source: digitaltrends.com

 

With the exception of being the projectile for some kickass rubber band guns, rubber bands aren’t really items that come up too often when you’re talking about cutting-edge tech. That could be about to change, though, courtesy of some futuristic new rubber bands that are hopefully soon to arrive on the market. Manufactured by Alliance Rubber Co., a company headquartered in Hot Springs, Arkansas, the next generation rubber bands are 200x stronger than steel — all thanks to the wonder material graphene.

“Graphene is an incredible material,” Jason Risner, director of business strategy for Alliance, told Digital Trends. “It’s essentially an extremely thin sheet of carbon atoms arranged in a two-dimensional hexagonal lattice. This unique structure gives it almost unbelievable strength, which puts even the strongest of steels to shame. It’s considered the strongest material on Earth. It is exciting to experiment with how this material interacts with rubber, and to determine exactly how this super-material could be used in our products to produce attributes never seen before in rubber elastomers.”

The bands themselves aren’t made out of graphene, but rather graphene-infused rubber. Working with researchers at the United Kingdom’s University of Sussex, Alliance is currently carrying out R&D to establish the exact perfect ratio of graphene to rubber. Figuring this out will allow for the creation of rubber bands that retain their elasticity, while gaining massive amounts of durability.

 

“Graphene-infused rubber bands might sound like a small niche, but there’s actually plenty of potential applications beyond the potential for ultra-durability,” Risner said. “From inexpensive medical bracelets that can sense motion, such as breathing, pulse and joint movement, to color changing bands based on time or temperature for produce packaging, to anti-static bands that protect electronics during shipping, to invisible bar coding.”

Other than working out the graphene-to-rubber ratio for the bands, another big bottleneck is the fact that graphene is not currently available in commercial quantities. However, this is a problem that a number of researchers are working hard to solve. With their help, hopefully we’re not too far away from living in a Utopian world in which rubber bands snapping on our fingers are a thing of the past.

Forget flying cars; that’s the future we want to live in!

 

 

 source:securityintelligence.com

 

Security researchers discovered a vulnerability that could enable cybercriminals to change the content of an email after it has been sent and dupe users into clicking on malicious URLs.

A report from security firm Mimecastoutlined two possible cyberattacks involving the flaw, dubbed ROPEMAKER. The underlying approach is based on sending cascading style sheet (CSS)-laden HTML messages with files from the attacker’s server, rather than embedding the CSS code directly.

How the Vulnerability Works

Once a target victim receives the message, threat actors can use the ROPEMAKER exploit to hide a benign URL and replace it with one that links directly to malware. Another approach, called a matrix exploit, could change characters within the ASCII text of the HTML email into a malicious link.

As Infosecurity Magazine pointed out, it would be too late for most security scanning systems to catch the threat actors, since the email messages would have already been accepted.

ROPEMAKER is a good example of how tools such as CSS can be used to affect not only the way an email looks, but what actually appears inside it. According to SC Magazine, the technology operates in a dangerous area because threat actors can operate remotely even though they’re linked to a particular network. For the most part, it’s helpful to be able to fetch resources this way, but not if it exposes an organization to cyberattacks.

No Cases of ROPEMAKER in the Wild

So far, there are no reports of ROPEMAKER being used in actual cyberattacks, reported Threatpost. The exploit is also limited primarily to PC and mobile versions of programs such as Microsoft Outlook, as opposed to online email clients such as Gmail. Microsoft and Apple have been made aware of the issue but have not deemed it a serious threat to IT security.

Mimecast admitted that the matrix approach might make email messages large enough to be detected. According to Bleeping Computer, it would be fairly straightforward to prohibit remote loading of CSS resources by system administrators. Still, it’s always useful to know where potential cyberattacks are, especially in the inboxes we use every single day.

 source: thecipherbrief.com

 

On July 5, Thai police arrested a man in Bangkok named Alexandre Cazes, a 26-year-old Canadian, for running an expansive online criminal bazaar called AlphaBay. Previously only known to law enforcement by his online moniker DeSnake, Cazes reportedly made the mistake of using his personal Hotmail email address to communicate with users who had forgotten their login passwords, revealing his real identity to police. Cazes was arrested on behalf of U.S. authorities under charges relating to narcotics distribution, identity theft, money laundering, and other crimes. A week after his arrest, he was found dead in what was reported as a suicide, hanging in his cell at the Thai Narcotics Suppression Bureau while awaiting extradition to the U.S.

At the time of his arrest, Thai police seized his open laptop that was already logged into the server hosting the AlphaBay website – giving authorities control over the site as well as access to a ledger of Cazes’ assets totaling some $23 million.

According to the July 20 announcement by the U.S. Department of Justice, AlphaBay, which was created in 2014, boasted some 200,000 users, 40,000 different vendors for roughly 250,000 toxic chemicals and illegal drugs, including opioids, 100,000 listings of stolen and fraudulent identification documents, as well as counterfeit goods, hacking toolkits, firearms and other illicit commodities. With the site hosting an estimated $600,000 to $800,000 a day in transactions, AlphaBay was comparatively 10 times the size of the reported $1.2 billion Silk Road online illicit marketplace, which was seized in November 2013 with some 14,000 listings for illicit goods and services – the largest so-called darknet marketplace at the time.

 source:  fifthdomain.com

 

A successful cyberattack on the nation’s critical infrastructure has long been considered a looming and catastrophic threat. It’s not difficult to imagine what such an attack would look like given Ukraine has served as a test case of sorts following an attack on its grid, which has been attributed to Russian cyber actors.

A draft report by the U.S. president’s National Infrastructure Advisory Council, or NAIC, assesses that: “The time to act is now. As a Nation, we need to move past simply studying our cybersecurity challenges and begin taking meaningful steps to improve our cybersecurity to prevent a major debilitating cyber attack.”

The report, “Securing Cyber Assets, Addressing Urgent Cyber Threats to Critical Infrastructure,” offers nearly a dozen recommendations for key government stakeholders to prevent “a watershed, 9/11-level cyber attack.

They include the establishment of a separate, secure communications network for the most critical networks; a private sector-led pilot of machine-to-machine information sharing technologies; strengthening the capabilities of the cyber workforce; and establishment of protocols to declassify cyberthreat information to be shared with infrastructure owners and operators.

The NIAC, which is made up of senior executives from industry as well as state and local government that own the critical infrastructure, noted in its draft report that a review of hundreds of studies and interviews “revealed an echo chamber, loudly reverberating what needs to be done to secure critical U.S. infrastructure against aggressive and targeted cyber attacks.”

Among key stakeholders, the report listed the Department of Energy, the Department of Homeland Security, the Office of the Director of National Intelligence, the Strategic Infrastructure Coordinating Council, the National Security Council and Congress.

Despite several government stakeholders listed, a common refrain when discussing critical infrastructure is that the majority of it is owned and operated by the private sector.

“Cyber is the sole arena where private companies are the front line of defense in a nation-state attack on U.S. infrastructure,” the report said. “When a cyber attack can deliver the same damage or consequences as a kinetic attack, it requires national leadership and close coordination of our collective resources, capabilities, and authorities.”