News & Press

Submitted by Cyber Security ... on Thu, 23/01/2014 - 15:47

Our Professional and Humble Response to Samsung

Three weeks ago on the 23rd of December 2013, a story was published in the Wall Street Journal (WSJ) regarding a vulnerability we uncovered on Samsung KNOX devices. We’ll begin with a little background about the vulnerability.  We found that a malicious app (without ROOT) running in the non-secure area of a KNOX based device (for example, Samsung S4) can affect the network configuration (important settings) of the secure container.

Submitted by Cyber Security ... on Thu, 23/01/2014 - 09:15

We've Got A Twitter Address - @cyberlabsbgu

We've got a new twitter address where you can track our discoveries and other posts on cyber security. Here it is @cyberlabsbgu.

 

Submitted by Cyber Security ... on Fri, 17/01/2014 - 13:50

In an Unintended Way or The Morale Attacker

Submitted by Cyber Security ... on Fri, 17/01/2014 - 09:32

VPN Related Vulnerability Discovered on an Android device - Disclosure Report

As part of our ongoing mobile security research we have uncovered a network vulnerability on Android devices which has serious implications for users using VPN. This vulnerability enables malicious apps  to bypass active VPN configuration (no ROOT permissions required) and redirect secure data communications to a different network address. These communications are captured in CLEAR TEXT (no encryption), leaving the information completely exposed. This redirection can take place while leaving the user completely oblivious, believing the data is encrypted and secure.

Submitted by Cyber Security ... on Mon, 13/01/2014 - 20:52

Man in the middle attack - not all are created equal!

A man in the middle is a classic attack. If there was a popularity contest for attacks I would bet that MitM (Man-in-the-middle) would score one of the top three! To our readers who don't know how it works then it is basically a setup of two endpoints that communicate with each other (i,e, client server) and someone or something seats somewhere in between and starts eavesdropping and maybe even changing the communications on the go.

Here is a nice illustration:

Submitted by Cyber Security ... on Mon, 13/01/2014 - 19:28

About Us in Pictures

The Cyber Security Research Center @ Ben-Gurion University is a new institution and such we are in the phase of defining our goals, core competences and performance indicators.

 

Our Goals

Tags: 

Submitted by Cyber Security ... on Mon, 13/01/2014 - 17:32

Our Disclosure Policy - A Responsible One!

During our work we naturally encounter vulnerabilities and security related issues which present an immediate risk to specific organizations and/or the public. Deciding what to do with a vulnerability is not an easy decision since from the moment you know about it in a way you share the responsibility on might happen to the people that may be affected by it.

 

Today in the world there are several approaches, here is a brief summary on them:

Submitted by Cyber Security ... on Mon, 13/01/2014 - 16:35

Cybertech - Cyber Security Conference - Israel 2014

Israel Defense, Prime Minister's Office National Cyber Bureau, Kenes Exhibitions, and Ben-Gurion University of the Negev are pleased to invite you to the International Exhibition & Conference for Cyber Solutions, which will bring together leading multi-national companies, over a hundred start-ups, private and corporate investors, venture capital firms, experts, clients and many more. The event will take place on Janurary 27-28.
 

Submitted by Cyber Security ... on Mon, 13/01/2014 - 09:17

Welcome To The Blog of The Cyber Security Labs of Ben Gurion University of the Negev in Israel

Welcome to our new shiny blog! The cyber security labs of Ben Gurion university is located in Beer Sheva, the capital of the Negev which is the southern part of Israel and it was founded three months ago. Just to be clear, starting 3 months ago does not mean we are newbies.

Pages