• To curb hate speech on social media, we need to look beyond Facebook, Twitter: Experts

    Germany has passed a new controversial law which requires social media companies quickly to delete hate speech or face heavy fines. The debate over the new law has focused on the most common social media platforms like Facebook, Twitter, or Youtube. Experts say that placing Facebook, Twitter, and Youtube at the center of the debate over hate speech on social media websites is understandable, but it could undermine monitoring less widely known social media players. Some of these smaller players may present more problematic hate speech issues than their bigger rivals.

  • Encryption system hides your travel data from Uber

    The apps created by Uber and its competitors put peers in touch with each other when one of them is looking for a ride. But the online platforms these companies have developed also collect users’ personal data – from passengers and drivers alike. Multiplied by millions of users each day, that comes out to be a goldmine of information, especially in the era of Big Data. Researchers looked at how the same level of service could be achieved without disclosing users’ personal data.

  • Hackers could use brainwaves to steal passwords

    Researchers suggest that brainwave-sensing headsets, also known as EEG or electroencephalograph headsets, need better security after a study reveals hackers could guess a user’s passwords by monitoring their brainwaves. EEG headsets are advertised as allowing users to use only their brains to control robotic toys and video games specifically developed to be played with an EEG headset. There are only a handful on the market, and they range in price from $150 to $800.

  • Shin Bet chief: Israel successfully combating cyber-terror, “lone wolf” attacks

    The head of Israel’s internal security service has revealed that Israel is successfully fighting back against cyberterrorism and prevented thousands of potential so-called “lone wolf” attacks with the aid of technology. The Shin Bet head revealed that Israel used technological and intelligence methods to identify and prevent over 2,000 potential “lone wolf” attacks since the beginning of 2016.

  • The Petya ransomware attack shows how many people still don’t install software updates

    By Elissa Redmiles

    A new global ransomware attack, called “Petya” or “NotPetya,” exploits the same vulnerability as the “WannaCry” attack back in May. As Petya spreads across Europe, it’s becoming clear how few people and companies – including major corporations – actually update their software, even in the wake of major cyberattacks. Attackers got into computers through that weakness and encrypted users’ data, demanding a ransom from anyone who wanted the data made usable again. But they didn’t win the race to exploit the flaw as much as people and computer companies collectively lost it. Our human tendencies and corporate policies worked against us. Research, including my own, tells us why, and offers some suggestions for how to fix it before the inevitable next attack.

  • New firewall protects cellphones from hardware security threats

    Some 400 million people change their phone’s components, such as touchscreens, chargers, and battery or sensor assemblies, which are all susceptible to significant security breaches and attacks. These components, referred to as “field replaceable units (FRUs),” communicate with the phone CPU over simple interfaces with no authentication mechanisms or error detection capabilities. A malicious vendor could add a compromised FRU to a phone, leaving it vulnerable to password and financial theft, fraud, malicious photo or video distribution, and unauthorized app downloads. Cybersecurity researchers at Ben-Gurion University of the Negev (BGU) developed an innovative firewall program that adds a missing layer of security in Android cellphones and monitors for malicious code.

  • Intel teams up with Israeli cybersecurity incubator to foil hacking attacks

    Intel, the world’s largest chip-maker, is joining forces with the Israeli cybersecurity incubator Team8 to locate innovative technology that will fend off increasingly sophisticated cyberattacks. In joining forces with Team8 and their syndicate members, which include big names like Microsoft and Cisco, Intel is further advancing its desire to be a major player in the cybersecurity market. Israel is home to around 450 cybersecurity startups and receives around 20 percent of global investment in the field.

  • Australia: Five-Eyes nations should require backdoors in electronic devices

    Australia attorney-general George Brandis said he was planning to introduce a proposal to Australia’s four intelligence-sharing partners in the Five Eyes group — the United States, United Kingdom, New Zealand, and Canada – to require technology companies to create some kind of a backdoor to their devices. Australian leaders have emerged as strong proponents of allowing law-enforcement and intelligence agencies to gain access to the information and communication records on devices used by terrorists and criminals.

  • Protecting auto computer systems from hacks

    When you and your family are zooming along the freeway, the last thing you’re worried about is the security of your car’s computer systems. That’s one reason researchers work hard on protecting vehicles from cyberattacks. Computer engineering research team is focused on the security of wireless interfaces utilized by vehicles, the number of which will only grow as autonomous cars and trucks roll closer to reality. These interfaces in our vehicles, not unlike the computers in our homes and in our hands, can be susceptible to attacks, also known as hacks. The major difference is that attacks on a vehicle’s computer systems, which are connected to critical controls, can have potentially fatal consequences.

  • Russian government hackers broke into voting systems in 39 states

    The attack by the Russian government hackers on the U.S. electoral system during the 2016 campaign involved thirty-nine states. This figure shows that the Russian attack was broader and deeper than previously thought. The cyberattacks targeted software used by states election commissions in the months and weeks before the election – and by poll workers on election day. The type of targets the Russian government hackers chose also indicates that in addition to the immediate goal of helping elect Donald Trump president, the hackers were trying to gain knowledge which would allow them to interfere in, and influence, the 2018 mid-term elections of 2020 presidential election even more effectively than they did the 2016 presidential election.

  • Fake news: Studying cyber propaganda and false information campaigns

    Dr. Nitin Agarwal of the University of Arkansas at Little Rock will use $1.5 million grant from the Office of Naval Research to study the sources of false information on the Internet, how it is spread through social media, and how people and groups strategically use this false information to conduct cyber propaganda campaigns.

  • New director for CMU’s Software Engineering Institute's CERT Division

    Carnegie Mellon University’s Software Engineering Institute the other day announced the appointment of Roberta G. (Bobbie) Stempfley as director of the SEI’s CERT Division. A federally funded research and development center, SEI helps government and industry organizations develop and operate software systems that are secure and reliable. The CERT Coordination Center was founded at the SEI in 1988 as the world’s first computer security incident response team.

  • Random numbers will make life difficult for hackers

    Whenever we need to communicate in secret, a cryptographic key is needed. For this key to work, it must consist of numbers chosen at random without any structure – just the opposite of using the birthdate of our favorite pet. But, for a human, it is extremely difficult to choose without creating any bias, even by hitting the keyboard chaotically. To solve this problem, researchers have developed a new random numbers generator based on the principles of quantum physics.

  • Stuxnet, the sequel: Dangerous malware aims to disrupt industrial control systems

    A cybersecurity firm has identified a new, dangerous malware, dubbed Industroyer, capable of performing an attack on power supply infrastructure. The malware was likely involved in the December 2016 cyberattack on Ukraine’s power grid that deprived part of its capital, Kiev, of power for over an hour. is capable of directly controlling electricity substation switches and circuit breakers. It uses industrial communication protocols used worldwide in power supply infrastructure, transportation control systems, and other critical infrastructure. The potential impact may range from simply turning off power distribution, triggering a cascade of failures, to more serious damage to equipment.

  • Preventing voice hacking

    While convenient, Siri, WeChat, and other voice-based smartphone apps can expose you to a growing security threat: voice hacking. With just a few minutes of audio samples, attackers can replay your voice convincingly enough to trick people as well as top digital security systems. The consequences, from impersonating you with your friends to dipping into your bank account, are terrifying. An app, soon to be available, will help thwart growing cybersecurity threat