• DoD' “Hack the Pentagon” follow-up initiative

    The Defense Department has awarded a contract to HackerOne and Synack to create a new contract vehicle for DoD components and the services to launch their own ”bug bounty” challenges, similar to the “Hack the Pentagon” pilot program, with the ultimate objective to normalize the crowd-sourced approach to digital defenses.

  • U.K. police charges man with terrorism over researching, using encryption

    Samata Ullah, a 33-year old Briton, earlier this month was charged in a London court with six counts of terrorism, one of which related to researching and using encryption. Privacy advocates say that a controversial statute under British law criminalizes, in the name of combatting terrorism, actions which, on their own, are perfectly legal.

  • New cyber threat: Hacking 3D manufacturing systems

    Researchers demonstrated the first complete sabotage attack on a 3D additive manufacturing (AM) system, illustrating how a cyberattack and malicious manipulation of blueprints can fatally damage production of a device or machine. More than 100 industries, including aerospace, automotive, and defense, employ additive printing processes. The AM industry accounted for $5.165 billion of revenue in 2015. Furthermore, 32.5 percent of all AM-generated objects are used as functional parts.

  • Widespread anti-Semitic harassment of journalists perceived as critical of Donald Trump: Report

    A new report released earlier today by the Anti-Defamation League (ADL) details a troubling, year-long rise in anti-Semitic hate targeting journalists on Twitter, with data showing that the harassment has been driven by rhetoric in the 2016 presidential campaign. The anti-Semitic tweets have been directed at 800 journalists, both conservative and liberal, who wrote critically about Trump. The tweet writers are disproportionately likely to self-identify as Donald Trump supporters, conservatives, or part of the “alt-right,” a loosely connected group of extremists, some of whom are white supremacists. There were 19,253 anti-Semitic tweets in the first six months of 2016, and the words that appear most frequently in the bios of the 1,600 most prolific anti-Semitic Twitter attackers are “Trump,” “nationalist,” “conservative,” and “white.” “To be clear,” ADL stresses, “this does not imply that the Trump campaign supported or endorsed the anti-Semitic tweets, only that certain self-styled supporters sent these ugly messages.”

  • “Lurking malice” found in cloud hosting services

    A study of twenty major cloud hosting services has found that as many as 10 percent of the repositories hosted by them had been compromised — with several hundred of the “buckets” actively providing malware. Such bad content could be challenging to find, however, because it can be rapidly assembled from stored components that individually may not appear to be malicious.

  • Should NSA and cyber command have separate leadership?

    The National Security Agency is the nation’s digital spying organization. U.S. Cyber Command is a military unit focused on cyberwarfare. Does it make sense for one person to lead them both at the same time? I believe that the NSA and Cyber Command should be under separate leadership, so each can pursue its mission with undivided focus and complete intensity. The NSA can gather intelligence. Cyber Command can defend our military networks and be ready to attack the systems of our enemies.

  • WikiLeaks founder’s Internet connection cut by a “state party”

    WikiLeaks said yesterday (Monday) that the Internet connection of its founder, Julian Assange, had been “severed by a state party.” During the past few months, WikiLeaks has collaborated with Russian government intelligence agencies to publish tens of thousands of private e-mails stolen by Russian government hackers from the computer systems of the Democratic Party and the Clinton campaign in an effort to help Donald Trump win the 8 November elections. The United States said it would respond “proportionally” to the Russian interference in the U.S. elections.

  • U.S. mulls how to respond to Russian interference in the U.S. elections

    The United States earlier this week has accused Russia of interfering in the U.S. electoral process. Cyber experts found the digital fingerprints of two Russian government hacker groups were behind the hacking of the Democratic National Committee (DNC), the Democratic Congressional Campaign Committee (DCCC), and the Clinton campaign, but it was still a major step for the United States officially and formally to charge that Russia was behind the hacking – an unmistakable evidence that Russia was throwing its weight behind one of the candidates.

  • The Siberian candidate: Russia’s 2-pronged campaign to undermine the U.S. political system

    We now know what the U.S. intelligence community has known for a while: Vladimir Putin has instructed the FSB (Russia’s Federal Security Service) and GRU (the Russian military’s main intelligence agency) to use their considerable cyberwarfare capabilities to help Donald Trump defeat Hillary Clinton in the 8 November. The Russian digital campaign of interference in the U.S. electoral process has intensified. We can only guess what additional actions the Russian government hackers will take in the days immediately before 8 November – and on election day itself.

  • China’s quantum satellite could make data breaches a thing of the past

    China recently launched a satellite into orbit with a unique feature: it has the ability to send information securely, not with mathematical encryption but by using the fundamental laws of physics. China will be the first country to achieve this feat, and it marks a milestone in the development of quantum technologies. The next revolution in technology promises to embrace fundamental laws of physics to enable devices to perform operations that are beyond the bounds of current electronics. For practical quantum communications we need devices integrated into our computers and smartphones that exchange data in a similar way to the quantum satellite. These devices are thankfully just around the corner. In a few years we may look back on digital eavesdropping and massive information breaches from databases as a problem buried in the past.

  • “Security fatigue” may cause computer users to feel hopeless and act recklessly

    After updating your password for the umpteenth time, have you resorted to using one you know you’ll remember because you’ve used it before? Have you ever given up on an online purchase because you just didn’t feel like creating a new account? If you have done any of those things, it might be the result of “security fatigue.” It exposes online users to risk and costs businesses money in lost customers.

  • Penn State cybersecurity club gets competitive

    The members of the Penn State Competitive Cyber Security Organization (CCSO) are embroiled in a game of capture-the-flag. They’re in hot pursuit of the pennant, hoping to find it before their competitors. But instead of dashing across fields and through the woods, they’re gathered in a conference room sharing pizza. And instead of searching for a brightly colored flag, they use their cybersecurity skills to find a “flag” that is actually a special computer file.

  • Former British topless model arrested for links to ISIS

    Former British topless model, 27, arrested for communicating with ISIS recruiters and distributing violent ISIS propaganda videos on social networks. He contact was a British citizens calling himself Abu Usamah al-Britani, a known ISIS recruiter operating out of Syria. Terrorism experts say his “specialty” is trying to persuade young Western women to come to Syria to marry jihadist fighters.

  • Russia using hacking to influence 2016 elections: U.S.

    The United States, in an official statement issued jointly today by James Clapper, the director of national intelligence (DNI), and a high-level official at Department of Homeland Security (DHS), accused Russia of trying to influence the 2016 U.S. elections by using Russian government hackers. The U.S. says the Russian government hackers stole and published archived e-mails from the Democratic National Committee (DNC) and the Democratic Congressional Campaign Committee (DCCC). The official statement also refers to the attempted hacks into the voting systems and voter registration databases in twenty states, but says that the evidence about Russian government involvement in those hacks is not yet conclusive.

  • Our ability to spot phishing e-mails is far from perfect

    Each year, tens of millions of phishing e-mails make it to your inbox, uncaught by your e-mail client’s spam filter. Of those, millions more slide past our own judgment and are clicked and opened. A recent study has revealed just how likely we are to take the bait.