Ethical Hacking Stories — Denial-of-Service to BiciMAD Bikes

 9 days ago

Cover picture for the articleA vulnerability in the public bike rental service in Madrid allowed an attacker to book all the available bikes. In 2014, Madrid city made a great commitment to mobility deploying its own bicycle rental service called BiciMAD. This story will show you how I found a vulnerability in the BiciMAD...

Explore cybersecurity and ethical hacking with 18 top-rated courses

With so much personal information stored in the cloud, any data breach can be very serious. In order to find potential weaknesses before they can be exploited, many companies turn to ethical hackers. These cybersecurity experts copy the techniques used by cybercriminals to simulate attacks. It’s an exciting and well-paid...
Are There Any Ethical Issues In Cybersecurity?

For our February Explore Programme we heard from a number of STEMazing cybersecurity professionals on how we can keep ourselves, and those around us, safe online. For this session, we were joined by Amy and Patrick from GCHQ. All cybersecurity professionals work within the boundaries of the law. But, is...
LEOMO Launches Remote Bike-Fitting Service in Europe

BRAIN does not edit, endorse, or fact check these press releases. They are posted as a service to our readers and supporters. Contact us to submit a press release or if you find a posting objectionable. This affordable, easy-to-use service utilizes LEOMO’s wearable motion analysis technology to collect data of...
Telephony Denial of Service attacks against 911 call centers.

Telephony Denial of Service attacks against 911 call centers. Please reference the below resources for further explanation of Telephony Denial of Service (TDoS) attacks. In short, they are an automated or coordinated manual attack against 911 infrastructure designed to flood call centers’ voice lines, rendering them unable to respond to or make legitimate calls.
Regular Expression Denial of Service (ReDoS)

Org.webjars.npm:normalize-url is a Normalize a URL. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) due to exponential performance in data URLs. Details. Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its original and legitimate users....
Ransomware and hacking

The problem with hacking and ransomware is that they are a constant threat, but unlike any other, more traditional threat, like fire or theft or sabotage, they are unseen and largely undetectable – and vastly more invasive threats than any of us have ever seen before. To face traditional threats,...
The biggest trends in digital ethics

This article will explore the biggest trends that are occurring in digital ethics, as technologies continue to play major roles in people's lives. As digital technologies become more sophisticated, intuitive and powerful, their growing impact on society brings the pressing issue of ethics. From corporations such as Facebook, Amazon and Apple being summoned to US congress for anti-competition allegations, to the spread of misinformation and bullying online, there is a need for a rethink about how big tech should be regulated, and how tech can provide a more ethical future.
Navigating the bumpy road to ethical AI

AI is everywhere and the potential is incredible, but as the saying goes, with great power comes great responsibility. Unfortunately, the likes of Uber’s “God” mode or Deliveroo’s rider “Hunger Games” with its now deemed discriminatory algorithm, have both become infamous examples of what not to do. Across all sectors,...
How to ethically conduct pen testing for social engineering | #emailsecurity

Companies are under constant attack from malicious actors seeking to exfiltrate critical business data. One popular attack vector is social engineering, which a recent report claimed plays a part in all cyber attacks. Many companies conduct penetration tests to ensure software and networks are secure but should also use pen...
Ethically Made Denim Skirts

The latest ETICA denim skirts are designed with low environmental impact techniques and materials. By using sustainable materials, the ethically aware fashion brand aims to increase recyclability and renewability for its products in order to contribute to a circular economy. The new ETICA denim skirts come in three styles: Juliette,...
The Contestation of Tech Ethics: A Sociotechnical Approach to Ethics and Technology in Action

