• Estimated 35 Million voter records for sale on hacking forum

    Data on up to 35 million U.S. voters in as many as 19 states is for sale online, according to a new report from two cybersecurity firms – Anomlai and Intel471. DHS says, however, that much of the data is either public or available for purchase from state and local governments.

  • Twitter’s massive data release shows the Kremlin’s broad pro-Trump strategy

    Twitter today (Wednesday) released ten million tweets it says represent all of the foreign influence operations on the social media platform, including Russia’s consistent efforts to undermine Hillary Clinton’s presidential bid and support Donald Trump’s 2016 campaign. The Internet Research Agency, the St. Petersburg-based Kremlin’s troll farm, created 3,400 accounts to undermine Hillary Clinton’s campaign and support Trump. Before helping Trump defeat Clinton, the Kremlin helped Trump secure the GOP nomination by targeting former governor Jeb Bush and Senator Ted Cruz.

  • Exposing security vulnerabilities in terahertz data links

    Scientists have assumed that future terahertz data links would have an inherent immunity to eavesdropping, but new research shows that’s not necessarily the case. The study shows that terahertz data links, which may play a role in ultra-high-speed wireless data networks of the future, aren’t as immune to eavesdropping as many researchers have assumed. The research shows that it is possible for a clever eavesdropper to intercept a signal from a terahertz transmitter without the intrusion being detected at the receiver.

  • Open-source hardware could defend against the next generation of hacking

    Imagine you had a secret document you had to store away from prying eyes. And you have a choice: You could buy a safe made by a company that kept the workings of its locks secret. Or you could buy a safe whose manufacturer openly published the designs, letting everyone – including thieves – see how they’re made. Which would you choose? It might seem unexpected, but as an engineering professor, I’d pick the second option.

  • Mitigating cyberthreats in vehicles

    In acts of terrorism, vehicles have been deployed as killing machines. These incidents involved human operators, but another sinister possibility looms: a vehicle cyber hack intended to cause human harm. While this kind of terrorist attack has not yet occurred, in the realm of security research, it’s been demonstrated how hackers could gain control over car systems like the brakes, steering and engine.

  • Strict password policies help prevent fraud

    The all-too-common practice of using the same email address/password combination to log into multiple websites can be damaging, especially for employers with many users and valuable assets protected by passwords, like universities. Researchers show that longer minimum passwords are the most effective way to prevent password reuse and reduce potential exposure in a third-party data breach.

  • Peter Smith met Flynn in 2015

    Peter W. Smith, the GOP operative who raised $100,000 in his search to obtain Hillary Clinton’s missing emails from Russian hackers before allegedly killing himself in May 2017, had a well-established business relationship Trump former National Security Advisor Michael Flynn. Previous reports indicated Smith knew both Flynn and his son well, but on Wednesday, the Wall Street Journal explains the backstory behind their connection.

  • Key takeaways from the Kremlin’s recent interference offensive

    Recent counterintelligence operations by U.K. and Dutch intelligence services, and similar operations by the U.S. and Swiss authorities, have exposed a broad, sustained, and determined Russian effort to undermine Western democracies. The main takeaways from the revelations about these Russian operations: First, the Kremlin uses cyber hacks and other asymmetric tools not only to interfere in elections, but also to execute a number of other objectives. Second, the Kremlin uses various asymmetric tools in conjunction with one another to achieve its objectives. Finally, the Kremlin has authorized its security services to pursue Moscow’s interests with brazen and aggressive vigor.

  • Publicizing a firm's security levels may strengthen security over time

    Cyberattacks grow in prominence each and every day; in fact, 2017 was the worst year to-date for data breaches, the number of cyber incidents targeting businesses nearly doubling from 2016 to 2017. Now, new research has quantified the security levels of more than 1,200 Pan-Asian companies in order to determine whether increased awareness of one’s security levels leads to improved defense levels against cybercrime.

  • Russian election meddling in the U.S. and beyond

    On Thursday 20 September 2018, the US targeted 33 individuals and entities with sanctions over interference in the American Presidential election in 2016. This followed the U.S. Justice Department’s indictment of 12 Russian officials. Previously, 13 Russian citizens as well as the Internet Research Agency, Concord Management and Concord Catering had been charged with interfering with the U.S. political system.

  • Secure Election Act will not be ready before midterms

    Senator James Lankford (R-OK) said Tuesday the Secure Elections Act, bipartisan legislation designed “to protect elections from cyberattacks,” won’t be ready before November. Last month’s Senate committee mark-up was abruptly postponed by Senate Rules and Administration Committee Chairman Roy Blunt (R-Mo.) over a lack of Republican support and objections by some secretaries of state and the White House.

  • Numbers, trends in health care data breaches nationwide, 2010-2017

    Health plans – entities that cover the costs of medical care – accounted for the greatest number of patient records breached over the past seven years, according to an analysis of U.S. health care data. The report examined changes in data breaches during a period when electronic health records were being widely adopted across the country. While the largest number of data breaches took place at heath care providers – hospitals, physician offices, and similar entities – breaches involving the greatest number of patient records took place at health plans.

  • Protecting the power grid from cyberattacks

    As the national power grid becomes increasingly dependent on computers and data sharing—providing significant benefits for utilities, customers, and communities—it has also become more vulnerable to both physical and cyber threats. While evolving standards with strict enforcement help reduce risks, efforts focused on response and recovery capabilities are just as critical––as is research aimed at creating a well-defended next generation smart grid.

  • A new cybersecurity research group focuses on human behavior

    Sociologist David Maimon’s earliest research examined the effects neighborhoods have in determining why some people in neighborhoods engage in crime and deviant behaviors. In 2010, he turned his focus to cybercrime and the unique online ecosystem in which cybercriminals thrive. Maimon leads the Evidence-based Cybersecurity Research Group at GSU. “The notion of ‘cybersecurity’ in academic literature and the world is still technical,” he said. “Our work is unique in that we focus on human behavior.”

  • U.S. prepared to strike in cyberspace

    The United States is prepared to go on the offensive in cyberspace to ensure adversaries know there is a price to pay for hacks, network intrusions and other types of attacks. President Donald Trump signed a new National Cyber Strategy on Thursday, calling for a more aggressive response to the growing online threat posed by other countries, terrorist groups and criminal organizations.