Hello. My name is Dudu Mimran and I write about advanced tech in the worlds of cyber security, machine learning, and startups. More information on my professional journey is available on Linkedin.
If I had to single out an individual development that elevated the sophistication of cybercrime by order of magnitude, it would be sharing. Codesharing, vulnerabilities sharing, knowledge sharing, stolen passwords, and anything else one can think of. Attackers that once worked in silos, in essence competing, have discovered and fully
Until AI is intelligent enough to replace humans in complex tasks there will be an interim stage, and that is the era of human brain rental. People have diverse intelligence capabilities, and many times these are not optimally exploited due to living circumstances. Other people and corporations which know how
Background The DARPA Cyber Grand Challenge (CGC) 2016 competition has captured the imagination of many with its AI challenge. In a nutshell, it is a contest where seven highly capable computers compete, and a team owns each computer. Each group creates a piece of software that can autonomously identify flaws
Chatbots are everywhere. It feels like the early days of mobile apps where you either knew someone who is building an app or many others planning to do so. Chatbots have their magic. It’s a frictionless interface allowing you to chat with someone naturally. The main difference is that on
Smartphones will soon become the target of choice for cyber attackers—making cyber warfare a personal matter. The emergence of mobile threats is nothing new, though until now, it has mainly been a phase of testing the waters and building an arms arsenal. Evil-doers are always on the lookout for weaknesses—the
Targeted attacks take many forms, though there is one common tactic most of them share: Exploitation. To achieve their goal, they need to penetrate different systems on-the-go. The way this is done is by exploiting unpatched or unknown vulnerabilities. More common forms of exploitation happen via a malicious document that
Imagine a futuristic security technology that can stop any exploit at the exact moment of exploitation—regardless of the way the exploit was built, its evasion techniques, or any mutation it might have or was possibly imagined to have. This technology is truly agnostic for any form of attack. An attack
Public disclosure of vulnerabilities has always bothered me and I wasn’t able to put a finger on the reason until now. As a person who has been involved personally in vulnerabilities disclosure, I am highly appreciative of the contribution security researchers on awareness and it is very hard to imagine
Yet another new Ransomware with a new sophisticated approach http://blog.trendmicro.com/trendlabs-security-intelligence/crypvault-new-crypto-ransomware-encrypts-and-quarantines-files/ Pay attention that the key section in the description on the way it operates is “The malware arrives to affected systems via an email attachment. When users execute the attached malicious JavaScript file, it will download four files from its C&C server:” When users
The main victims of any data breach are actually the people, the customers, whom their personal information has been stolen and oddly they don’t get the deserved attention. Questions like what was the impact of the theft on me as a customer, what can I do about it and whether I deserve
It has been a crazy two days at Israel’s Cyber Tech 2015…in a good way! The exhibition hall was split into three sections: the booths of the established companies, the startups pavilion and the Cyber Spark arena. It was like examining an x-ray of the emerging cyber industry in Israel,
The beginning of the cyber park There are very few occasions in life where you personally experience a convergence of unrelated events that lead to something…something BIG! I am talking about Beer-Sheva, Israel’s desert capital. When I started to work with Deutsche Telekom Innovation Laboratories at Ben-Gurion University 9 years
One of the core problems with cybercriminals and attackers is the lack of a clear target. Cyber attacks are digital in nature and as such, they are not tied to specific geography, organization, and or person – finding the traces to the source is non-deterministic and ambiguous. In a way,
Overview The security level of a computerized system is as good as the security level of its weakest links. If one part is secure and tightened properly and other parts are compromised, then your whole system is compromised, and the compromised ones become your weakest links. The weakest link fits
Background Attackers are Stronger Now The cyber-world is witnessing a fast-paced digital arms race between attackers and security defense systems, and 2014 showed everyone that attackers have the upper hand in this match. Attackers are on the rise due to their growing financial interest—motivating a new level of sophisticated attacks
Microsoft and Google are bashing each other on the zero-day exploit in Windows 8.1 that was disclosed by Google last week following a 90 days grace period. Disclosing is a broad term when speaking about vulnerabilities and exploits – you can disclose to the public the fact that there is a
Google Project Zero has debuted with the aim of solving the vulnerabilities problem by identifying zero-day vulnerabilities, notifying the company which owns the software, and giving them 90 days to solve the problem. After 90 days they publish the exploit. And they just did it to Microsoft. I remember quite
The surging amount of cyber attacks against companies and their dear consequences pushes companies to the edge. Defensive measures can go only so far in terms of effectiveness, assuming they are fully deployed which is also far from being the common case. Companies are too slow to react to this
Could be interesting to understand whether cutting down North Korea from the internet was a defensive measure due to a huge amount of ongoing attacks or was it just a preventive measure. Definitely cutting down the internet has become another weapon in the war chest of the US. The question
Sony hack has flooded my news feed in recent weeks, everyone talking about how it was done, why, whom to blame, the trails which lead to North Korea, and the politics around it. I’ve been following the story from the first report with an unexplained curiosity and was not sure
Cross-platform is tricky. It seems like a small “technical” buzzword but actually, it is one of the biggest challenges for many technology companies and has different aspects for different people in the organization and outside of it. Developer Point of View It all starts with the fact that applications can
Today the hottest thing in new startup investments is “enterprise” startups and for someone old like me, it gives a déjavue kind of feeling. It seems investments behave in a cyclical manner where the first field of growth is always in the area of consumer products. In consumer products innovation
Excellent piece from TheNextWeb which meets my belief that apps production is very similar to movies or songs production where the main difference is the fact you can change it after distribution http://thenextweb.com/apple/2013/05/11/the-rise-of-the-app-director/
One of the main problems with Android for app developers contemplating on Android vs. iOs is the fact it is highly fragmented. On iOS you, unconsciously, know that you need only to build one version (Let’s keep the example simple) and it will work on all devices, you know that
Siri apparently has started a revolution, at least public relations wise since voice activation has been around for quite a while but never seemed to be perfect. It seems people like to talk to her and she responds back. Few in the industry have written on the impact the new