• U.K.’s first research institute to investigate the science of cyber security

    A new U.K. academic research institute, aiming to improve understanding of the science behind the growing cybersecurity threat, was announced last week; GCHQ, the U.K. intelligence agency, says that the institute, which is funded by a £3.8 million grant, is part of a cross-government commitment to increasing the U.K. academic capability in all fields of cybersecurity

  • Civilian cyber-warriors not motivated by patriotism

    Cybercrimes pose a huge societal risk and have become a hot issue globally, yet little is known about the mindset behind them; new study finds that people who commit cyber-attacks against the government also tend to download music illegally and participate in physical protests; surprisingly, however, they do not appear to be acting out of some sense of national pride or patriotism

  • Bolstering e-mail security

    On the whole, security is not a primary concern for most day-to-day e-mails, but some e-mails do contain personal, proprietary, and sensitive information, documents, media, photos, videos, and sound files; the open nature of e-mail means that they can be intercepted and if not encrypted, easily read by malicious third parties

  • Apple rejects app which tracks drone strikes against militants

    Apple has rejected an app, developed by a New York student, which tracks U.S. drone strikes in Pakistan; Apple said the app violated rule 16.1 of its guidelines, which bans “excessively objectionable or crude content”

  • FBI denies hackers’ claim that they had stolen Apple ID data

    The FBI on Tuesday disputed the claim of a computer hacker group that said it had stolen the personal identification data on millions of Apple device owners from an FBI agent’s laptop

  • Cloud OS for the U.S. intelligence community

    Cloud management specialist Adaptive Computingis partnering with the investment arm of the CIA, In-Q-Tel, to develop a cloud operating system for use by U.S. intelligence agency

  • NSF awards Norwich University a grant for computer security scholarships

    Norwich University in Vermont was awarded a $975,000 grant from the National Science Foundation’s (NSF) Scholarship for Service program; the funds will be used to support Information Assurance students; the students will fulfill the “service” obligation through employment by a government agency in their area of information assurance expertise for two years

  • U.S. always ends up regulating new technologies for public safety; the Internet is no exception

    Homeland Security News Wire’s executive editor Derek Major talked with CSIS’s James Lewis about the cybersecurity challenges the United States faces, Stuxnet, China’s hacking campaign, cyber arms control efforts, and more; on the stalled cybersecurity bill, opposed by critical infrastructure operators as being too burdensome, Lewis says: “It takes America about 20-40 years to come to terms with a new technology, but we always end up regulating it for public safety. This will be no different. We are in year 17.”

  • Most cybersecurity incidents in Europe remain undetected or not reported

    In a new report, the EU cyber security agency takes a snapshot of existing and future EU legislation on security measures and incident reporting; the analysis underlines important steps forward, but also identifies gaps in national implementation, as most incidents are not reported

  • Siemens software which controls power plants vulnerable to hackers

    RuggedCom is a Canadian subsidiary of Siemenswhich sells networking equipment for use in harsh environments with extreme and inclement weather; many critical infrastructure operators of power plants, water systems, dams, and more; a security specialist discovered a flaw in the software, a flaw which allows hackers to spy on communication of infrastructure operators and gain credentials to access computer systems which control power plants as well as other critical systems

  • U.S. may already have authority to issue infrastructure protection regulations

    While the president and Congress continue to debate the cybersecurity bill, the White House Office of Management and Budget may already have sufficient statutory authority to enact new regulations through the normal notice-and-comment rulemaking process; the basis for such regulations would be the Data Quality Act (DQA) which sets the standards for the integrity of data used by federal agencies in public disseminations

  • Obama considering executive order for infrastructure protection

    President Barack Obama is exploring whether to issue an executive order to protect the U.S. critical computer infrastructure from cyber attacks; White House sources say an executive order is being considered after a 2 August procedural vote in the Senate that all but doomed a scyberecurity bill endorsed by Obama as well as current and former national security officials from both Republican and Democratic administrations

  • The five biggest stories at Black Hat

    The annual Black Hat Briefings conference, held last week in Las Vegas, is the world’s biggest, and arguably the most important, gathering of security researchers; here are the five biggest stories to take away from last week’s Black Hat meeting in Las Vegas

  • Global air control system largely defenseless against hacking

    The ADS-b system, the multi-billion dollar communication system deployed at airports around the world over the last few years, has two major flaws: first, it has no means of verifying who is actually sending a message, which means that a hacker can impersonate an aircraft and send malicious and misleading information to control towers and to other aircraft; second, the position, velocity, and other information broadcast by aircraft is not encrypted and can be grabbed from the air; a presenter at the Black Hat cybersecurity event showed how it is possible to use the information to plot the route of Air Force Phone on an iPad; these two vulnerabilities can be easily exploited by anyone with modest technical skills and about $2,000 worth of electronics

  • Winners of the California Cyber Summer Camp Capture the Flag competition announced

    Cal Poly Pomona, in partnership with Booz Allen Hamilton and the U.S. Cyber Challenge, hosted the U.S. Cyber Challenge California Cyber Summer Camp in Pomona, California; the camp curriculum included in-depth workshops on a range of topics, including penetration testing, reverse engineering, and forensics; the week was capped off by a virtual “capture the flag” competition and awards ceremony on the last day