• HackingFBI does not know how the $1m iPhone hack works

    The  FBI does not know how the hack which was used to unlock the San Bernardino terrorist’s iPhone 5C works, even though the agency paid about $1 million for the technique. The identity of the hackers who sold the technique to the agency is a closely guarded secret, and the FBI director himself does not know who they are.

  • CybersecurityArgonne hosts Cyber Defense Competition

    More than seventy-five aspiring cyber defenders from across Illinois and Iowa converged last Saturday on the U.S. Department of Energy’s (DOE’s) Argonne National Laboratory to take on the challenge of Argonne’s first Collegiate Cyber Defense Competition. The competition provided a strong challenge for eight teams from seven colleges, forcing them to defend simulated power utility networks from a variety of realistic attacks by a “Red Team” made up of cyber experts from Argonne and industrial partners.

  • view counter
  • Cyber warfarePentagon “dropping cyberbombs” on ISIS

    Deputy Secretary of Defense Robert Work has said that the U.S. military is “dropping cyberbombs” on ISIS. Earlier this month, Defense Secretary Ashton Carter announced that the U.S. Cyber Command had been given its “first wartime assignment” – attacking and disrupting ISIS cyber infrastructure. in the last few months, the Pentagon has allowed more information to be published about the U.S. military’s cyberwar against ISIS. Work, describing the Cyber Command’s operations at a news conference, said: “We are dropping cyberbombs. We have never done that before.”

  • CybersecuritySystem predicts 85 percent of cyber-attacks using input from human experts

    By Adam Conner-Simons

    Today’s security systems usually fall into one of two categories: human or machine. So-called “analyst-driven solutions” rely on rules created by living experts and therefore miss any attacks that do not match the rules. Meanwhile, today’s machine-learning approaches rely on “anomaly detection,” which tends to trigger false positives that both create distrust of the system and end up having to be investigated by humans, anyway. But what if there were a solution that could merge those two worlds? What would it look like? Virtual artificial intelligence analyst developed by the MIT’s Computer Science and Artificial Intelligence Lab and machine-learning startup PatternEx reduces false positives by factor of 5.

  • CybersecurityPatching up Web applications

    By Larry Hardesty

    By exploiting some peculiarities of the popular Web programming framework Ruby on Rails, MIT researchers have developed a system that can quickly comb through tens of thousands of lines of application code to find security flaws. In tests on fifty popular Web applications written using Ruby on Rails, the system found twenty-three previously undiagnosed security flaws, and it took no more than sixty-four seconds to analyze any given program.

  • CybersecurityS&T licenses physical/cyber risk assessment tool to the commercial market

    DHS S&T announced that a fifth cybersecurity technology has been licensed for commercialization as a part of the Cyber Security Division’s Transition to Practice (TTP) program. The TTP program builds on the S&T process of funding projects through the full research and development lifecycle through to the commercial marketplace. The new technology — Physical and Cyber Risk Analysis Tool (PACRAT) — assesses cyber risks simultaneously with physical risks.

  • view counter
  • CybersecurityThe past, present, and future of ransomware

    The rise of ransomware over the past year is an ever growing problem. Business often believe that paying the ransom is the most cost effective way of getting their data back — and this may also be the reality. The problem we face is that every single business that pays to recover their files, is directly funding the development of the next generation of ransomware. As a result of this we are seeing ransomware evolve at an alarming rate.

  • CybersecurityCommonly used strategy for Web site protection is not airtight

    Cloud-based security providers commonly use DNS redirection to protect customers’ Web sites. The success of this strategy depends on shielding the Web site’s original IP address. Computer scientists have now revealed that the IP address can be retrieved in more than 70 percent of the cases, meaning that the DNS redirection security mechanism can easily be bypassed. 

  • CybersecurityRegistration opens for U.S. Cyber Challenge’s annual Cyber Quests competition

    U.S. Cyber Challenge (USCC) on Monday opened registration for the 2016 Cyber Quests online competition. The annual Cyber Quests competition determines who qualifies for the USCC Summer Cyber Camps, a leading nationwide program in cybersecurity workforce development.

  • GridFBI, DHS warn grid operators about cyber threats to power grid

    The FBI and DHS are warning infrastructure operators about the potential cyberattacks on the U.S. power grid. The FBI and DHS have launched a nationwide campaign to alert power companies and security firms, a campaign which includes briefings and online Webinars.

  • Cyber warfareThe next Cold War has already begun – in cyberspace

    By Conor Deane-McKenna

    The world is fighting a hidden war thanks to a massive shift in the technologies countries can use to attack each other. Much like the Cold War, the conflict is being fought indirectly rather than through open declarations of hostility. It has so far been fought without casualties but has the potential to cause suffering similar to that of any bomb blast. It is the Cyber War.

  • CryptographyLaser technique enables super-fast, super-secure quantum cryptography

    Researchers have developed a new method to overcome one of the main issues in implementing a quantum cryptography system, raising the prospect of a useable “unbreakable” method for sending sensitive information hidden inside particles of light.

  • EncryptionWhatsApp implements end-to-end encryption

    WhatsApp announced on Tuesday that it has implemented complete end-to-end encryption which will protect all text, photo, video, and voice communications from eavesdropping. This means hackers and criminals will be shut out, but so will law enforcement and intelligence services, and even the company itself. This means that the company will not able to comply with court orders to allow law enforcement access to the information stored on the encrypted device. Leaders of law enforcement agencies were quick to criticize WhatsApp’s move for creating “warrant-proof” spaces for criminals and terrorists.

  • CryptographyNew cryptographic techniques based on hard mathematical problems

    Cryptographic methods are typically created following the ad-hoc principle: somebody comes up with an algorithm; others attempt to break it — if they do not succeed, it means that the algorithm is secure. researchers develop new cryptographic algorithms that are based on particularly hard mathematical problems. They would be virtually unbreakable.

  • EncryptionSen. Wyden said he would filibuster efforts to mandate back doors

    Senator Ron Wyden (D-Oregon), a critic of the NSA domestic spying programs, said he would filibuster any attempt by fellow lawmakers to require U.S. technology companies to weaken the encryption systems with which they equip their devices. Referring to Apple fight against a court order requiring the company to relax the encryption of iPhone used by the two San Bernardino terrorists, Wyden said that consumers were asking: “Are these for the privacy rights of the dead terrorist?”