• Ending extortion: Researchers develop a way to stop ransomware

    Ransomware — what hackers use to encrypt your computer files and demand money in exchange for freeing those contents — is an exploding global problem with few solutions. The FBI issued a warning in May saying the number of attacks has doubled in the past year and is expected to grow even more rapidly this year. It said it received more than 2,400 complaints last year and estimated losses from such attacks at $24 million last year for individuals and businesses. Researchers have developed a way to stop ransomware dead in its tracks.

  • Your smart watch and fitness tracker may give away your PIN

    Wearable devices — Fitbits, Jawbones, Nike+, Apple Watches, and the like — are white-hot. The tech segment is already producing an estimated $14 billion in sales worldwide, and expected to more than double within four years, climbing to north of $30 billion. But a new research report reveals those cool wearables just may leak information as you use them.

  • DHS S&T funds efforts to make Internet of Things safer

    DHS S&T the other day awarded $119,000 to Ionic Security, Inc. based in Atlanta, Georgia, to advance detection and monitoring for Internet of Things (IoT) systems security. The Ionic Security team proposes to apply a novel distributed data protection model to solve the authentication, detection, and confidentiality challenges that impact distributed IoT devices.

  • Effective defense against Internet attacks

    The brute force and sheer scale of current Internet attacks put a heavy strain on classic methods of intrusion detection. Moreover, these methods are not prepared for the rapidly growing number of connected devices. Researchers have developed a “flow based” approach, which looks at the data flow from a higher level and detects suspicious patterns.

  • China’s cyber statecraft is a far greater concern than cyber espionage

    China has become notorious for its sponsorship of cyber industrial espionage, but such activity distracts attention from the country’s comprehensive cyber strategy, according to a new book, China’s Cyber Power. This strategy is designed to maintain domestic political cohesion, empower the Chinese military, and reshape global cyber governance.

  • Making passwords more secure – especially for mobile devices

    Passwords are a necessary evil, indispensable for the purpose of ensuring data confidentiality. Unfortunately, the most secure passwords are also the ones that are most difficult to memorize. “Nobody likes passwords. In order to make their lives easier, many people use the same password for different accounts, or they choose passwords that are so easy to guess that they don’t provide sufficient protection,” said one researchers.

  • DHS S&T awards Charles River Analytics $500,000 for predictive malware defense research

    Malicious cyber activity is growing at an unprecedented rate. A leading internet security firm reported there were more than 317 million new malicious code signatures in 2014. Additionally, attacks are increasing in sophistication as authors create malware that circumvents standard signature-based antivirus defense systems. DHS S&T has awarded $500,000 to Cambridge, Massachusetts-based Charles River Analytics to develop malware defense technology that will alert and empower information technology (IT) administrators to fend off an impending cyberattack.

  • Google Chrome vulnerability lets attackers steal movies, protected content

    A security vulnerability in Google technology that is supposed to protect videos streamed via Google Chrome has been discovered by researchers from the Ben-Gurion University of the Negev Cyber Security Research Center (CSRC) in collaboration with a security researcher from Telekom Innovation Laboratories in Berlin, Germany. The vulnerability in the encryption technology, Widevine EME/CDM, opens an easy way for attackers to hijack protected content delivered via different popular streaming services, making the unprotected content available for illegal distribution.

  • Intelligence agencies spy on our data by manipulating computer chips

    Researchers work to develop mechanisms that will render the Internet of Things more secure. They focus on a specific security gap: the manipulation of computer chips, that is, hardware components. These components can be found not only in PCs and laptops, but also in all other devices with integrated electronics; those include credit cards, cars, and smartphones, as well as large industrial facilities and medical equipment.

  • Cyber Guard 2016 aims to manage complexity in invisible domain

    Between one million and ten million U.S. homes and businesses are without power. An oil spill from a near-shore refinery is gushing into the waters off Texas and Louisiana. The port of Los Angeles is shut down due to a network outage. Visitors to exercise Cyber Guard 2016 here viewed mock newscasts detailing these scenarios as examples of the likely effects of a massive cyberattack.

  • FBI's approach to digital investigations puts security at risk: Expert

    A cybersecurity expert argues that the FBI’s recent and widely publicized efforts to compel Apple Computer to write software to unlock an iPhone used by a terrorist in California reflects an outdated approach to law enforcement that threatens to weaken the security of all smartphones, potentially putting the private information of millions of smartphone users at risk and undermining the growing use of smartphones as trusted authenticators for accessing online information.

  • Malware, data theft, scams: The risks of free livestreaming Web sites

    Millions of people use free livestreaming websites to watch sports and other live events online, but this comes with a considerable security risk. Researchers have found that viewers are often exposed to malware infections, personal data theft, and scams. As much as 50 percent of the video overlay ads on free livestreaming websites are malicious.

  • Nation’s elite cybersecurity talent participate in U.S. Cyber Challenge program

    A week from today, Illinois’ top cybersecurity talent will descend upon Moraine Valley Community College outside of Chicago to participate in the annual U.S. Cyber Challenge (USCC) Cyber Camp. During the week-long camp, individuals will participate in a variety of classes that cover such subjects as packet crafting and pen testing, and compete in a virtual Capture the Flag competition to demonstrate their cybersecurity abilities in a free-form environment in hopes of winning one of the limited (ISC)2 scholarship vouchers.

  • NIST to refine Cybersecurity Framework after comments from stakeholders

    NIST is developing a minor update of its Cybersecurity Framework based on feedback from its users. In the just-released Cybersecurity Framework Feedback: What We Heard and Next Steps, NIST is announcing that a draft of the update will be published for comment in early 2017.

  • Terrorists gaining cyber capability to bring major cities to a standstill: U.K. intelligence chief

    Robert Hannigan, the director of GCHQ, the British equivalent of the U.S. NSA, has warned that terrorists and rogue states are gaining the technical capability to bring a major city to a standstill with the click of a button. He said that the risk to cities like London would significantly increase as more physical objects – cars, household appliances — are connected online in what is called the Internet of Things.