Catalogue Search | MBRL
Are you sure you want to remove the book from the shelf?
{{itemTitle}}
2,251
result(s) for
"Spyware (Computer software)."
Sort by:
Pegasus : how a spy in your pocket threatens the end of privacy, dignity, and democracy
\"Pegasus is widely regarded as the most effective and sought-after cyber-surveillance system on the market. The system's creator, the NSO Group, a private corporation headquartered in Israel, is not shy about proclaiming its ability to thwart terrorists and criminals. \"Thousands of people in Europe owe their lives to hundreds of our company employees,\" NSO's cofounder declared in 2019. This bold assertion may be true, at least in part, but it's by no means the whole story. NSO's Pegasus system has not been limited to catching bad guys. It's also been used to spy on hundreds, and maybe thousands, of innocent people around the world: heads of state, diplomats, human rights defenders, political opponents, and journalists. This spyware is as insidious as it is invasive, capable of infecting a private cell phone without alerting the owner, and of doing its work in the background, in silence, virtually undetectable. Pegasus can track a person's daily movement in real time, gain control of the device's microphones and cameras at will, and capture all videos, photos, emails, texts, and passwords-encrypted or not. This data can be exfiltrated, stored on outside servers, and then leveraged to blackmail, intimidate, and silence the victims. Its full reach is not yet known. \"If they've found a way to hack one iPhone,\" says Edward Snowden, \"they've found a way to hack all iPhones.\" Pegasus is a look inside the monthslong worldwide investigation, triggered by a single spectacular leak of data, and a look at how an international consortium of reporters and editors revealed that cyber intrusion and cyber surveillance are happening with exponentially increasing frequency across the globe, at a scale that astounds. Meticulously reported and masterfully written, Pegasus shines a light on the lives that have been turned upside down by this unprecedented threat and exposes the chilling new ways authoritarian regimes are eroding key pillars of democracy: privacy, freedom of the press, and freedom of speech\"-- Provided by publisher.
Book
Fear Appeals and Information Security Behaviors: An Empirical Study
Information technology executives strive to align the actions of end users with the desired security posture of management and of the firm through persuasive communication. In many cases, some element of fear is incorporated within these communications. However, within the context of computer security and information assurance, it is not yet clear how these fear-inducing arguments, known as fear appeals, will ultimately impact the actions of end users. The purpose of this study is to investigate the influence of fear appeals on the compliance of end users with recommendations to enact specific individual computer security actions toward the mitigation of threats. An examination was performed that culminated in the development and testing of a conceptual model representing an infusion of technology adoption and fear appeal theories. Results of the study suggest that fear appeals do impact end user behavioral intentions to comply with recommended individual acts of security, but the impact is not uniform across all end users. It is determined in part by perceptions of self-efficacy, response efficacy, threat severity, and social influence. The findings of this research contribute to information systems security research, human—computer interaction, and organizational communication by revealing a new paradigm in which IT users form perceptions of the technology, not on the basis of performance gains, but on the basis of utility for threat mitigation.
Journal Article
A smart kid's guide to Internet privacy
Offers kids suggestions on how to protect their identities online and how to avoid those who wish them harm.
Book
Frontline. Global spyware scandal : exposing Pegasus. Part 1
Investigating the powerful spyware Pegasus, sold to governments around the world by the Israeli company NSO Group. Part one of a two-part series with Forbidden Stories into the hacking tool used to spy on journalists, activists, the fiancée of Saudi journalist Jamal Khashoggi and others.
Streaming Video
Frontline. Global spyware scandal : exposing Pegasus. Part 2
Investigating the powerful spyware Pegasus, sold to governments around the world by the Israeli company NSO Group. The conclusion of a two-part series with Forbidden Stories into the hacking tool used to spy on journalists, activists, the fiancée of Saudi journalist Jamal Khashoggi and others.
