• The past, present, and future of ransomware

    The rise of ransomware over the past year is an ever growing problem. Business often believe that paying the ransom is the most cost effective way of getting their data back — and this may also be the reality. The problem we face is that every single business that pays to recover their files, is directly funding the development of the next generation of ransomware. As a result of this we are seeing ransomware evolve at an alarming rate.

  • Commonly used strategy for Web site protection is not airtight

    Cloud-based security providers commonly use DNS redirection to protect customers’ Web sites. The success of this strategy depends on shielding the Web site’s original IP address. Computer scientists have now revealed that the IP address can be retrieved in more than 70 percent of the cases, meaning that the DNS redirection security mechanism can easily be bypassed. 

  • view counter
  • Registration opens for U.S. Cyber Challenge’s annual Cyber Quests competition

    U.S. Cyber Challenge (USCC) on Monday opened registration for the 2016 Cyber Quests online competition. The annual Cyber Quests competition determines who qualifies for the USCC Summer Cyber Camps, a leading nationwide program in cybersecurity workforce development.

  • FBI, DHS warn grid operators about cyber threats to power grid

    The FBI and DHS are warning infrastructure operators about the potential cyberattacks on the U.S. power grid. The FBI and DHS have launched a nationwide campaign to alert power companies and security firms, a campaign which includes briefings and online Webinars.

  • “Moving-target” defense against distributed denial-of-service attacks

    Researchers propose a “moving-target” defense against distributed denial-of-service attacks. The defense works by repeatedly shuffling client-to-server assignments to identify and eventually quarantine malicious clients.

  • FBI may be able to break into San Bernardino terrorist’s phone without Apple’s help

    Magistrate Judge Sheri Pym has postponed until 5 April a court hearing about the FBI’s request that the court would order Apple to unlock the phone of one of the San Bernardino terrorists. The FBI asked the judge to postpone the hearing after the agency said it may have found a way to unlock the phone without Apple’s help.

  • Hackers could decrypt iMessage photos, videos

    A team of researchers has poked a hole in Apple’s iMessage encryption software. The bug would enable a skilled hacker to decrypt photos and videos sent as secure instant messages. The details of the vulnerability will be published after Apple has issued an update that corrects the flaw.

  • Using single photons to improve cybersecurity

    With enough computing effort most contemporary security systems will be broken. But a research team has made a major breakthrough in generating single photons (light particles), as carriers of quantum information in security systems.

  • Bangladesh central bank governor resigns after discovery of $81 million cybertheft

    Bangladesh’s central bank governor, Atiur Rahman, resigned on Tuesday after $81 million was stolen from the bank’s account at the Federal Reserve Bank of New York. It was one of the largest cyber-heists in history. The Bangladesh central bank said that the hackers had tried to withdraw $951 million from its account at the Federal Reserve Bank of New York, but the other transactions were blocked after a typo in one of the instructions raised alarms.

  • Nations ranked on vulnerability to cyberattacks

    Damaging cyberattacks on a global scale continue to surface every day. Some nations are better prepared than others to deal with online threats from criminals, terrorists, and rogue nations. Data-mining experts ranked the vulnerability of forty-four nations to cyberattacks. The United States ranked 11th safest, while several Scandinavian countries (Denmark, Norway, and Finland) ranked the safest.

  • How organizations can secure their teleworkers, data

    As the number of employees who telework trends upward — and new kinds of devices are used in telework — the National Institute of Standards and Technology (NIST) says it is updating its guidance to include the latest technology available to strengthen an organization’s remote-access data security.

  • U.S. files case against Iranian government hackers behind attack on N.Y. dam

    In 2013 hackers infiltrated the operations center for the Bowman Avenue Dam, a small dam on Blind Brook in Rye Brook, New York. DHS, in a classified report, later identified the attackers r identified the attackers as the same Iranian group responsible for attacks on PNC Financial Services Group, SunTrust, and Capital One Financial. Now the Department of Justice is set to file an indictment against the Iranian hackers behind the intrusion.

  • Doodling trumps text passwords for smartphone security

    Someday soon, you may be able to log into your smartphone with sweeping gestures or doodling, using one or more fingers. Researchers have performed the first study of free-form gesture passwords for smartphones in the field. Free-form gesture passwords allow people to draw a password of any shape with any number of fingers.

  • ISIS hackers post N.J. police officers’ details online, calling on followers to attack them

    ISIS hackers have posted the personal details of U.S. officials online, encouraging the group’s supporters to carry out “lone wolf” attacks against them. The Caliphate Cyber Army (CCA), formerly known as the Islamic Cyber Army, posted the personal details of fifty-five New Jersey police officers last week after hacking into the Web site of the New Jersey Transit police.

  • New vulnerability discovered in Open SSL, a common encryption protection package

    One of the world’s most common security software packages — used as the basis of protection for many Web browsers — has been found to be vulnerable to a specific form of attack, according to new research. Researchers have discovered that OpenSSL is vulnerable to a type of attack known as a “side channel attack.”