• Your smartphone may be spying on you

    Some popular apps on your phone may be secretly taking screenshots of your activity and sending them to third parties, according to a new study. The researchers said this is particularly disturbing because these screenshots—and videos of your activity on the screen—could include usernames, passwords, credit card numbers, and other important personal information.

  • “A clear preference for President-elect Trump”: Senate Intel Committee on Russia’s 2016 influence campaign

    On Tuesday, the GOP-led Senate Intelligence Committee, after sixteen months of investigation, has released the second unclassified installment of its report on the Russian election activities in 2016. The report was unanimously approved by all members of the committee. The three main takeaways: First, the January 2017 ICA [the Intelligence Community Assessment of Russia active-measures campaign to compromise the 2016 presidential election] “is a sound intelligence product”; second, “Russian efforts to influence the 2016 U.S. presidential election represent the most recent expression of Moscow’s longstanding desire to undermine the U.S.-led liberal democratic order, but these activities demonstrated a significant escalation in directness, level of activity, and scope of effort compared to previous operation”; third, “We assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the U.S. presidential election. Russia’s goals were to undermine public faith in the U.S. democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency. We further assess Putin and the Russian Government developed a clear preference for President-elect Trump.”

  • The West is ill-prepared for the wave of “deep fakes” that artificial intelligence could unleash

    Russian disinformation has become a growing problem for Western countries. European nations are finally taking action, which is an important first step, but Chris Meserole and Alina Polyakova write “to get ahead of the problem, policymakers in Europe and the United States should focus on the coming wave of disruptive technologies. Fueled by advances in artificial intelligence and decentralized computing, the next generation of disinformation promises to be even more sophisticated and difficult to detect.” Bigger data, better algorithms, and custom hardware promise to democratize the creation of fake print, audio, and video stories. “Deep fakes and the democratization of disinformation will prove challenging for governments and civil society to counter effectively,” Meserole and Alina Polyakova warn.

  • New phishing protection for mobile devices

    DHS S&T said that new and enhanced mobile phishing and content protection capabilities are being transitioned to the government and private-sector. Phishing protection, an important and first-of-its kind feature for mobile devices, was introduced to block mobile phishing attacks designed to steal user credentials or deliver malware. Beyond simply detecting phishing attempts in SMS messages, the system also detects and prevents attacks that hide inside mobile apps, social media messages, and in personal and corporate email.

  • Better detection, analysis of malicious attacks

    DHS S&T has selected Cyber 20/20, Inc. of Newark, Delaware to develop security capabilities for financial services as part of S&T’s Silicon Valley Innovation Program (SVIP). Cyber 20/20’s project—Trained Using Runtime Analysis from Cuckoo Outputs (TURACO)—expands the capabilities of Cuckoo, an open-source sandbox, to better detect and analyze malicious attacks.

  • Facing “a new era of catastrophes,” book by Wharton profs offers tips for business leaders

    Wharton’s Howard Kunreuther and Michael Useem’s recent book Mastering Catastrophic Risk: How Companies are Coping with Disruption dives into the ways top companies have rebounded after their own worst-case scenarios. “The ‘unthinkable’ has gone from not being on anyone’s radar screen to now being central,” says Useem. “But to think about it, you need tools, and wisdom.”

  • Fears of Russian cyberattacks ahead of Mexico’s Sunday elections

    Mexico is holding its presidential and parliamentary election on 1 July, and the last six months provided further evidence that Russia is doing in Mexico what it has effectively done in the United States, Germany, France, the Netherlands, Britain, Spain, Italy, Sweden, the western Balkans, and many other places: Using a broad and sophisticated campaign, combining disinformation on social media and hacking, to promote the political candidates, parties, and causes which would serve Russia’s interests.

  • Putin ready to reiterate denials of election meddling to Trump

    The Kremlin says Russian President Vladimir Putin is prepared to reiterate to U.S. President Donald Trump that Moscow did not meddle in the 2016 U.S. elections if Trump raises the issue during their upcoming summit. In a tweet Thursday morning, Trump reiterated his refusal to accept the fact of Russia’s interference, a position which runs counter to the entire U.S. intelligence community as well as all high ranking officials within his own cabinet and the entire Senate Intelligence Committee.

