• Vulnerability Found in Widely Used Method for Securing Phone Data

    Researchers demonstrated a new way of attacking two different types of low-end Android phones. The attack relies on placing a radio sensor within a few centimeters of a device, close enough to detect the weak radio waves that are inadvertently emitted by a phone’s processor.

  • EU: Russia Involved in “Ghostwriter” Cyberattacks

    The European Union has warned the Kremlin that it could “consider taking further steps” over Moscow’s complicity in recent cyberattacks targeting the bloc’s members.

  • U.S. Sanctions Russian-Based Cryptocurrency Exchange for Laundering Ransomware Money

    A Russian-based cryptocurrency exchange has been sanctioned by the U.S. over its role in facilitating illegal payments from ransomware attacks. U.S. Treasury officials said it was the first sanctions leveled against a cryptocurrency exchange laundering money for cybercriminals.

  • Northeastern University Wins New CyberForce Conquer the Hill competition

    Critical U.S. infrastructure is increasingly dependent on the internet, making security a high priority. But about 500,000 cybersecurity jobs went unfilled from April 2020 through March, according to CyberSeek, a project from the National Initiative for Cybersecurity Education. To fill that skills gap, CyberForce challenges college teams to build and defend a simulated energy infrastructure from cyberattacks.

  • Cybercriminals Use Pandemic to Attack Schools and Colleges

    From Aug. 14 to Sept. 12, 2021, educational organizations were the target of over 5.8 million malware attacks, or 63% of all such attacks. Ransomware attacks alone impacted 1,681 U.S. schools, colleges and universities in 2020. Globally 44% of educational institutions were targeted by such attacks.

  • U.S.: Russia of Stonewalling on Cybercrime

    U.S. law enforcement and cyber officials say that U.S. warnings to Russian President Vladimir Putin over shielding cybercriminals holed up in Russia appear to have made little impact.

  • Teaching Vehicle Cybersecurity

    University of Detroit Mercy recently received a $1.12-million award from the United States Department of Defense (DoD) to establish the Regional Vehicle Cybersecurity Institute, a regional-based, cybersecurity consortium. “Without an increase to the workforce now, the cybersecurity risk to DoD and commercial ground vehicles will keep falling further behind the increasing threats from actors in multi-domain contested environments,” said one expert.

  • Germany Warns Russia over Cyberattacks Related to 26 September Election

    Berlin blames Russian government hackers for a recent wave of cyberattacks related to Germany’s 26 September general election. “These attacks could serve as preparations for influence operations such as disinformation campaigns connected with the parliamentary election,” Foreign Ministry spokeswoman Andrea Sasse said.

  • Critical Infrastructure Security Summit

    The Defense Strategic Institute (DSI) will hold its 2021 Critical Infrastructure Security Summit on 22-23 September 2021. The symposium will focus on defending and creating resilient systems to protect the U.S. critical infrastructure from outside threats and other dangers.

  • New Program: Hardware-Cybersecurity Education

    Many commonly reported cyberattacks focus on computer software vulnerabilities. But what about computer hardware? As complex global supply chains are stressed by the pandemic, risks increase of corporate or state espionage via hardware, such as malicious “trojan” circuits hidden on a motherboard by a shady third-party vendor.

  • Cybersecurity education to Help Communities Become More Cyber-Secure

    The NSA helps fund programs aiming to develop a community-wide K-12 cybersecurity program, support local industry and government to be more cyber resilient, and help local academic institutions to develop cybersecurity programs for students.

  • Chinese Hackers Used Cyber-Disguising Technology against Israel: Report

    Beginning in January 2019, UNC215, a Chinese government digital spy group, had hacked into Israeli government networks after using remote desktop protocols (RDPs) to steal credentials from trusted third parties.

  • What is Pegasus? Explaining How the Spyware Invades Phones and What It Does When It Gets In

    Pegasus is a spyware that can stealthily enter a smartphone and gain access to everything on it, including its camera and microphone. Pegasus is designed to infiltrate devices running Android, Blackberry, iOS and Symbian operating systems and turn them into surveillance devices.

  • The Van Buren Decision Is Good News for Cybersecurity

    In June, after years of uncertainty, the Supreme Court finally shed some light on the meaning of a notoriously vague law, the Computer Fraud and Abuse Act (CFAA). Timothy Edgar writes that one problem with CFAA was that some courts had interpreted the CFAA’s language so broadly. Justice Amy Coney Barrett’s technically informed opinion, which narrowed the scope of CFAA, was a win for civil liberties — and also a victory — not a loss — for cybersecurity. Moreover, Barrett’s opinion “offers a model for how to interpret computer crime laws.”

  • Turning Error Detection into “Secret Language” for Enhanced Data Security

    A Sandia Lab researcher, researching software error detection, has develop a method to enhance the protection of digital content like email and social media messaging.