• Security Flaws in China’s Mandatory Olympics App for Athletes

    Athletes arriving at the Winter Olympics in China will have to install a Chinese-made app, called MY2022, on their smartphones, and fill in detailed information about themselves. China says that app, which the athletes will have to carry with them and periodically update, will be used to report health and travel data when they are in China. Athletes who fail to install the app, or who fail to fill in and update the information, will be sent home. Cyber analysts have found serious security and privacy flaws in the app.

  • Home for the Holidays? The Global Implications of a State-Level Cyberattack

    The 4 December 2021 cyberattack on the Maryland Department of Health (MDH) appeared, at first blush to be a local-to-Maryland problem. Maggie Smith writes, however, that “the MDH hack points to a concerning development at the nexus of cybercrime and data supply chains,” as it “shows how fragile data supply chains can be and signals how easy it is to disrupt even the most critical data flows by stopping the upstream flow of data that provides the insights and statistics on which the nations’ decision-makers rely.”  

  • Massive Cyberattack Targeting Ukraine’s Government Websites

    Several Ukrainian government websites have been targeted in a massive cyberattack amid heightened tensions between the West and Russia, which has massed troops and military equipment near the border with Ukraine.

  • For Accurate Health Information: Mainstream News More Reliable Than Social, Alternative Media

    New study finds that accurate and truthful health-related information has been found by individuals who rely more on mainstream news. Meanwhile, people who depend on social media or less-established forms of “alternative” health media are more likely to subscribe to false beliefs about health.

  • Radicalization Pipelines: How Targeted Advertising on Social Media Drives People to Extremes

    Behind-the-scenes mechanisms feed an item you search for on Google, “like” on social media, or come across while browsing into custom advertising on social media. Those mechanisms are increasingly being used for more nefarious purposes than aggressive advertising. The threat is in how this targeted advertising interacts with today’s extremely divisive political landscape. As a social media researcher, I see how people seeking to radicalize others use targeted advertising to readily move people to extreme views.

  • U.S. Cyber Officials Bracing for Fallout from “Log4j” Vulnerability

    More than a month after the Log4j software vulnerability was first discovered, U.S. cybersecurity officials are still warning about it, saying that some criminals and nation state adversaries may be waiting to make use of their newfound access to critical systems.

  • The Metaverse Offers a Future Full of Potential – for Terrorists and Extremists, Too

    The metaverse is an immersive virtual reality version of the internet where people can interact with digital objects and digital representations of themselves and others, and can move more or less freely from one virtual environment to another. As terrorism researchers, we see a potential dark side to the metaverse. Although it is still under construction, its evolution promises new ways for extremists to exert influence through fear, threat and coercion. Considering our research on malevolent creativity and innovation, there is potential for the metaverse to become a new domain for terrorist activity.

  • Leveraging Social Media During a Disaster

    During a disaster, many people turn to social media seeking information. But communicating during disasters is challenging, especially using an interactive environment like social media where misinformation can spread easily.

  • Aiding Evaluation of Adversarial AI Defenses

    There are many inherent weaknesses that underlie existing machine learning (ML) models, opening the technology up to spoofing, corruption, and other forms of deception. Evaluation testbed, datasets, tools developed on GARD program were released to jump-start community and encourage creation of more robust defenses against attacks on ML models.

  • What Will 2022 Bring in the Way of Misinformation on Social Media? 3 Experts Weigh In

    At the end of 2020, it seemed hard to imagine a worse year for misinformation on social media, given the intensity of the presidential election and the trauma of the COVID-19 pandemic. But 2021 proved up to the task, starting with the Jan. 6 insurrection and continuing with copious amounts of falsehoods and distortions about COVID-19 vaccines.

  • What Is Log4j? A Cybersecurity Expert Explains the Latest Internet Vulnerability, How Bad It Is and What’s at Stake

    Log4Shell, an internet vulnerability that affects millions of computers, involves an obscure but nearly ubiquitous piece of software, Log4j. So what is this humble piece of internet infrastructure, how can hackers exploit it and what kind of mayhem could ensue?

  • UTEP to Advance Cybersecurity Talent Pipeline with $4M Grant

    Award will support highly qualified computer science students, with an emphasis on Hispanic and female students.

  • Moral Echo Chambers on Social Media May Boost Radicalization: Study

    As Congress continues to investigate the storming of the U.S. Capitol on Jan. 6, psychologists are examining how online communities can foster radical thoughts and intentions. A new study finds that that social media echo chambers can create a strong bond and increase the likelihood of radicalization.

  • CISA Hosts Cybersecurity Navigators Forum for Election Officials

    CISA recently concluded a forum for state and local election officials to discuss cyber navigator programs. Cyber navigators are state liaisons that can help under-resourced local jurisdictions manage their cyber risks, help sort through the onslaught of risk information, advice, and available services, and help fast-track mitigation efforts. DHS is currently in the midst of its “Election Security” sprint, focused on the need to cement the resilience of the nation’s democratic infrastructures and protect the integrity of its election.

  • Computer Attacks with Laser Light

    Computer systems that are physically isolated from the outside world (air-gapped) can still be attacked. This is demonstrated by IT security experts in the LaserShark project. The researchers demonstrate hidden communication into air-gapped computer systems: Data transmitted to light-emitting diodes of regular office devices.