• Russia using hacking to influence 2016 elections: U.S.

    The United States, in an official statement issued jointly today by James Clapper, the director of national intelligence (DNI), and a high-level official at Department of Homeland Security (DHS), accused Russia of trying to influence the 2016 U.S. elections by using Russian government hackers. The U.S. says the Russian government hackers stole and published archived e-mails from the Democratic National Committee (DNC) and the Democratic Congressional Campaign Committee (DCCC). The official statement also refers to the attempted hacks into the voting systems and voter registration databases in twenty states, but says that the evidence about Russian government involvement in those hacks is not yet conclusive.

  • Our ability to spot phishing e-mails is far from perfect

    Each year, tens of millions of phishing e-mails make it to your inbox, uncaught by your e-mail client’s spam filter. Of those, millions more slide past our own judgment and are clicked and opened. A recent study has revealed just how likely we are to take the bait.

  • view counter
  • Data-mining can be used for detecting multiple hackers

    Security efforts to combat hackers usually focus on one method of attack, but computer scientists have developed a strategy more effective at tackling various types of attacks. Data mining, the process of analyzing big sets of data and organizing it into useful information, is used in all corners of industry, and the computer scientists say that a spam filtering system based on data mining can identify various adversaries, or hackers.

  • DHS awards U Texas San Antonio $3 million to develop, deliver cybersecurity training

    The Department of Homeland Security (DHS) has selected a team led by the University of Texas at San Antonio (UTSA) to develop and deliver cybersecurity training through the Continuing Training Grants (CTG) Program. The 2016 CTG is a $3 million grant to develop and deliver cybersecurity training to support the national preparedness goal to make the United States more secure and resilient.

  • Putin’s cyber play: What are all these Russian hackers up to?

    Russia has been implicated in many breaches of U.S. networks in recent months, most notably the Democratic National Committee and the Democratic Congressional Campaign Committee hacks. On 28 September, FBI Director James Comey told a congressional hearing that Russian hackers have been testing cyberdefenses of voter registration databases in more than a dozen states. What is Russia trying to do with its hacking efforts? One clear goal for the Russian hackers involved in these recent attacks is to make the presidential campaign harder for Democratic nominee Hillary Clinton and easier for her Republican opponent, Donald Trump. Russia is also trying to spread distrust of official viewpoints, particularly those coming from the EU or NATO. With any Western fringe group Russia can attract, it is attempting to stall Western decisions, sow discontent and distrust, and draw apart societies and partnerships.

  • NIST patented single-photon detector for potential encryption, sensing apps

    Individual photons of light now can be detected far more efficiently using a device patented by a team including NIST, whose scientists have overcome longstanding limitations with one of the most commonly used type of single-photon detectors. Their invention could allow higher rates of transmission of encrypted electronic information and improved detection of greenhouse gases in the atmosphere.

  • New encryption method improves privacy protection

    VTT Technical Research Center of Finland has developed a new kind of encryption method for improving the privacy protection of consumers to enable safer, more reliable, and easier-to-use user authentication than current systems allow. The method combines safety, usability, and privacy protection — until now, implementing all three at the same time has been a challenge.

  • Hackers “poking around” U.S. voter registration sites in more than a dozen states: Comey

    James Comey, the FBI director, said his agency has discovered more attempts to hack voter registration sites in more than a dozen states according to two law enforcement officials. The FBI, and investigators working for other law enforcement agencies, say indications are the hackers belong to two cyber units working for the Russian government.

  • Secure passwords can be sent through the human body, instead of air

    Sending a password or secret code over airborne radio waves like WiFi or Bluetooth means anyone can eavesdrop, making those transmissions vulnerable to hackers who can attempt to break the encrypted code. Now, computer scientists and electrical engineers have devised a way to send secure passwords through the human body — using benign, low-frequency transmissions generated by fingerprint sensors and touchpads on consumer devices.

  • Judge questions whether Facebook is doing enough to deter terrorists from using its platform

    A federal judge harshly criticized Facebook, admonishing the social media giant for not be doing enough to deter terrorists from using its platform. U.S. District Judge Nicholas Garaufis in Brooklyn, New York, also accused Kirkland & Ellis LLP, Facebook’s lawyers — who had sent a first-year associate to a hearing — of not taking seriously lawsuits which touch on important issues such as international terrorism and the murder of innocents. “I think it is outrageous, irresponsible, and insulting,” Garaufis told the attorney. The judge ordered the law firm to send a more senior lawyer to the next hearing on 28 September because he wanted to “talk to someone who talks to senior management at Facebook.”

  • Which best protects your privacy: Apps or Web sites? It depends

    To protect your privacy, should you use the app — or a Web browser? This is the question researchers ask in new research that explores how free app — and Web-based services on Android and iOS mobile devices — compare with respect to protecting users’ privacy. In particular, the researchers investigated the degree to which each platform leaks personally identifiable information. The answer? “It depends,” they say.

  • NIST’s regional approach to addressing U.S. cybersecurity challenge

    NIST has awarded grants totaling nearly $1 million for five projects that are taking a community approach to addressing the U.S. shortage of skilled cybersecurity employees. The NIST-led National Initiative for Cybersecurity Education (NICE), a partnership among government, academia, and the private sector, will oversee the grants as part of its mission to support cybersecurity education, training, and workforce development.

  • Cyber incidents’ cost not large compared with other business losses

    The cost of a typical cyber breach to an American company is much less than generally estimated, providing one possible explanation for why companies do not invest more to improve computer security, according to a new study. Researchers found that the typical cost of a breach was about $200,000 and that most cyber events cost companies less than 0.4 percent of their annual revenues. The $200,000 cost was roughly equivalent to a typical company’s annual information security budget. Given that finding, the study’s author says that businesses “lack a strong incentive to increase their investment in data security and privacy protection.”

  • Space: Cybersecurity’s final frontier

    The world is dangerously unprepared for a global disaster sparked by cyberattacks on space infrastructure. Much of the world’s infrastructure – including the economies and militaries of the world’s developed countries – is dependent on space machinery, and any disruption of that machinery would have a cascading consequences – some merely debilitating, other catastrophic. Governments around the world have invested heavily in protecting infrastructure on Earth – yet not nearly enough has been done to thwart threats from space to that infrastructure.

  • North Korea has only has 28 Web sites, mistakenly leaked official data reveals

    Launching an effective cyberwar against North Korea would be difficult because the secretive country has only twenty-eight registered domains. The information about the surprisingly small number of North Korean registered domains was the result of incorrect configuration of one of North Korea’s top-level name servers. The incorrect configuration made the server reveal a list of all the domain names under the domain .kp.