Recent controversies related to topics such as fake news, privacy, and algorithmic bias have prompted increased public scrutiny of digital technologies and soul-searching among many of the people associated with their development. In response, the tech industry, academia, civil society, and governments have rapidly increased their attention to "ethics" in the design and use of digital technologies ("tech ethics"). Yet almost as quickly as ethics discourse has proliferated across the world of digital technologies, the limitations of these approaches have also become apparent: tech ethics is vague and toothless, is subsumed into corporate logics and incentives, and has a myopic focus on individual engineers and technology design rather than on the structures and cultures of technology production. As a result of these limitations, many have grown skeptical of tech ethics and its proponents, charging them with "ethics-washing": promoting ethics research and discourse to defuse criticism and government regulation without committing to ethical behavior. By looking at how ethics has been taken up in both science and business in superficial and depoliticizing ways, I recast tech ethics as a terrain of contestation where the central fault line is not whether it is desirable to be ethical, but what "ethics" entails and who gets to define it. This framing highlights the significant limits of current approaches to tech ethics and the importance of studying the formulation and real-world effects of tech ethics. In order to identify and develop more rigorous strategies for reforming digital technologies and the social relations that they mediate, I describe a sociotechnical approach to tech ethics, one that reflexively applies many of tech ethics' own lessons regarding digital technologies to tech ethics itself.
Piercing the Veil: Designs to Support Information Literacy on Social Platforms

In this position paper we approach problems concerning critical digital and information literacy with ideas to provide more digestible explanations of abstract concepts through interface design. In particular, we focus on social media platforms where we see the possibility of counteracting the spread of misinformation by providing users with more proficiency through our approaches. We argue that the omnipresent trend to abstract away and hide information from users via UI/UX design opposes their ability to self-learn. This leads us to propose a different framework in which we unify elegant and simple interfaces with nudges that promote a look behind the curtain. Such designs serve to foster a deeper understanding of employed technologies and aim to increase the critical assessment of content encountered on social platforms. Furthermore, we consider users with an intermediary skill level to be largely ignored in current approaches, as they are given no tools to broaden their knowledge without consultation of expert material. The resulting stagnation is exemplified by the tactics of misinformation campaigns, which exploit the ensuing lack of information literacy and critical thinking. We propose an approach to design that sufficiently emancipates users in both aspects by promoting a look behind the abstraction of UI/UX so that an autonomous learning process is given the chance to occur. Furthermore, we name ideas for future research within this area that take our considerations into account.
NASA Seeks Public Input On Something That The Public Cannot See

Name of Information Collection: NASA Serves the Public To Inspire Reach-Out and Engage (NSPIREHub), NASA via Federal Register. "The NASA Serves the Public to Inspire Reach-Out and Engage (NSPIREHub) is a one-stop, web-based volunteer management system that streamlines communications, recruitment and marketing and enhances reporting and management of official outreach events. The NSPIREHub engages, informs and inspires current docents, employees (civil servants and contractors), interns and qualified members of the general public to share NASA's advancements, challenges and contributions through participation in official outreach (i.e., launch support, special events support activities, etc.).
Real or Fake? When Your Fraud Notice Looks Like a Phish

I recently received an email indicating my credit card number had potentially been stolen and used for fraud. At this point, I am used to both having my credit card number stolen and receiving messages telling me it’s been stolen when it has not. My attempt to determine whether I was a victim of fraud or the target of a phishing attack may help shed some light on how marketing, fraud prevention, and anyone else who sends an automated corporate email can do better.
4 Social Engineering Cyber-Security Scams to Be Aware of

Here are four common social engineering scams, what to do when you’re targeted and how you can avoid these scams. According to a 2021 report by PurpleSec, the vast majority (98%) of today’s cyberattacks involve some form of social engineering. Hackers who carry out these types of scams often pose as a known and trusted source to their victims, such as a boss, coworker, friend, relative or a legitimate institution such as a bank or the IRS. They then exploit that trust to dupe victims into fulfilling a fraudulent request for sensitive information or money.
Bike team traveling across the country to raise money for cancer research while telling patients' stories

UTICA, N.Y. -- The Illini 4000 Bike America Team is making its way across the country to raise money for cancer research and patient services through The Portraits Project. This is the 14th annual tour across the country in support of the project. The team collects ‘portraits’ of cancer patients, survivors and caregivers from around the nation and posts the videos online to show real-life stories about the impact of cancer.
Monaco launches mobility-as-a-service application for buses, e-bikes and parking

Monaco has collaborated with urban mobility technology company Flowbird to deploy the Monapass, a mobility-as-a-service (MaaS) application for users, tourists, and commuters. The principality is fully committed to digital transformation through its Extended Monaco programme and has launched the Monapass application and Flowbird’s Open Payments system in partnership with Monaco City Hall and Compagnie des Autobus de Monaco (Cam).