• Grammar rules undermine security of long computer passwords

    When writing or speaking, good grammar helps people make themselves understood. When used to concoct a long computer password, however, grammar — good or bad — provides important hints that can help someone crack that password, researchers at Carnegie Mellon University have demonstrated by devising grammar-aware password cracker.

  • Personal genetic information vulnerable to hacking

    Using only a computer, an Internet connection, and publicly accessible online resources, a team of researchers has been able to identify nearly fifty individuals who had submitted personal genetic material as participants in genomic studies.

  • DHS: Industrial control systems subject to 200 attacks in 2012

    A DHS report released last week revealed that industrial control systems, which are used to monitor and control critical infrastructure facilities, were hit with 198 documented cyberattacks in 2012, and that many of these attacks were serious.

  • Cybersecurity company using hackers own devices against them

    A California cybersecurity start-up, marketing itself as a private cyber intelligence agency, works to identify foreign attackers who are attempting to steal corporate secrets; it does so by  using the attackers’ own techniques and vulnerabilities against them; the company also collects data on hackers and tricks intruders into stealing false information

  • Israel cyber security incubator program established by Ben-Gurion University of the Negev

    Israel has been named one of the top three world leaders in the field of cyber security; approximately twenty-five Israeli information security firms have been acquired by multinational organizations, and Israeli companies are counted among the world’s leading IT security providers; Ben-Gurion University of the Negev (BGU) and its technology transfer company, BGN Technologies, will create Israel’s first cyber security incubator in Beer-Sheva

  • Huawei rejects U.S. “threat to national security” claims

    In October the United States House Intelligence Committee issued a report warning U.S. companies against using two Chinese companies, Huawei and ZTE, for their telecommunication technology needs; the report said that the firms may be too close to China’s Communist Party and its military’ the report also suggested their products and services could pose a threat to the security of the United .States; Huawei vigorously disputes both claims

  • DARPA’s program to reveal backdoors, hidden malicious functionality in commercial IT devices

    The scenario is one that information security experts dread: widespread dissemination of commercial technology which is secretly wired to function in unintended ways or even spy on its users; from this vantage point, mobile phones, network routers, computer work stations, and any other device hooked up to a network can provide a point of entry for an adversary; for the Department of Defense this issue is of great concern, and DARPA pland to do something about it

  • Pacemakers, other implanted devices, vulnerable to lethal attacks

    IT experts reported that security flaws in pacemakers and defibrillators could be putting lives at risk; the experts say that many of these devices are not properly secured and therefore are vulnerable to hackers who may want to commit an act that could lead to multiple deaths

  • DHS awards $23.6 million to fund development of new software analysis technology

    DHS awarded a $23.6 million grant to the Morgridge Institute for Research at the University of Wisconsin-Madison to create the Software Assurance Marketplace, which, over the next five years, will work closely with developers of new software analysis technology and the open source community to advance the security of software; initial operating capabilities for the Software Assurance Marketplace will include the ability continuously to test up to 100 open-source software packages against five software assurance tools on eight platforms, including Macintosh, Linux, and Windows

  • New method to rid inboxes of unsolicited e-mail

    Spam used to be text-based, but has recently turned high-tech, using layers of images to fool automatic filters; thanks to some sophisticated new cyber-sleuthing, researchers at are working toward a cure

  • U.S. electric power grid “inherently vulnerable” to terrorist attacks: report

    The U.S. electric power delivery system is vulnerable to terrorist attacks which could cause much more damage to the system than natural disasters such as Hurricane Sandy, blacking out large regions of the country for weeks or months, and costing many billions of dollars, says a newly released report by the National Research Council

  • Georgia Tech releases cyber threats forecast for 2013

    The year ahead will feature new and increasingly sophisticated means to capture and exploit user data, escalating battles over the control of online information and continuous threats to the U.S. supply chain from global sources; those were the findings made by the Georgia Tech Information Security Center (GTISC) and the Georgia Tech Research Institute (GTRI) in this week’s release of the Georgia Tech Emerging Cyber Threats Report for 2013

  • South Carolina exploring different cybersecurity plans

    Last month state officials in South Carolina discovered a massive breach at the Department of Revenue; the attack exposed 3.6 million social security numbers of residents in the state, 387,000 credit and debit card numbers, and information for 657,000 businesses as well as other personal information; now, officials are trying to figure out what security measures they need to take in order to prevent another attack

  • Michigan launches Cyber Range – a cutting-edge cybersecurity training program

    Michigan has launched the Michigan Cyber Range, a state-of-the-art facility that prepares cybersecurity professionals in the detection and prevention of cyber attacks; the initiative pairs cybersecurity resources with hands-on training opportunities to enhance Michigan’s protection of computer systems and sensitive data

  • New international consortium helps shape future cybersecurity practices

    The Consortium for Cybersecurity Action (CCA), a newly-formed international consortium of government agencies and private organizations from around the world, will host a conference call  to promote the most effective approaches to cybersecurity and support eleven key developments which are shaping events