An unusual case of cryoglobulinemic purpura in elderly patient

Cryoglobulinemia is associated with infections, in particular chronic hepatitis C, autoimmune diseases, and lymphoproliferative disorders. Its frequency seems to be higher than is commonly considered, even in elderly patients.We describe the case of an elderly patient with diabetes, nephroangiosclerosis and purpura who presented marked and persistent increase in rheumatoid factor, hypocomplementemia and cryoglobulinemia with nephrotic disagreement unrelated to HCV. A thirteen‑month follow‑up showed neither immunorheumatologic nor neoplastic disorders. In literature, associations with hepatic pseudocyst is not described and a lack of association with HCV is very rare. Therefore, the hypothesis of “essential” mixed cryoglobulinemia (EMC) associated with nephrotic syndrome was formulated. Renal disease associated with EMC (unrelated to HCV) is characterized by the high prevalence of primary Sjögren syndrome and overt B‑cell non‑Hodgkin’s lymphoma for which repetitive clinical evaluation is necessary

Polymyositis, Dermatomyositis, and Statins: A Review

BACKGROUND: Statins are a well-recognized cause of a variety of skeletal myopathic effects, which generally resolve when discontinuing the treatment. Among autoimmune manifestations associated with statins, there are typical polymyositis (PM) and typical dermatomyositis (DM). OBJECTIVE: To perform a review on published case reports and case series about statin-associated PM and DM. METHODS: This literature comprehensive search was conducted mainly on PubMed, but also congress abstracts and university websites were considered. Given the paucity of cases, the search was extended to include articles in all languages with English abstract. RESULTS: Twenty-eight PM and 30 DM cases have been described with prevalence in female (64%) and senile age. The drugs most frequently involved were atorvastatin and simvastatin. The differential diagnosis should be made among the main myositis subtypes: immuno-mediated necrotizing myopathy (IMNM), inclusion body myositis (IBM), and overlap syndrome with myositis (OM), including anti-synthetase syndrome (ASS). CONCLUSIONS: Even though the onset of polymyositis or dermatomyositis is a rare phenomenon, it is advisable to consider their presence in patients taking statins and with a non-reversible elevation of creatine phosphokinase

Statins and Immune-Mediated Necrotizing Myopathy

Statins are a well-recognized cause of a variety of skeletal myopathic effects, which generally resolve when discontinuing the treatment. Among autoimmune manifestations associated with statins, there is immune-mediated necrotizing myopathy (IMNM). The present article summarizes the main features of statin-related IMNM, describing diagnosis, classification, epidemiology, treatment, and the main autoantibodies detected. Statins are a well-recognized cause of a variety of skeletal myopathic effects, which generally resolve when discontinuing the treatment. Among autoimmune manifestations associated with statins, there is immune-mediated necrotizing myopathy (IMNM). The present article summarizes the main features of statin-related IMNM, describing diagnosis, classification, epidemiology, treatment, and the main autoantibodies detected. Although it is impossible to define the precise number, it evident that more than 550 statin-related IMNM cases have been described in the literature. Among IMNM, two forms must be distinguished: with anti-3-hydroxy-3-methylglutaryl-coenzyme A reductase (HMGCR) and with anti-signal recognition particle (SRP) antibodies. The differential diagnosis should be made between the IMNM and self-limited statin-related myopathy, drug-induced rhabdomyolysis, and nonautoimmune myopathies. Patients who have failed to normalize high creatine phosphokinase (CPK) after statin withdrawal should be tested for anti-HMGCR antibodies and, if these are positive, undergo muscle biopsy to confirm the diagnosis of IMNM. Pharmacological therapy of IMNM, not yet based on evidence, involves the use of high-dose corticosteroids, immunosuppressant drugs used alone or in combination, intravenous immunoglobulins (IVIg) or plasmapheresis

A Survey on Industrial Control System Testbeds and Datasets for Security Research

The increasing digitization and interconnection of legacy Industrial Control Systems (ICSs) open new vulnerability surfaces, exposing such systems to malicious attackers. Furthermore, since ICSs are often employed in critical infrastructures (e.g., nuclear plants) and manufacturing companies (e.g., chemical industries), attacks can lead to devastating physical damages. In dealing with this security requirement, the research community focuses on developing new security mechanisms such as Intrusion Detection Systems (IDSs), facilitated by leveraging modern machine learning techniques. However, these algorithms require a testing platform and a considerable amount of data to be trained and tested accurately. To satisfy this prerequisite, Academia, Industry, and Government are increasingly proposing testbed (i.e., scaled-down versions of ICSs or simulations) to test the performances of the IDSs. Furthermore, to enable researchers to cross-validate security systems (e.g., security-by-design concepts or anomaly detectors), several datasets have been collected from testbeds and shared with the community. In this paper, we provide a deep and comprehensive overview of ICSs, presenting the architecture design, the employed devices, and the security protocols implemented. We then collect, compare, and describe testbeds and datasets in the literature, highlighting key challenges and design guidelines to keep in mind in the design phases. Furthermore, we enrich our work by reporting the best performing IDS algorithms tested on every dataset to create a baseline in state of the art for this field. Finally, driven by knowledge accumulated during this survey's development, we report advice and good practices on the development, the choice, and the utilization of testbeds, datasets, and IDSs

EVScout2.0: Electric Vehicle Profiling Through Charging Profile

EVs (Electric Vehicles) represent a green alternative to traditional fuel-powered vehicles. To enforce their widespread use, both the technical development and the security of users shall be guaranteed. Privacy of users represents one of the possible threats impairing EVs adoption. In particular, recent works showed the feasibility of identifying EVs based on the current exchanged during the charging phase. In fact, while the resource negotiation phase runs over secure communication protocols, the signal exchanged during the actual charging contains features peculiar to each EV. A suitable feature extractor can hence associate such features to each EV, in what is commonly known as profiling. In this paper, we propose EVScout2.0, an extended and improved version of our previously proposed framework to profile EVs based on their charging behavior. By exploiting the current and pilot signals exchanged during the charging phase, our scheme is able to extract features peculiar for each EV, allowing hence for their profiling. We implemented and tested EVScout2.0 over a set of real-world measurements considering over 7500 charging sessions from a total of 137 EVs. In particular, numerical results show the superiority of EVScout2.0 with respect to the previous version. EVScout2.0 can profile EVs, attaining a maximum of 0.88 recall and 0.88 precision. To the best of the authors' knowledge, these results set a new benchmark for upcoming privacy research for large datasets of EVs

Hyperloop: A Cybersecurity Perspective

Hyperloop is among the most prominent future transportation systems. First introduced by Elon Musk, Hyperloop concept involves novel technologies to allow traveling at a maximum speed of 1220km/h, while guaranteeing sustainability. Due to the system's performance requirements and the critical infrastructure it represents, its safety and security need to be carefully considered. In cyber-physical systems, cyberattacks could lead to safety issues with catastrophic consequences, both on the population and the surrounding environment. Therefore, the cybersecurity of all the components and links in Hyperloop represents a fundamental challenge. To this day, no research investigated the cyber security of the technology used for Hyperloop. In this paper, we propose the first analysis of the cybersecurity challenges raised by Hyperloop technology. We base our analysis on the related works on Hyperloop, distilling the common features which will be likely to be present in the system. Furthermore, we provide an analysis of possible directions on the Hyperloop infrastructure management, together with their security concerns. Finally, we discuss possible countermeasures and future directions for the security of the future Hyperloop design.Comment: 9 pages, 4 figures, 1 tabl

