Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

8/31/2020
12:05 PM
50%
50%

UVA Researcher Charged with Computer Intrusion & Trade Secret Theft

Chinese national Haizhou Hu was researching bio-mimics and fluid dynamics at the University of Virginia.

A University of Virginia (UVA) researcher has been arrested and charged with a criminal complaint for accessing a computer without authorization, or exceeding authorization to obtain data from a protected computer, as well as theft of trade secrets, the Department of Justice reported late last week.

Related Content:

Higher Education CISOs Share COVID-19 Response Stories

Russian National Arrested for Conspiracy to Hack Nevada Company

Chinese national Haizhou Hu, who was researching bio-mimics and fluid dynamics at UVA, attempted to board a flight to China on Aug. 25. A routine screening at Chicago's O'Hare International Airport revealed Hu was allegedly in possession of "bio-inspired research simulation software code" that he was not authorized to have. He was arrested a few days later.

The code was the product of years of research and development resources from members of UVA's academic community, officials report. 

Read the full release for more details.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RichardM23501
50%
50%
RichardM23501,
User Rank: Apprentice
9/1/2020 | 1:48:07 PM
IT doesn't take a genius...
They come to top schools for a reason. enough is enough.
When It Comes To Security Tools, More Isn't More
Lamont Orange, Chief Information Security Officer at Netskope,  1/11/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23836
PUBLISHED: 2021-01-15
An issue was discovered in flatCore before 2.0.0 build 139. A stored XSS vulnerability was identified in the prefs_smtp_psw HTTP request body parameter for the acp interface. An admin user can inject malicious client-side script into the affected parameter without any form of input sanitization. The...
CVE-2021-23837
PUBLISHED: 2021-01-15
An issue was discovered in flatCore before 2.0.0 build 139. A time-based blind SQL injection was identified in the selected_folder HTTP request body parameter for the acp interface. The affected parameter (which retrieves the file contents of the specified folder) was found to be accepting malicious...
CVE-2021-23838
PUBLISHED: 2021-01-15
An issue was discovered in flatCore before 2.0.0 build 139. A reflected XSS vulnerability was identified in the media_filter HTTP request body parameter for the acp interface. The affected parameter accepts malicious client-side script without proper input sanitization. For example, a malicious user...
CVE-2020-35581
PUBLISHED: 2021-01-15
A stored cross-site scripting (XSS) issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code via a POST /wp-admin/admin-ajax.php request with the meta[title] parameter.
CVE-2020-35582
PUBLISHED: 2021-01-15
A stored cross-site scripting (XSS) issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code via a POST /wp-admin/post.php request with the post_title parameter.