• Preliminary Injunction Limiting Government Communications with Platforms Tackles Illegal “Jawboning,” but Fails to Provide Guidance on What’s Unconstitutional

    By David Greene

    A July 4 preliminary injunction issued by a federal judge in Louisiana limiting government contacts with social media platforms deals with government “jawboning” is a serious issue deserving serious attention and judicial scrutiny. The court order is notable as the first to hold the government accountable for unconstitutional jawboning of social media platforms, but it is not the serious examination of jawboning issues that is sorely needed. The court did not distinguish between unconstitutional and constitutional interactions or provide guideposts for distinguishing between them in the future.

  • Muting Trump’s “Megaphone” Easier Said Than Done

    By Alvin Powell

    How do you cover Donald Trump? He’s going to do a lot of speeches, and parts of his message will be provably false, reflect intolerance, and promote anti-democratic ideas. Political experts suggest ways media can blunt the former president’s skillful manipulation of coverage to disseminate falsehoods and spread messages which are often sharply divisive and periodically dangerous.

  • Stressed for a Bit? Then Don’t Click It, Cybersecurity Experts Advise

    By Tom Rickey

    Workers feeling a specific form of stress are more likely than others to become the victims of a phishing attack. Phishing psychology study explores what makes workers vulnerable.

  • Recent Chinese Cyber Intrusions Signal a Strategic Shift

    By Pukhraj Singh

    On 25 May, Australia and its partners in the Five Eyes intelligence-sharing network—Canada, New Zealand, the UK and the US—made a coordinated disclosure on a state-sponsored cyber hacking group dubbed ‘Volt Typhoon’. The group has been detected intruding on critical infrastructure since 2021, but the nature of recent intelligence on its behavior hints at worrying developments in the Chinese cyber establishment.

  • Researchers Devise a Way to Evaluate Cybersecurity Methods

    By Adam Zewe

    A savvy hacker can obtain secret information, such as a password, by observing a computer program’s behavior, like how much time that program spends accessing the computer’s memory. Security approaches that completely block these “side-channel attacks” are so computationally expensive, so engineers often apply what are known as obfuscation schemes. MIT researchers have developed a system which analyzes the likelihood that an attacker could thwart a certain security scheme to steal secret information.

  • How Secure Are Voice Authentication Systems Really?

    Voice authentication has increasingly been used in remote banking, call centers and other security-critical scenarios. Attackers can break voice authentication with up to 99 percent success within six tries.

  • U.S. Agencies Buy Vast Quantities of Personal Information on the Open Market – a Legal Scholar Explains Why and What It Means for Privacy in the Age of AI

    By Anne Toomey McKenna

    The issues pf the protection of personal information in the digital age is increasingly urgent. Today’s commercially available information, coupled with the now-ubiquitous decision-making artificial intelligence and generative AI like ChatGPT, significantly increases the threat to privacy and civil liberties by giving the government access to sensitive personal information beyond even what it could collect through court-authorized surveillance.

  • As Cybercrime Evolves, Organizational Resilience Demands a Mindset Shift

    By Lisa Musladin

    Facing the threat of state-sponsored cyberattack groups, the financial motivations of organized cybercrime gangs and the reckless ambitions of loosely knit hacktivist collectives, organizations are fighting a cybersecurity battle on multiple fronts.

  • From Wadham to GCHQ and Back: Robert Hannigan on Cybercrime, Spying and the AI Tsunami Coming Our Way

    Is the much-vaunted cyber-Armageddon likely or even possible? One experts says that “‘State cyber threats do get overplayed. They can’t do everything and countries over-estimate their cyber capabilities – just as they over estimate their military capability.” The expert  insists, however, that “The challenges are ‘moving very fast’, as potential attackers learn fast.”

  • To Pay or Not to Pay? Ransomware Attacks Are the New Kidnapping

    By Jamie MacColl and Tom Keatinge

    Over the past several years, ransomware attacks have become a persistent national security threat. The inability to respond effectively to this challenge has normalized what should be intolerable: organized cybercriminals harbored by hostile states regularly disrupting and extorting businesses and essential services, causing misery in the process.

  • The ‘Truther Playbook’: Tactics That Explain Vaccine Conspiracy Theorist RFK Jr’s Presidential Momentum

    By Stephanie Alice Baker, Chris Rojek, and Eugene McLaughlin

    Polls show that Robert Kennedy’s Jr., promoting anti-vaccine conspiracy theories, has been drawing surprising early support in his campaign for the Democratic presidential nomination. Kennedy is using the “truther playbook” - – promising identity and belonging, revealing “true” knowledge, providing meaning and purpose, and promising leadership and guidance – which prove to be appealing in our current post-truth era, in which opinions often triumph over facts, and in which charlatans can achieve authority by framing their opponents as corrupt and evil and claiming to expose this corruption. These rhetorical techniques can be used to promote populist politics just as much as anti-vaccine content.

  • U.S. Critical Infrastructure May Not Be Resilient Enough to Fend Off, Survive Chinese Cyberattacks: CISA Director

    By Jeff Seldin

    Americans “need to be prepared” for Chinese cyberattacks, U.S. cyber official said, because the United States may not be resilient enough to fend off and survive Chinese attacks on its critical infrastructure should the present great power competition between Washington and Beijing evolve into an actual conflict.

  • Google, Cornell to Partner in Online Security Initiative

    By Thomas Fleischman

    Most current security-related research is focused on technical challenges, but many of the most significant security failures involve humans and can often be attributed to poor design that fails to take the human factor into account. A partnership between Google and four higher-education institutions will use an interdisciplinary approach to build better foundations for secure systems and ensure that they are deployed in ways that address rather than exacerbate societal problems.

  • Operator of “Bulletproof Hosting” Service Which Distributed Destructive Malware Sentenced to Three Years in Prison

    A Romanian national who operated a “bulletproof hosting” service was sentenced to three years in prison and ordered to forfeit $3,510,000. The bulletproof hosting was used to facilitate the distribution of the Gozi Virus, the Zeus Trojan, the SpyEye Trojan, and the BlackEnergy malware, all of which were designed to steal confidential financial information.

  • Making Hospitals Cybersecure

    By Tom Cassauwers

    As medical centers increasingly come under attack from hackers, Europe is bolstering protection. The answer lies not only in better software. Cybersecurity is more often than not about people and changing their behavior.