• What is Pegasus? Explaining How the Spyware Invades Phones and What It Does When It Gets In

    Pegasus is a spyware that can stealthily enter a smartphone and gain access to everything on it, including its camera and microphone. Pegasus is designed to infiltrate devices running Android, Blackberry, iOS and Symbian operating systems and turn them into surveillance devices.

  • The Van Buren Decision Is Good News for Cybersecurity

    In June, after years of uncertainty, the Supreme Court finally shed some light on the meaning of a notoriously vague law, the Computer Fraud and Abuse Act (CFAA). Timothy Edgar writes that one problem with CFAA was that some courts had interpreted the CFAA’s language so broadly. Justice Amy Coney Barrett’s technically informed opinion, which narrowed the scope of CFAA, was a win for civil liberties — and also a victory — not a loss — for cybersecurity. Moreover, Barrett’s opinion “offers a model for how to interpret computer crime laws.”

  • Turning Error Detection into “Secret Language” for Enhanced Data Security

    A Sandia Lab researcher, researching software error detection, has develop a method to enhance the protection of digital content like email and social media messaging.

  • Chip with Secure Encryption to Bolster Fight against Hackers

    Researchers have designed a computer chip that implements post-quantum cryptography efficiently. Such chips could provide protection against future hacker attacks using quantum computers.

  • Water Systems Vulnerable to Cyberthreats

    In February, a hacker tried to manipulate the water utility’s computers in Oldsmar, Fla. so that the level of lye in the water would be raised. Joel Griffin writes that “had the perpetrator not been caught…. this cyber-attack could have resulted in actual physical harm to residents and potentially even deaths. The simplicity of this cyber-attack … also illustrates the gravity of the situation facing water utilities,” as they try to implement contemporary IT security solutions to decades-old equipment ad operational technology.

  • U.K., U.S. and Australia Publish Advice to Fix Global Cyber Vulnerabilities

    A joint advisory from international allies is offering advice for the most publicly known software vulnerabilities. The cyber agencies share details of the top 30 vulnerabilities routinely exploited by malicious actors in 2020.

  • Israel Tries to Limit Fallout from the Pegasus Spyware Scandal

    Israel has been trying to limit the damage the Pegasus spyware scandal is threatening to do to France-Israel relations. The Moroccan intelligence service used the software, made by an Israeli company with close ties to Israel’s defense and intelligence establishments, to spy on dozens of French officials, including fourteen current and former cabinet ministers, among them President Emmanuel Macron and former prime minister Edouard Phillipe. It would not be unreasonable for the French intelligence services to assume that there was a measure of Israeli spying on France involved here, with or without the knowledge of the Moroccans. Macron, in a phone conversation with Israel’s prime minister Naftali Bennett, pointedly asked for an explanation.

  • U.S. Leads Coalition Accusing China of Hacking

    On 19 July, the United States joined other countries in condemning the hacking by Chinee government hackers of Microsoft Exchange email server software. Despite the condemnations, there have not been any sanctions against China for its role in the breach, leading critics to charge that the Biden’s response was weak and “not proportionate to the severity of the breach.” Abby Lemert and Eleanor Runde write that “Part of the problem is that escalatory retaliation carries special risks to a highly digitized society like the United States. Accordingly, some commentators assess that Biden’s response is properly calibrated to the risks.”

  • Honeypot Security Technique Can Also Stop Attacks in Natural Language Processing

    Borrowing a technique commonly used in cybersecurity to defend against these universal trigger-based attacks, researchers at the Penn State College of Information Sciences and Technology have developed a machine learning framework that can proactively defend against the same types of attacks in natural language processing applications 99 percent of the time.

  • Maximum Privacy for Sharing Files Online

    People who share documents or pictures online, or organizations which share confidential documents with employees and others, have little to no control over who views the information which is being sent and where it is being viewed. An FAU researcher has received a patent from the U.S. Patent and Trademark Office for a novel invention that controls how and when shared documents are displayed.

  • Biden: Russia Already Interfering in 2022 Election

    President Joe Biden on Tuesday said that Russia is already interfering in the 2022 mid-term elections. Speaking after classified briefing prepared by the intelligence community, Biden said that the escalating cyberattacks by Russia and China are not only a “pure violation of our sovereignty,” but that these attacks make it more likely the United States could “end up in a real shooting war with a major power.”

  • Cybersecurity Technique Protects in-Vehicle Networks

    Researchers developed a new machine learning-based framework to enhance the security of computer networks inside vehicles without undermining performance. This is important because of the widespread prevalence of modern automobiles which entrust control to onboard computers.

  • Malware Detection for Androids

    Conventional antivirus and malware detection often fails to detect malware where the software signature may well be only marginally different from the original virus. Researchers have developed a new approach that can detect malicious activity at the source code level.

  • France Accuses China of “Vast” Cyberattacks Campaign against French Organizations, Companies

    The director-general of ANSSI, France’s cyber defense agency, said France has been under a sustained and sever cyberattacks by Chinese government hackers since the beginning of the year. France has so far abstained from publicly attributing cyberattacks on its infrastructure or on French companies.

  • Pegasus Project Shows the Need for Real Device Security, Accountability and Redress for those Facing State-Sponsored Malware

    It is no surprise that people around the world are angry to learn that surveillance software sold by NSO Group to governments has been found on cellphones worldwide. People all around the world deserve the right to have a private conversation. Communication privacy is a human right, a civil liberty, and one of the centerpieces of a free society. And while we all deserve basic communications privacy, the journalists, NGO workers, and human rights and democracy activists among us are especially at risk, since they are often at odds with powerful governments.