Streaming Video
Code Injection Attacks in Wireless-Based Internet of Things (IoT): A Comprehensive Review and Practical Implementations
The Internet of Things (IoT) has transformed various domains in our lives by enabling seamless communication and data exchange between interconnected devices, necessitating robust networking infrastructure. This paper presents a comprehensive analysis of code injection attacks in IoT, focusing on the wireless domain. Code injection attacks exploit security weaknesses in applications or software and can have severe consequences, such as data breaches, financial losses, and denial of service. This paper discusses vulnerabilities in IoT systems and examines how wireless frames in state-of-the-art wireless technologies, which serve IoT applications, are exposed to such attacks. To demonstrate the severity of these threats, we introduce a comprehensive framework illustrating code injection attacks in the wireless domain. Several code injection attacks are performed on Wireless Fidelity (Wi-Fi) devices operating on an embedded system commonly used in IoT applications. Our proof of concept reveals that the victims’ devices become further exposed to a full range of cyber-attacks following a successful severe code injection attack. We also demonstrate three scenarios where malicious codes had been detected inside the firmware of wireless devices used in IoT applications by performing reverse engineering techniques. Criticality analysis is conducted for the implemented and demonstrated attacks using Intrusion Modes and Criticality Analysis (IMECA). By understanding the vulnerabilities and potential consequences of code injection attacks on IoT networks and devices, researchers and practitioners can develop more secure IoT systems and better protect against these emerging threats.
Journal Article
Protecting Society from Surveillance Spyware
Government security agencies have had, for decades, a growing interest in and appetite for digital surveillance. At first, only the most well-resourced, such as the US National Security Agency (NSA), could develop sophisticated inhouse capabilities. That started to change shortly after the Arab Spring, when some governments sought out ways to counter digitally empowered civil movements challenging repressive regimes. Thanks to the growing number of surveillance firms, governments around the world--including those lacking domestic technical resources and capabilities of their own--discovered that they could effectively purchase their own \"NSA\" off the shelf. In governments that lack appropriate safeguards over their security agencies or are authoritarian, corrupt, or illiberal, abuses naturally have followed. The industry markets itself as providing governments with the means to investigate serious matters of crime and terrorism, but left unchecked their products have become a convenient tool for undermining public accountability and political opposition, both at home and abroad. Here, Deibert discusses how to protect the society from surveillance spyware.
Journal Article
Digital Forensics for Malware Classification: An Approach for Binary Code to Pixel Vector Transition
The most often reported danger to computer security is malware. Antivirus company AV-Test Institute reports that more than 5 million malware samples are created each day. A malware classification method is frequently required to prioritize these occurrences because security teams cannot address all of that malware at once. Malware’s variety, volume, and sophistication are all growing at an alarming rate. Hackers and attackers routinely design systems that can automatically rearrange and encrypt their code to escape discovery. Traditional machine learning approaches, in which classifiers learn based on a hand-crafted feature vector, are ineffective for classifying malware. Recently, deep convolutional neural networks (CNNs) successfully identified and classified malware. To categorize malware, a smart system has been suggested in this research. A novel model of deep learning is introduced to categorize malware families and multiclassification. The malware file is converted to a grayscale picture, and the image is then classified using a convolutional neural network. To evaluate the performance of our technique, we used a Microsoft malware dataset of 10,000 samples with nine distinct classifications. The findings stood out among the deep learning models with 99.97% accuracy for nine malware types.
Journal Article
CyberSentinel: A Transparent Defense Framework for Malware Detection in High-Stakes Operational Environments
Malware classification is a crucial step in defending against potential malware attacks. Despite the significance of a robust malware classifier, existing approaches reveal notable limitations in achieving high performance in malware classification. This study focuses on image-based malware detection, where malware binaries are transformed into visual representations to leverage image classification techniques. We propose a two-branch deep network designed to capture salient features from these malware images. The proposed network integrates faster asymmetric spatial attention to refine the extracted features of its backbone. Additionally, it incorporates an auxiliary feature branch to learn missing information about malware images. The feasibility of the proposed method has been thoroughly examined and compared with state-of-the-art deep learning-based classification methods. The experimental results demonstrate that the proposed method can surpass its counterparts across various evaluation metrics.
Journal Article
An emerging threat Fileless malware: a survey and research challenges
With the evolution of cybersecurity countermeasures, the threat landscape has also evolved, especially in malware from traditional file-based malware to sophisticated and multifarious fileless malware. Fileless malware does not use traditional executables to carry-out its activities. So, it does not use the file system, thereby evading signature-based detection system. The fileless malware attack is catastrophic for any enterprise because of its persistence, and power to evade any anti-virus solutions. The malware leverages the power of operating systems, trusted tools to accomplish its malicious intent. To analyze such malware, security professionals use forensic tools to trace the attacker, whereas the attacker might use anti-forensics tools to erase their traces. This survey makes a comprehensive analysis of fileless malware and their detection techniques that are available in the literature. We present a process model to handle fileless malware attacks in the incident response process. In the end, the specific research gaps present in the proposed process model are identified, and associated challenges are highlighted.
Journal Article