• EFF’s “Cover Your Tracks” Will Detect Your Use of iOS 16’s Lockdown Mode

    Apple’s new iOS 16 offers a powerful tool for its most vulnerable users. Lockdown Mode reduces the avenues attackers have to hack into users’ phones by disabling certain often-exploited features. But there is a catch.

  • A Retrospective Post-Quantum Policy Problem

    In May 2022, a White House memorandum warned that a quantum computer of sufficient size and sophistication will be capable of breaking much of the public-key cryptography used on digital systems across the United States and around the world. The various steps taken by the administration, and proposed by lawmakers, to deal with the problem are all forward-looking. “However, despite these efforts, policymakers have given little or no attention to what could be called a retrospectivepost-quantum problem,” Herb Lin writes. “Policymakers would be wise to consider the very real possibility that in a PQC[post-quantum computing] world, messages they once believed would be kept secret could in fact be made public.”

  • Three Iranian Nationals Charged with Cyber Plots Against U.S. Critical Infrastructure Providers

    An indictment was unsealed Wednesday charging three Iranian nationals with allegedly orchestrating a scheme to hack into the computer networks of multiple U.S. victims, including critical infrastructure providers. The defendants’ hacking campaign exploited known vulnerabilities in commonly used network devices and software applications to gain access and exfiltrate data and information from victims’ computer systems.

  • Off-the-Shelf Crypto-Detectors Give a False Sense of Data Security

    A team of computer scientists outlines a leading reason behind insecure data and makes recommendations about how to fix the problem.

  • NYU to Create Comprehensive Cybersecurity and Resiliency Program

    The quantity, velocity and variety of cybersecurity attacks worldwide reflect the proliferation of connected devices, advances in extended reality systems, AI, telecommunications, and global supply chains powered by the Internet. At the same time, there is a shortfall of cybersecurity and resiliency experts with real-world training and immersion in cutting-edge research and technology to face these challenges.

  • What Fake News About Spiders Can Teach Us About the Global Spread of (Mis)information

    It’s no secret that the internet and social media fuel rampant spread of (mis)information in many areas of life. Now, researchers have explored this phenomenon as it applies to news about spiders. The verdict? Don’t blindly trust anything you read online about these eight-legged arthropods — or anything else for that matter — and always consider the source.

  • What Would It Take to Survive an EMP Attack?

    We are increasingly vulnerable to both natural disruptions and military attacks on our power grids. An electromagnetic pulse impulses (EMPs) would destroy your electronics, leaving you and your surroundings intact — but without easy means of survival. Remember, almost all conventional power sources and the entire internet would be knocked out and might take many months to replace.

  • Protecting National Public Warning System from EMPs

    DHS released a report of operational approaches to protect the National Public Warning System from an electromagnetic pulse (EMP). The report summarizes recommendations that federal, state, local agencies, and private sector critical infrastructure owners and operators can employ to protect against the effects of an EMP event.

  • Risks of North Korean Chemical, Biological Weapons; EMP; and Cyber Threats

    What WMD and cyber capabilities does North Korea currently have? How does North Korea use or threaten to use these capabilities? What are North Korea’s goals in employing its WMD and cyber capabilities? What impact could this use have? How can the ROK-U.S. rein in and defeat the North’s WMD and cyber capabilities?

  • Truth Decay in Europe

    What is the empirical evidence for the trends, drivers and consequences of Truth Decay in Europe, and how does that compare with what was found for the United States? To what extent does this evidence apply across Europe as a whole, or are there differences within Europe in the empirical evidence of trends, drivers and consequences of Truth Decay? What are the implications of applying the conceptual framework developed for the United States framework of Truth Decay in Europe? Which areas need to be further investigated in order to tackle Truth Decay in Europe?

  • Did Twitter Ignore Basic Security Measures? A Cybersecurity Expert Explains a Whistleblower’s Claims

    Twitter’s former security chief, Peiter “Mudge” Zatko, filed a whistleblower complaint with the Securities and Exchange Commission in July 2022, accusing the microblogging platform company of serious security failings. Zatko’s most damning accusations center around Twitter’s alleged failure to have a solid cybersecurity plan to protect user data, deploy internal controls to guard against insider threats and ensure the company’s systems were current and properly updated.

  • Quantum Computing Vulnerabilities of National Critical Functions

    How are the national critical functions (NCFs) vulnerable to future quantum computing capabilities? How should the federal government prioritize assistance to critical infrastructure owners and operators?

  • Prioritizing Cybersecurity Risk in Election Infrastructure

    How can jurisdictions at each level prioritize their efforts to combat the risk of cyberattacks on their election systems? How can they assess the likelihood of a successful attack? How can they assess the scale and severity of an attack?

  • Fighting Against Disinformation with Lessons from Cybersecurity

    Mary Ellen Zurko pioneered user-centered security in the 1990s. Now she is using those insights to help the nation thwart influence operations.

  • What Happened When Twitter and Other Social Media Platforms Cracked Down on Extremists

    In a Q&A with ProPublica reporter A.C. Thompson, former intelligence officer and data scientist Welton Chang explains how conspiracy theorists and violent racists fled to smaller platforms. Once there, their remarks festered and spread.