• Russian hackers likely behind cyberattacks on U.S. nuclear operators: Experts

    Russian government hackers are suspected to be behind a series of cyberattacks on U.S. nuclear operators. The attacks were similar to recent Russian attacks on Ukraine’s power infrastructure. Experts say that rhe attacks in Ukraine and the United States show that Russian hackers appear to be testing increasingly advanced tools to disrupt power supplies. “If you think about a typical war, some of the acts that have been taken against critical infrastructure in Ukraine and even in the U.S., those would be considered crossing red lines,” says one security expert.

  • Improving cybersecurity risk management

    DHS S&T awarded $220,209 to the University of Tulsa to study data production and usage by cybersecurity researchers, information that will help quantify the value of data-sharing and improve sharing incentives to address the interdependency of cyber-risk environments. The award’s primary focus is research into investment, impact, value and incentives related to cybersecurity risk management.

  • Wealth breeds cybercrime, but it does not automatically generate cybersecurity: Report

    ITU, the United Nations specialized agency for information and communication technology, has published the Global Cybersecurity Index 2017 (GCI-2017), which measures the commitment of ITU’s 193 member states to cybersecurity and is the second in this index series. The report found that Singapore, ranked No. 1, has a near-perfect approach to cybersecurity. The rest of the top 10 were Malaysia, Oman, Estonia, Mauritius, Australia, Georgia, France, and Canada. Equatorial Guinea brings up the rear, with cyber wellness score of zero.

  • To curb hate speech on social media, we need to look beyond Facebook, Twitter: Experts

    Germany has passed a new controversial law which requires social media companies quickly to delete hate speech or face heavy fines. The debate over the new law has focused on the most common social media platforms like Facebook, Twitter, or Youtube. Experts say that placing Facebook, Twitter, and Youtube at the center of the debate over hate speech on social media websites is understandable, but it could undermine monitoring less widely known social media players. Some of these smaller players may present more problematic hate speech issues than their bigger rivals.

  • Encryption system hides your travel data from Uber

    The apps created by Uber and its competitors put peers in touch with each other when one of them is looking for a ride. But the online platforms these companies have developed also collect users’ personal data – from passengers and drivers alike. Multiplied by millions of users each day, that comes out to be a goldmine of information, especially in the era of Big Data. Researchers looked at how the same level of service could be achieved without disclosing users’ personal data.

  • Hackers could use brainwaves to steal passwords

    Researchers suggest that brainwave-sensing headsets, also known as EEG or electroencephalograph headsets, need better security after a study reveals hackers could guess a user’s passwords by monitoring their brainwaves. EEG headsets are advertised as allowing users to use only their brains to control robotic toys and video games specifically developed to be played with an EEG headset. There are only a handful on the market, and they range in price from $150 to $800.

  • Shin Bet chief: Israel successfully combating cyber-terror, “lone wolf” attacks

    The head of Israel’s internal security service has revealed that Israel is successfully fighting back against cyberterrorism and prevented thousands of potential so-called “lone wolf” attacks with the aid of technology. The Shin Bet head revealed that Israel used technological and intelligence methods to identify and prevent over 2,000 potential “lone wolf” attacks since the beginning of 2016.

  • The Petya ransomware attack shows how many people still don’t install software updates

    A new global ransomware attack, called “Petya” or “NotPetya,” exploits the same vulnerability as the “WannaCry” attack back in May. As Petya spreads across Europe, it’s becoming clear how few people and companies – including major corporations – actually update their software, even in the wake of major cyberattacks. Attackers got into computers through that weakness and encrypted users’ data, demanding a ransom from anyone who wanted the data made usable again. But they didn’t win the race to exploit the flaw as much as people and computer companies collectively lost it. Our human tendencies and corporate policies worked against us. Research, including my own, tells us why, and offers some suggestions for how to fix it before the inevitable next attack.

  • New firewall protects cellphones from hardware security threats

    Some 400 million people change their phone’s components, such as touchscreens, chargers, and battery or sensor assemblies, which are all susceptible to significant security breaches and attacks. These components, referred to as “field replaceable units (FRUs),” communicate with the phone CPU over simple interfaces with no authentication mechanisms or error detection capabilities. A malicious vendor could add a compromised FRU to a phone, leaving it vulnerable to password and financial theft, fraud, malicious photo or video distribution, and unauthorized app downloads. Cybersecurity researchers at Ben-Gurion University of the Negev (BGU) developed an innovative firewall program that adds a missing layer of security in Android cellphones and monitors for malicious code.

  • Intel teams up with Israeli cybersecurity incubator to foil hacking attacks

    Intel, the world’s largest chip-maker, is joining forces with the Israeli cybersecurity incubator Team8 to locate innovative technology that will fend off increasingly sophisticated cyberattacks. In joining forces with Team8 and their syndicate members, which include big names like Microsoft and Cisco, Intel is further advancing its desire to be a major player in the cybersecurity market. Israel is home to around 450 cybersecurity startups and receives around 20 percent of global investment in the field.

  • Australia: Five-Eyes nations should require backdoors in electronic devices

    Australia attorney-general George Brandis said he was planning to introduce a proposal to Australia’s four intelligence-sharing partners in the Five Eyes group — the United States, United Kingdom, New Zealand, and Canada – to require technology companies to create some kind of a backdoor to their devices. Australian leaders have emerged as strong proponents of allowing law-enforcement and intelligence agencies to gain access to the information and communication records on devices used by terrorists and criminals.

  • Protecting auto computer systems from hacks

    When you and your family are zooming along the freeway, the last thing you’re worried about is the security of your car’s computer systems. That’s one reason researchers work hard on protecting vehicles from cyberattacks. Computer engineering research team is focused on the security of wireless interfaces utilized by vehicles, the number of which will only grow as autonomous cars and trucks roll closer to reality. These interfaces in our vehicles, not unlike the computers in our homes and in our hands, can be susceptible to attacks, also known as hacks. The major difference is that attacks on a vehicle’s computer systems, which are connected to critical controls, can have potentially fatal consequences.

  • Russian government hackers broke into voting systems in 39 states

    The attack by the Russian government hackers on the U.S. electoral system during the 2016 campaign involved thirty-nine states. This figure shows that the Russian attack was broader and deeper than previously thought. The cyberattacks targeted software used by states election commissions in the months and weeks before the election – and by poll workers on election day. The type of targets the Russian government hackers chose also indicates that in addition to the immediate goal of helping elect Donald Trump president, the hackers were trying to gain knowledge which would allow them to interfere in, and influence, the 2018 mid-term elections of 2020 presidential election even more effectively than they did the 2016 presidential election.

  • Fake news: Studying cyber propaganda and false information campaigns

    Dr. Nitin Agarwal of the University of Arkansas at Little Rock will use $1.5 million grant from the Office of Naval Research to study the sources of false information on the Internet, how it is spread through social media, and how people and groups strategically use this false information to conduct cyber propaganda campaigns.

  • New director for CMU’s Software Engineering Institute's CERT Division

    Carnegie Mellon University’s Software Engineering Institute the other day announced the appointment of Roberta G. (Bobbie) Stempfley as director of the SEI’s CERT Division. A federally funded research and development center, SEI helps government and industry organizations develop and operate software systems that are secure and reliable. The CERT Coordination Center was founded at the SEI in 1988 as the world’s first computer security incident response team.