• Model Predicts COVID-19 Outbreak Two Weeks Ahead of Time

    People’s social behavior, reflected in their mobility data, is providing scientists with a way to forecast the spread of COVID-19 nationwide at the county level. The data-driven deep learning model which FAU researchers developed has important implications for managing the current pandemic as well as future pandemics.

  • What is Pegasus? Explaining How the Spyware Invades Phones and What It Does When It Gets In

    Pegasus is a spyware that can stealthily enter a smartphone and gain access to everything on it, including its camera and microphone. Pegasus is designed to infiltrate devices running Android, Blackberry, iOS and Symbian operating systems and turn them into surveillance devices.

  • The Van Buren Decision Is Good News for Cybersecurity

    In June, after years of uncertainty, the Supreme Court finally shed some light on the meaning of a notoriously vague law, the Computer Fraud and Abuse Act (CFAA). Timothy Edgar writes that one problem with CFAA was that some courts had interpreted the CFAA’s language so broadly. Justice Amy Coney Barrett’s technically informed opinion, which narrowed the scope of CFAA, was a win for civil liberties — and also a victory — not a loss — for cybersecurity. Moreover, Barrett’s opinion “offers a model for how to interpret computer crime laws.”

  • Turning Error Detection into “Secret Language” for Enhanced Data Security

    A Sandia Lab researcher, researching software error detection, has develop a method to enhance the protection of digital content like email and social media messaging.

  • Chip with Secure Encryption to Bolster Fight against Hackers

    Researchers have designed a computer chip that implements post-quantum cryptography efficiently. Such chips could provide protection against future hacker attacks using quantum computers.

  • Water Systems Vulnerable to Cyberthreats

    In February, a hacker tried to manipulate the water utility’s computers in Oldsmar, Fla. so that the level of lye in the water would be raised. Joel Griffin writes that “had the perpetrator not been caught…. this cyber-attack could have resulted in actual physical harm to residents and potentially even deaths. The simplicity of this cyber-attack … also illustrates the gravity of the situation facing water utilities,” as they try to implement contemporary IT security solutions to decades-old equipment ad operational technology.

  • U.K., U.S. and Australia Publish Advice to Fix Global Cyber Vulnerabilities

    A joint advisory from international allies is offering advice for the most publicly known software vulnerabilities. The cyber agencies share details of the top 30 vulnerabilities routinely exploited by malicious actors in 2020.

  • U.S. Gov. Facing a Severe Cyber Workers Shortage When They Are Needed the Most

    The U.S. government is struggling to find and hire cybersecurity workers precisely at the time it needs such workers most in order to protect the government and its cyber systems from an unprecedented, and ever-more-menacing, wave of cyberattacks.

  • Social Media Platforms Do Little to Limit Online Anti-Semitic Content

    A new report shows how social media companies fail to act on anti-Jewish hate on their platforms. As a result of their failure to enforce their own rules, social media platforms like Facebook have become safe places to spread racism and propaganda against Jews.

  • Responsible Cyber Offense

    There is responsible conduct in cyberspace, and there is irresponsible conduct. Perri Adams, Dave Aitel, George Perkovich, and JD Work write that “If the SolarWinds operation was a case of somewhat responsible hacking within the bounds of acceptable state action (even if Russia is far from a responsible actor in cyberspace), the Exchange operation, by contrast, demonstrates how an irresponsibly conducted espionage operation can escalate into collateral damage and instability.” They write that, despite critical preventive efforts, “offensive operations will continue apace in the foreseeable future—conducted by the United States, its allies and its adversaries. The choice is whether and how to engage in them responsibly and minimize cost to societies.”

  • A Backdoor in Mobile Phone Encryption from the 1990s Still Exists

    Researchers have discovered a security gap in modern mobile phones which is very unlikely to have been created by accident. In fact, it should have been removed back in 2013.The researchers say that the properties that render the cipher so insecure can’t have happened by accident.

  • Israel Tries to Limit Fallout from the Pegasus Spyware Scandal

    Israel has been trying to limit the damage the Pegasus spyware scandal is threatening to do to France-Israel relations. The Moroccan intelligence service used the software, made by an Israeli company with close ties to Israel’s defense and intelligence establishments, to spy on dozens of French officials, including fourteen current and former cabinet ministers, among them President Emmanuel Macron and former prime minister Edouard Phillipe. It would not be unreasonable for the French intelligence services to assume that there was a measure of Israeli spying on France involved here, with or without the knowledge of the Moroccans. Macron, in a phone conversation with Israel’s prime minister Naftali Bennett, pointedly asked for an explanation.

  • U.S. Leads Coalition Accusing China of Hacking

    On 19 July, the United States joined other countries in condemning the hacking by Chinee government hackers of Microsoft Exchange email server software. Despite the condemnations, there have not been any sanctions against China for its role in the breach, leading critics to charge that the Biden’s response was weak and “not proportionate to the severity of the breach.” Abby Lemert and Eleanor Runde write that “Part of the problem is that escalatory retaliation carries special risks to a highly digitized society like the United States. Accordingly, some commentators assess that Biden’s response is properly calibrated to the risks.”

  • Honeypot Security Technique Can Also Stop Attacks in Natural Language Processing

    Borrowing a technique commonly used in cybersecurity to defend against these universal trigger-based attacks, researchers at the Penn State College of Information Sciences and Technology have developed a machine learning framework that can proactively defend against the same types of attacks in natural language processing applications 99 percent of the time.

  • Maximum Privacy for Sharing Files Online

    People who share documents or pictures online, or organizations which share confidential documents with employees and others, have little to no control over who views the information which is being sent and where it is being viewed. An FAU researcher has received a patent from the U.S. Patent and Trademark Office for a novel invention that controls how and when shared documents are displayed.