Assessing the Use of Insecure ICS Protocols via IXP Network Traffic Analysis

Modern Industrial Control Systems (ICSs) allow remote communication through the Internet using industrial protocols that were not designed to work with external networks. To understand security issues related to this practice, prior work usually relies on active scans by researchers or services such as Shodan. While such scans can identify publicly open ports, they cannot identify legitimate use of insecure industrial traffic. In particular, source-based filtering in Network Address Translation or Firewalls prevent detection by active scanning, but do not ensure that insecure communication is not manipulated in transit. In this work, we compare Shodan-only analysis with large- scale traffic analysis at a local Internet Exchange Point (IXP), based on sFlow sampling. This setup allows us to identify ICS endpoints actually exchanging industrial traffic over the Internet. Besides, we are able to detect scanning activities and what other type of traffic is exchanged by the systems (i.e., IT traffic). We find that Shodan only listed less than 2% of hosts that we identified as exchanging industrial traffic, and only 7% of hosts identified by Shodan actually exchange industrial traffic. Therefore, Shodan does not allow to understand the actual use of insecure industrial protocols on the Internet and the current security practices in ICS communications. We show that 75.6% of ICS hosts still rely on unencrypted communications without integrity protection, leaving those critical systems vulnerable to malicious attacks

A Statistical Analysis Framework for ICS Process Datasets

In recent years, several schemes have been proposed to detect anomalies and attacks on Cyber-Physical Systems (CPSs) such as Industrial Control Systems (ICSs). Based on the analysis of sensor data, unexpected or malicious behavior is detected. Those schemes often rely on (implicit) assumptions on temporally stable sensor data distributions and invariants between process values. Unfortunately, the proposed schemes often do not perform optimally, with Recall scores lower than 70% (e.g., missing 3 alarms every 10 anomalies) for some ICS datasets, with unclear root issues. In this work, we propose a general framework to analyze whether a given ICS dataset has specific properties (stable sensor distributions in normal operations, potentially state-dependent), which then allows to determine whether certain Anomaly Detection approaches can be expected to perform well. We apply our framework to three datasets showing that the behavior of actuators and sensors are very different between Training set and Test set. In addition, we present high-level guides to consider when designing an Anomaly Detection System

Beware of Pickpockets: A Practical Attack against Blocking Cards

peer reviewedToday, we rely on contactless smart cards to perform several critical operations (e.g., payments and accessing buildings). Attacking smart cards can have severe consequences, such as losing money or leaking sensitive information. Although the security protections embedded in smart cards have evolved over the years, those with weak security properties are still commonly used. Among the different solutions, blocking cards are affordable devices to protect smart cards. These devices are placed close to the smart cards, generating a noisy jamming signal or shielding them. Whereas vendors claim the reliability of their blocking cards, no previous study has ever focused on evaluating their effectiveness. In this paper, we shed light on the security threats on smart cards in the presence of blocking cards, showing the possibility of being bypassed by an attacker. We analyze blocking cards by inspecting their emitted signal and assessing a vulnerability in their internal design.We propose a novel attack that bypasses the jamming signal emitted by a blocking card and reads the content of the smart card. We evaluate the effectiveness of 11 blocking cards when protecting a MIFARE Ultralight smart card and a MIFARE Classic card. Of these 11 cards, we managed to bypass 8 of them and successfully dump the content of a smart card despite the presence of the blocking card. Our findings highlight that the noise type implemented by the blocking cards highly affects the protection level achieved by them. Based on this observation, we propose a countermeasure that may lead to the design of effective blocking cards. To further improve security, we released the tool we developed to inspect the spectrum emitted by blocking cards and set up our attack

[Eosinophilic pancreatitis and autoimmune pancreatitis: comparison, differential diagnosis, and treatment]

Among the rarest causes of acute pancreatitis, there are eosinophilic pancreatitis (EP) and autoimmune pancreatitis (AIP). They share some features, such as the low frequency and the association with systemic disorders. Their diagnostic criteria, mainly clinical and laboratory, are different, but both require histological confirmation in most cases: in fact, pancreas is enlarged at CT scan, with tumor-like appearance. Here we discuss the importance of hypereosinophilia in EP and IgG increase in type 1 AIP (included in IgG-related systemic diseases). Differential diagnosis with pancreatic neoplasms and therapy schedules are discussed as well