Apr 192019

Todd Ackerman reports:

MD Anderson Cancer Center is ousting three scientists in connection with concerns China is trying to steal U.S. scientific research, the first such publicly disclosed punishments since federal officials directed some institutions to investigate specific professors in violation of granting agency policies.

MD Anderson took the actions after receiving e-mails last year from the National Institutes of Health, the nation’s largest public funder of biomedical research, describing conflicts of interest or unreported foreign income by five faculty members. The agency, which has been assisted by the FBI, gave the cancer center 30 days to respond.

Read more on The Houston Chronicle.

Apr 172019

Catalin Cimpanu reports:

In a document published today, the European Commission has revealed that they don’t have any actual evidence of Kaspersky software being used for spying on behalf of the Russian government, as the US government alluded in 2017.

The document was the Commission’s reply to a series of questions submitted by Gerolf Annemans, a European Parliament member on behalf of Belgium, in March this year.

Read more on ZDNet.

I cannot say I am surprised by any of this. And because the U.S. government has  significantly damaged the firm and weakened international collaboration on law enforcement goals, I hope other countries remember the U.S.’s failure to support their claims with hard evidence the next time we make claims to allies and partners in law enforcement.


Apr 142019

Seen on Twitter.

[The image shows a “Password Change Sign Up Sheet” where employees can list their current password and the one they’d like it changed to.  After a few employees signed up publicly that way, there’s a yellow post-it on the sheet that says “Come see me — Shawn.”]

In response to the tweet, @TatMum_Blog shared her work experience:

I started an IT training session explaining why never to share passwords. At the end of the session I handed out a quiz, one question asked if your password was memorable and to write it down so I could check it was secure. Everyone did.

Apr 042019

Catalin Cimpanu reports:

A security researcher has published today proof-of-concept code for an unpatched Google Chrome vulnerability.

The security flaw has been fixed in V8, Chrome’s JavaScript engine, but the fix has not yet reached the browser’s stable version –v73– the one used by an estimated over one billion users.

Read more on ZDNet.

Apr 032019

Holly Ober reports:

Fatemah Alharbi breaks things in order to learn how to fix them. Not just any old things. Computer operating systems, to be exact, and she conducted research that earned public gratitude from Apple.

If she doesn’t look like a hacker that’s because she isn’t, really. She’s a doctoral candidate in computer science at the University of California, Riverside with an interest in computer and network security that puts her squarely on the good side, trying to protect your passwords, information, and money.

Her interest in security set Alharbi — a first-generation student who grew up in Saudia Arabia — on an unexpected path to becoming a white hat hacker.

“I hadn’t thought about doing any hacking stuff. I always thought about how I can defeat this attack, how I can overcome this vulnerability,” she said.

Read more on UC Riverside News.