  • Security gaps in LTE mobile telephony standard

    Attackers are able to not only monitor who visits which web pages, but also to reroute users to scam websites. At present, there are no ways to guarantee secure mobile communication. By abusing security weaknesses in the LTE mobile telephony standard, attackers are able to identify which web pages a user visits and to reroute him to a scam website.

  • Russia’s “destructive” bugs lurking in U.K. computers waiting to strike: U.K. chief cyber spook

    Russia already has “destructive” bugs hidden, lurking in British computers waiting to strike, the head of U.K. National Cyber Security Center told a parliamentary committee. Ciaran Martin said that the Kremlin’s list of targets to be disrupted has expanded beyond the U.K.’s “hard infrastructure” such as energy networks to include democratic institutions and the media. “In the last two years, we have seen a consistent rise in the appetite for attack from Russia on critical sectors, as well as diversification to other sectors they may attack. In addition to the more traditional targeting of hard infrastructure, like energy infrastructure, we have seen against the West as a whole the targeting of softer power - democratic institutions, media institutions and things relating to freedom of speech,” Martin said.

  • Senate Intel Committee moves to bolster election security

    The Senate Select Committee on Intelligence yesterday unanimously approved the Intelligence Authorization Act (IAA) for Fiscal Years 2018 and 2019. Among the main goals of the bill is strengthening the ability of the United States to detect, block, and limit the ability of the Russian government to compromise the integrity of U.S. elections. The bill also aims to shore up the security clearance process, which many experts regard as dysfunctional. “In the wake of foreign efforts to interfere with the 2016 U.S. elections, which this Committee continues to investigate, I am pleased to see this bill contains comprehensive measures to enhance our election security. It is vital that we ensure our voting process remains fair and free from undue influence,” said Senator Richard Burr (R-NC), the chairman of the committee.

  • Russian billionaire's firm moves to dismiss U.S. election meddling case

    The Kremlin’s 2016 broad disinformation campaign in the U.S. was carried out by Russian company Concord Management and its Internet Research Agency (IRA) “troll factory” in St. Petersburg. Concord was among the three Russian organizations, along with thirteen Russian individuals, indicted by Special Counsel Robert Mueller’s office in February in an alleged criminal conspiracy to tamper with the U.S. election and boost Trump’s prospects. On 25 June, Concord — using arguments made recently by President Trump himself — has asked a U.S. judge to dismiss the case brought against it by Mueller.

  • “The Russians play hard”: Inside Russia’s attempt to hack 2018 -- and 2020

    So what exactly is Russia planning for the upcoming election? The correct question, a half dozen security experts and former and current government officials say, is what are they not planning? And there will be new tactics, too. Nick Bilton writes in Vanity Fair that more than one expert told him that Russia will try to go after actual voting booths in smaller, more contentious districts across the country. The world we live in so intertwined with technology that you could imagine Russian hackers disrupting how we even get to the polls on Election Day. Ride-sharing services could be hacked. We’ve already seen instances of hackers faking transit problems on mapping apps, like Waze, to send people in the wrong direction, or away from a certain street. Perhaps most terrifying of all, one former official told Bilton, are the possibilities arising from Russia’s alleged 2015 cyber-attack on Kiev’s power grid, which plunged the city into darkness.

  • Weak response to Russian meddling emboldened Moscow, official says

    Russia was emboldened by the lack of a decisive response by President Barack Obama’s administration during the 2016 presidential election and will seek to interfere in future elections, a former top U.S. official said. Victoria Nuland, whose portfolio at the State Department made her a leading Russia official under Obama, made the comments 20 June during a hearing at the Senate Intelligence Committee, which is conducting a sweeping investigation of Russian actions in the United States.

  • 24-hour view of cyberattacks in Florida

    The Internet of things (IoT) – smartphones, vehicles, smart buildings, home appliances and other devices that use electronics, software and sensors – have transformed the way people around the world live and work. But not without risks. Data breaches and cyberattacks affect millions of businesses and households each year, hindering the integrity of critical systems, leaking private information and paralyzing Internet infrastructures.