News & Press

Submitted by Cyber Security ... on Tue, 28/10/2014 - 09:22

How to leak sensitive data from an isolated computer (air-gap) to a near by mobile phone - AirHopper

Security researcher Mordechai Guri with the guidance of Prof. Yuval Elovici from the cyber security labs at Ben-Gurion University in Israel presented at the 9th IEEE International Conference on Malicious and Unwanted Software (MALCON 2014), at Puerto Rico, a breakthrough method (“AirHopper) for leaking data from an isolated computer to a mobile phone without the presence of a network. In highly secure facilities the assumption today is that data can not leak outside of an isolated internal network.

Submitted by Cyber Security ... on Tue, 11/03/2014 - 15:20

Mobile Malware Detection through Analysis of Deviations in Application Network Behavior

Recently an exciting research on the topic of malware detection based on mobile networking activities analysis has been accepted to the lucrative Computers & Security journal. The paper was written as part of a project sponsored by Telekom Innovation Labs which dealt with different Android security solutions.

In simple words (though you'll need to get the full version to see all the exciting revelations and achievements) we built a technology which is able to detect malware activity based only on analyzing the network traffic coming out from a mobile handset (Android).

Submitted by Cyber Security ... on Mon, 03/03/2014 - 15:24

Titanium, a Brain-Child of the Cyber Security Research Center @ Ben-Gurion University Won 1 Million$ in JVP's Cyber Competition on RSA Conf.

JVP, Israel's leading VC firm and the largest early-stage cyber-security investor in Israel, announced today that Titanium Core, an innovative startup that protects mission-critical infrastructure, has won JVP's first ever “Cybertition” cyber-security startup competition. Titanium will receive a $1M Investment and a spot in JVP Cyber Labs incubator based in the growing cyber epicenter in Beer-Sheva.

Submitted by Cyber Security ... on Tue, 18/02/2014 - 13:33

Pictures from Cybertech 2014

Here are some nice pictures from our booth at the Cybertech show:

Submitted by Cyber Security ... on Mon, 27/01/2014 - 14:12

Active VPN Bypass on Android KitKat - Disclosure Report

Following our second vulnerability report where we demonstrated an active VPN bypass on Android Jelly Bean 4.3 we have decided to further investigate the existence of the vulnerability on Android KitKat 4.4. At first we could not reproduce it with the original vulnerability code since KitKat has a modified security implementation.

Submitted by Cyber Security ... on Thu, 23/01/2014 - 15:47

Our Professional and Humble Response to Samsung

Three weeks ago on the 23rd of December 2013, a story was published in the Wall Street Journal (WSJ) regarding a vulnerability we uncovered on Samsung KNOX devices. We’ll begin with a little background about the vulnerability.  We found that a malicious app (without ROOT) running in the non-secure area of a KNOX based device (for example, Samsung S4) can affect the network configuration (important settings) of the secure container.

Submitted by Cyber Security ... on Thu, 23/01/2014 - 09:15

We've Got A Twitter Address - @cyberlabsbgu

We've got a new twitter address where you can track our discoveries and other posts on cyber security. Here it is @cyberlabsbgu.


Submitted by Cyber Security ... on Fri, 17/01/2014 - 13:50

In an Unintended Way or The Morale Attacker

Submitted by Cyber Security ... on Fri, 17/01/2014 - 09:32

VPN Related Vulnerability Discovered on an Android device - Disclosure Report

As part of our ongoing mobile security research we have uncovered a network vulnerability on Android devices which has serious implications for users using VPN. This vulnerability enables malicious apps  to bypass active VPN configuration (no ROOT permissions required) and redirect secure data communications to a different network address. These communications are captured in CLEAR TEXT (no encryption), leaving the information completely exposed. This redirection can take place while leaving the user completely oblivious, believing the data is encrypted and secure.

Submitted by Cyber Security ... on Mon, 13/01/2014 - 20:52

Man in the middle attack - not all are created equal!

A man in the middle is a classic attack. If there was a popularity contest for attacks I would bet that MitM (Man-in-the-middle) would score one of the top three! To our readers who don't know how it works then it is basically a setup of two endpoints that communicate with each other (i,e, client server) and someone or something seats somewhere in between and starts eavesdropping and maybe even changing the communications on the go.

Here is a nice illustration: