Cybersecurity

  • BugBuster automatically finds bugs in applications

    To overcome problems associated with using Web sites, problems which range from the annoying to those which inflict severe financial pain on large companies, a Swiss start-up has developed the first intelligent tool which finds out on its own how to interact with an application whose code it tests according to various possible scenarios.

  • Government-developed standards not an effective cybersecurity approach: analyst

    DHS said the department has “recently learned of a vulnerability that existed in the software used by a DHS vendor to process personnel security investigations.” analyst says that it is bad enough that hackers gained access to the personal information of thousands, but what is even more worrisome is the fact that DHS, with it spotty cyber security record, has been placed in charge of regulating the cybersecurity efforts of critical infrastructure industries.

  • Los Alamos director: cyber-securing U.S. electrical grid key to energy security

    Los Alamos National Lab (LANL) director Charlie McMillan told a gathering of energy executives that securing the U.S. electrical grid is a major concern now, and it is only becoming more serious.

  • Hagel says Chinese cyberattacks a “growing threat”

    Defense Secretary Chuck Hagel warned of a “growing threat” of cyberattacks against the United States, saying that America and its allies need to “establish international norms of responsible behavior in cyberspace.” Hagel spoke to an audience of defense analysts and defense ministers from Asia and Europe at the annual conference of the International Institute for Strategic Studies on Saturday.

  • Android anti-virus products easily evaded: study

    Researchers tested ten of the most popular antiviral products for Android and found each could be easily circumnavigated by even the most simple obfuscation techniques. “Many of these products are blind to even trivial transformation attacks not involving code-level changes — operations a teenager could perform,” one of the researchers say.

  • Chinese government hackers steal designs of advanced U.S. weapons systems

    The Chinese government has been conducting a broad, sustained, and disciplined campaign of cyberattacks against U.S. government agencies, critical infrastructure, private companies, and news organizations. The public version of a study prepared for the Pentagon by the Defense Science Board now says that Chinese government hackers have also been able to penetrate the computer networks of all the major U.S. defense contractors, stealing the designs and specifications of the most advanced weapon system in the U.S. arsenal, and gaining insights into broad technologies on which U.S. military advances are based.

  • Quantum cryptography’s security may not be air-tight

    See video

    Quantum communication systems offer the promise of virtually unbreakable encryption. Unlike classical encryption, which is used to send secure data over networks today and the security of which depends on the difficulty of solving mathematical problems like the factoring of large numbers, most quantum encryption schemes keep the encryption key separate from the data. This approach ensures that an eavesdropper with access only to the data could not decipher the key. Researchers, however, have recently demonstrated that even quantum encryption may be susceptible to hacking.

  • Report: U.S. companies should consider counter-hacking Chinese hackers

    A group studying how the United States should respond to the sustained campaign of cyberattacks conducted by Chinese government hackers against U.S. companies, said the United States should seriously consider a campaign of retaliatory cyberattacks against the hackers.

  • Cyber risks for users of cloud computing

    Home computer users and businesses are being warned to consider more closely the risks associated with cloud computing, as well as its many advantages.

  • U.S. to help protect private companies from malicious cyberattacks

    The U.S. government said it will help protect private companies from cyber attacks. DHS secretary Janet Napolitano said a system is being developed which will monitor Internet traffic directed to critical infrastructure businesses and block attacks on software programs.

  • Panel's draft bill shields DHS funds

    A house panel introduced a bill last week that will protect DHS from budget cuts facing other domestic agencies under the house’s budget plan. This will allow the department to hire 1,600 new agents at Customs and Border Patrol agency, replace cuts to local and state governments, boost spending on cybersecurity, and abandon cuts to the Coast Guard.

  • Cybersecurity framework for critical infrastructure: analysis of initial comments

    On 12 February 2013 President Obama issued the “Improving Critical Infrastructure Cybersecurity” executive order, which called for the National Institute of Standards and Technology (NIST) to work with industry to develop a voluntary framework to reduce cybersecurity risks to the nation’s critical infrastructure, which includes power, water, communication, and other critical systems.

  • Criminals may use new channels to trigger mobile malware

    Researchers have uncovered new hard-to-detect methods that criminals may use to trigger mobile device malware that could eventually lead to targeted attacks launched by a large number of infected mobile devices in the same geographical area. Such attacks could be triggered by music, lighting or vibration.

  • Obama administration shifting cybersecurity legislative strategy

    The Obama administration’s has shifted its cybersecurity legislative strategy. Rather than emphasize DHS-monitored regulations – an approach which stalled in Congress last summer because of Republican opposition — the administration is focusing on getting Congress to help promote the voluntary adoption by industry of standards being developed by the National Institute of Standards and Technology (NIST) following a February 2013 executive order signed by President Obama.

  • New software protects networked control systems from cyber attacks

    Researchers have developed a software algorithm that detects and isolates cyber-attacks on networked control systems — which are used to coordinate transportation, power, and other infrastructure across the United States.