• Virtual City Prepares Students for Future of Cybersecurity

    By Logan Burtch-Buus

    CyberApolis is a virtual city used to train the next generation of cyber professionals to address national security concerns. The “city” includes a bank, hospital, large retailer, water company, power companies, an underground hacker community, an organized crime family and a growing number of smaller retailers.

  • New Message Encryption Scheme Inspired by the Sudoku Puzzle

    Researchers discuss a novel advance in data security in which the Japanese puzzle known as Sudoku promises a cryptographic system for text information that works even in situations where computational power is limited.

  • Freezing Out the Risk of Thermal Attacks

    Thermal attacks use heat-sensitive cameras to read the traces of fingerprints left on surfaces like smartphone screens, computer keyboards and PIN pads. Hackers can use the relative intensity of heat traces across recently touched surfaces to reconstruct users’ passwords. A team of computer security experts have developed a set of recommendations to help defend against ‘thermal attacks’ which can steal personal information.

  • The New Technology Which Is Making Cars Easier for Criminals to Steal, or Crash

    By Rachael Medhurst

    There is much talk in the automotive industry about the “internet of vehicles” (IoV). This describes a network of cars and other vehicles that could exchange data over the internet in an effort to make transportation more autonomous, safe and efficient. There are many benefits to IoV, but some of these systems might also make our vehicles prone to theft and malicious attack, as criminals identify and then exploit vulnerabilities in this new technology. In fact, this is already happening.

  • Safeguarding U.S. Laws and Legal Information Against Cyberattacks and Malicious Actors

    NYU Tandon School of Engineering researchers will develop new technologies to secure the “digital legal supply chain” — the processes by which official laws and legal information are recorded, stored, updated and distributed electronically.

  • Randomized Data Can Improve Our Security

    Huge streams of data pass through our computers and smartphones every day. In simple terms, technical devices contain two essential units to process this data: A processor, which is a kind of control center, and a RAM, comparable to memory. Modern processors use a cache to act as a bridge between the two, since memory is much slower at providing data than the processor is at processing it. This cache often contains private data that could be an attractive target for attackers.

  • Conspiracy Theories: How Social Media Can Help Them Spread and Even Spark Violence

    By Christine Abdalla Mikhaeil

    Conspiracy theory beliefs and (more generally) misinformation may be groundless, but they can have a range of harmful real-world consequences, including spreading lies, undermining trust in media and government institutions and inciting violent or even extremist behaviors.

  • Major Update to NIST’s Widely Used Cybersecurity Framework

    The world’s leading cybersecurity guidance is getting its first complete makeover since its release nearly a decade ago. NIST has revised the framework to help benefit all sectors, not just critical infrastructure.

  • DHS: Additional $374.9 Million in Funding to Boost State, Local Cybersecurity

    State and local governments face increasingly sophisticated cyber threats to their critical infrastructure and public safety. On Monday, DHS announced the availability of $374.9 million in grant funding for the Fiscal Year (FY) 2023 State and Local Cybersecurity Grant Program (SLCGP).

  • Reached: Milestone in Power Grid Optimization on World’s First Exascale Supercomputer

    By Jeremy Thomas

    Ensuring the nation’s electrical power grid can function with limited disruptions in the event of a natural disaster, catastrophic weather or a manmade attack is a key national security challenge. Compounding the challenge of grid management is the increasing amount of renewable energy sources such as solar and wind that are continually added to the grid, and the fact that solar panels and other means of distributed power generation are hidden to grid operators.

  • “Hacking” People, Not Systems: False Claims Attacks on Infrastructure

    By Joshua DeLozier

    False claims and disinformation, especially in a social media-driven society, have become major problems with potentially severe consequences. Disinformation can be weaponized to disrupt underlying cyber-physical systems, human lives and economic productivity. Recent examples include tweets that trigger spikes in gasoline prices and false social media posts reporting impending water pumping station shutdowns. In these scenarios, chaos is caused because people, not systems or devices, are “hacked.”

  • Denying Denial-of-Service: Strengthening Defenses Against Common Cyberattack

    By Tom Rickey

    A Denial-of-Service attack is a cyberattack that makes a computer or other device unavailable to its intended users. This is usually accomplished by overwhelming the targeted machine with requests until normal traffic can no longer be processed. Scientists have developed a better way to recognize a common internet attack, improving detection by 90 percent compared to current methods.

  • Fighting Fake “Facts” with Two Little Words: Grounding a Large Language Model's Answers in Reality

    By Jaimie Patterson

    Asking ChatGPT for answers comes with a risk—it may offer you entirely made-up “facts” that sound legitimate. Despite having been trained on vast amounts of factual data, large language models, or LLMs, are prone to generating false information called hallucinations. Inspired by a phrase commonly used in journalism, the researchers conducted a study on the impact of incorporating the words “according to” in LLM queries.

  • Fact-Checking Found to Influence Recommender Algorithms

    By Tom Fleischman

    Researchers have shown that urging individuals to actively participate in the news they consume can reduce the spread of these kinds of falsehoods. “We don’t have to think of ourselves as captive to tech platforms and algorithms,” said a researcher.

  • Cyber Insurance Not Fueling the Ransomware Epidemic

    By Gary Hughes

    Contrary to perceived wisdom, there is no compelling evidence that victims of ransomware with cyber insurance are much more likely to pay ransoms than those without.