-
WhatsApp implements end-to-end encryption
WhatsApp announced on Tuesday that it has implemented complete end-to-end encryption which will protect all text, photo, video, and voice communications from eavesdropping. This means hackers and criminals will be shut out, but so will law enforcement and intelligence services, and even the company itself. This means that the company will not able to comply with court orders to allow law enforcement access to the information stored on the encrypted device. Leaders of law enforcement agencies were quick to criticize WhatsApp’s move for creating “warrant-proof” spaces for criminals and terrorists.
-
-
New cryptographic techniques based on hard mathematical problems
Cryptographic methods are typically created following the ad-hoc principle: somebody comes up with an algorithm; others attempt to break it — if they do not succeed, it means that the algorithm is secure. researchers develop new cryptographic algorithms that are based on particularly hard mathematical problems. They would be virtually unbreakable.
-
-
Sen. Wyden said he would filibuster efforts to mandate back doors
Senator Ron Wyden (D-Oregon), a critic of the NSA domestic spying programs, said he would filibuster any attempt by fellow lawmakers to require U.S. technology companies to weaken the encryption systems with which they equip their devices. Referring to Apple fight against a court order requiring the company to relax the encryption of iPhone used by the two San Bernardino terrorists, Wyden said that consumers were asking: “Are these for the privacy rights of the dead terrorist?”
-
-
FBI cracks terrorists’ iPhone without Apple's help
The Justice Department on Monday asked a court to withdraw the government’s request that the court order Apple to help the FBI gain access to the encrypted iPhone used by the San Bernardino terrorists. The Justice Department filed the request after the FBI had successfully accessed data stored on an encrypted iPhone. The FBI wanted the court to compel Apple to relax the 10-attempt limit, which is part of the encryption system which comes with the device. If there are more than ten attempts to guess the password, the phone locks forever and all the data on it is wiped out. The FBI argued that its computers, using brute-force, would be able to break the phone’s password, but that it would take more than ten attempts.
-
-
“Moving-target” defense against distributed denial-of-service attacks
Researchers propose a “moving-target” defense against distributed denial-of-service attacks. The defense works by repeatedly shuffling client-to-server assignments to identify and eventually quarantine malicious clients.
-
-
FBI may be able to break into San Bernardino terrorist’s phone without Apple’s help
Magistrate Judge Sheri Pym has postponed until 5 April a court hearing about the FBI’s request that the court would order Apple to unlock the phone of one of the San Bernardino terrorists. The FBI asked the judge to postpone the hearing after the agency said it may have found a way to unlock the phone without Apple’s help.
-
-
Hackers could decrypt iMessage photos, videos
A team of researchers has poked a hole in Apple’s iMessage encryption software. The bug would enable a skilled hacker to decrypt photos and videos sent as secure instant messages. The details of the vulnerability will be published after Apple has issued an update that corrects the flaw.
-
-
Using single photons to improve cybersecurity
With enough computing effort most contemporary security systems will be broken. But a research team has made a major breakthrough in generating single photons (light particles), as carriers of quantum information in security systems.
-
-
Secure, user-controlled data
Most people with smartphones use a range of applications that collect personal information and store it on Internet-connected servers — and from their desktop or laptop computers, they connect to Web services that do the same. Some use still other Internet-connected devices, such as thermostats or fitness monitors, that also store personal data online. Generally, users have no idea which data items their apps are collecting, where they’re stored, and whether they’re stored securely. Cryptographic system would allow users to decide which applications access which aspects of their data.
-
-
Bangladesh central bank governor resigns after discovery of $81 million cybertheft
Bangladesh’s central bank governor, Atiur Rahman, resigned on Tuesday after $81 million was stolen from the bank’s account at the Federal Reserve Bank of New York. It was one of the largest cyber-heists in history. The Bangladesh central bank said that the hackers had tried to withdraw $951 million from its account at the Federal Reserve Bank of New York, but the other transactions were blocked after a typo in one of the instructions raised alarms.
-
-
Nations ranked on vulnerability to cyberattacks
Damaging cyberattacks on a global scale continue to surface every day. Some nations are better prepared than others to deal with online threats from criminals, terrorists, and rogue nations. Data-mining experts ranked the vulnerability of forty-four nations to cyberattacks. The United States ranked 11th safest, while several Scandinavian countries (Denmark, Norway, and Finland) ranked the safest.
-
-
WhatsApp to add encryption to voice chats
Reports say that WhatsApp is planning to add encrypted video chats to its app in order to make it impossible for, so that nobody could snoop on its users. Adding encrypted voice chats will mean that all of the messages that pass through WhatsApp will be secure. Text messages are already encrypted.
-
-
How organizations can secure their teleworkers, data
As the number of employees who telework trends upward — and new kinds of devices are used in telework — the National Institute of Standards and Technology (NIST) says it is updating its guidance to include the latest technology available to strengthen an organization’s remote-access data security.
-
-
Social media used to assess damage caused by natural disasters
A new study concludes that it is possible to determine the damage caused by a natural disaster in just a few hours by using data from social networks. “Twitter, the social network which we have analyzed, is useful for the management, real-time monitoring and even prediction of the economic impact that disasters like Hurricane Sandy can have,” says one of the researchers.
-
-
U.S. files case against Iranian government hackers behind attack on N.Y. dam
In 2013 hackers infiltrated the operations center for the Bowman Avenue Dam, a small dam on Blind Brook in Rye Brook, New York. DHS, in a classified report, later identified the attackers r identified the attackers as the same Iranian group responsible for attacks on PNC Financial Services Group, SunTrust, and Capital One Financial. Now the Department of Justice is set to file an indictment against the Iranian hackers behind the intrusion.
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.