flooded my news feed in recent weeks, everyone talking about how it was done, why, whom to blame, the trails which lead to North Korea, and the politics around it. I?ve been following the story from the first report with an unexplained curiosity and was not sure why since I read about hacks all day long. A word of explanation about my “weird” habit of following hacks continuously, being a CTO of the Ben-Gurion University Cyber Security Labs comes with responsibility, and part of it is staying on top of things:) Later on, the reason for my curiosity became clear to me. As background, to the ones who are deep in the security industry, it is already

Read More »

What does cross platform mean?

Cross-platform is tricky. It seems like a small “technical” buzzword but actually, it is one of the biggest challenges for many technology companies and has different aspects for different people in the organization and outside of it. Developer Point of View It all starts with the fact that applications can potentially be targeted towards different computing devices. To get more people to use your applications you would like it to run on more and more device categories whether it is a different smartphone operating systems or a desktop computer vs. a tablet. I’ve met the term cross-platform in my first job (20 years ago) as a developer after I left the army and that was when we coded an antivirus

Read More »

Consumers to Enterprise – The Investment Rationale Cycle

Today the hottest thing in new startup investments is “enterprise” startups and for someone old like me, it gives a d?javue kind of feeling. It seems investments behave in a cyclical manner where the first field of growth is always in the area of consumer products. In consumer products innovation is only limited by imagination. After a phase of massive investments in the area of “consumers,” there is a stage where a big portion of the portfolios face a roadblock of “how the hell do we monetize this and make a big business out of it”. And then everyone flocks into “enterprise” driven innovation where the money issue is seemingly “solved” and innovation is restricted mostly to the imagination of

Read More »

Every App Needs a Director

Excellent piece from TheNextWeb which meets my belief that apps production is very similar to movies or songs production where the main difference is the fact you can change it after distribution http://thenextweb.com/apple/2013/05/11/the-rise-of-the-app-director/

Read More »

The dark side of Android fragmentation

One of the main problems with Android for app developers contemplating on Android vs. iOs is the fact it is highly fragmented. On iOS you, unconsciously, know that you need only to build one version (Let’s keep the example simple) and it will work on all devices, you know that Apple is doing everything to make sure everyone has the latest version and that there is a decent level of backward compatibility. ?For Android developers things have turned up differently, due to the way Android is “openly” distributed, you can not be rest assured that your app will run the same way or will even run at all on your users’ devices. Different incompatible Android versions, devices with different capabilities,

Read More »

Will voice replace the touch interfaces on mobiles?

Siri apparently has started a revolution, at least public relations wise since voice activation has been around for quite a while but never seemed to be perfect. It seems people like to talk to her and she responds back. Few in the industry have written on the impact the new voice interaction paradigm might create -?Gigaom discusses the potential loss of mobile ad revenues?and Bloomberg reports on?Siri doubling data volumes. Voice indeed seems as a killer interface at first glance since it is more natural to operate once it is working well. Of course, the tolerance for errors is much lower than in touch and it can really drive you mad but it seems that the technological conditions are set

Read More »
Scroll Up