-
What is Pegasus? Explaining How the Spyware Invades Phones and What It Does When It Gets In
Pegasus is a spyware that can stealthily enter a smartphone and gain access to everything on it, including its camera and microphone. Pegasus is designed to infiltrate devices running Android, Blackberry, iOS and Symbian operating systems and turn them into surveillance devices.
-
-
The Van Buren Decision Is Good News for Cybersecurity
In June, after years of uncertainty, the Supreme Court finally shed some light on the meaning of a notoriously vague law, the Computer Fraud and Abuse Act (CFAA). Timothy Edgar writes that one problem with CFAA was that some courts had interpreted the CFAA’s language so broadly. Justice Amy Coney Barrett’s technically informed opinion, which narrowed the scope of CFAA, was a win for civil liberties — and also a victory — not a loss — for cybersecurity. Moreover, Barrett’s opinion “offers a model for how to interpret computer crime laws.”
-
-
Turning Error Detection into “Secret Language” for Enhanced Data Security
A Sandia Lab researcher, researching software error detection, has develop a method to enhance the protection of digital content like email and social media messaging.
-
-
Chip with Secure Encryption to Bolster Fight against Hackers
Researchers have designed a computer chip that implements post-quantum cryptography efficiently. Such chips could provide protection against future hacker attacks using quantum computers.
-
-
Water Systems Vulnerable to Cyberthreats
In February, a hacker tried to manipulate the water utility’s computers in Oldsmar, Fla. so that the level of lye in the water would be raised. Joel Griffin writes that “had the perpetrator not been caught…. this cyber-attack could have resulted in actual physical harm to residents and potentially even deaths. The simplicity of this cyber-attack … also illustrates the gravity of the situation facing water utilities,” as they try to implement contemporary IT security solutions to decades-old equipment ad operational technology.
-
-
U.K., U.S. and Australia Publish Advice to Fix Global Cyber Vulnerabilities
A joint advisory from international allies is offering advice for the most publicly known software vulnerabilities. The cyber agencies share details of the top 30 vulnerabilities routinely exploited by malicious actors in 2020.
-
-
Israel Tries to Limit Fallout from the Pegasus Spyware Scandal
Israel has been trying to limit the damage the Pegasus spyware scandal is threatening to do to France-Israel relations. The Moroccan intelligence service used the software, made by an Israeli company with close ties to Israel’s defense and intelligence establishments, to spy on dozens of French officials, including fourteen current and former cabinet ministers, among them President Emmanuel Macron and former prime minister Edouard Phillipe. It would not be unreasonable for the French intelligence services to assume that there was a measure of Israeli spying on France involved here, with or without the knowledge of the Moroccans. Macron, in a phone conversation with Israel’s prime minister Naftali Bennett, pointedly asked for an explanation.
-
-
U.S. Leads Coalition Accusing China of Hacking
On 19 July, the United States joined other countries in condemning the hacking by Chinee government hackers of Microsoft Exchange email server software. Despite the condemnations, there have not been any sanctions against China for its role in the breach, leading critics to charge that the Biden’s response was weak and “not proportionate to the severity of the breach.” Abby Lemert and Eleanor Runde write that “Part of the problem is that escalatory retaliation carries special risks to a highly digitized society like the United States. Accordingly, some commentators assess that Biden’s response is properly calibrated to the risks.”
-
-
Honeypot Security Technique Can Also Stop Attacks in Natural Language Processing
Borrowing a technique commonly used in cybersecurity to defend against these universal trigger-based attacks, researchers at the Penn State College of Information Sciences and Technology have developed a machine learning framework that can proactively defend against the same types of attacks in natural language processing applications 99 percent of the time.
-
-
Maximum Privacy for Sharing Files Online
People who share documents or pictures online, or organizations which share confidential documents with employees and others, have little to no control over who views the information which is being sent and where it is being viewed. An FAU researcher has received a patent from the U.S. Patent and Trademark Office for a novel invention that controls how and when shared documents are displayed.
-
-
Biden: Russia Already Interfering in 2022 Election
President Joe Biden on Tuesday said that Russia is already interfering in the 2022 mid-term elections. Speaking after classified briefing prepared by the intelligence community, Biden said that the escalating cyberattacks by Russia and China are not only a “pure violation of our sovereignty,” but that these attacks make it more likely the United States could “end up in a real shooting war with a major power.”
-
-
Cybersecurity Technique Protects in-Vehicle Networks
Researchers developed a new machine learning-based framework to enhance the security of computer networks inside vehicles without undermining performance. This is important because of the widespread prevalence of modern automobiles which entrust control to onboard computers.
-
-
Malware Detection for Androids
Conventional antivirus and malware detection often fails to detect malware where the software signature may well be only marginally different from the original virus. Researchers have developed a new approach that can detect malicious activity at the source code level.
-
-
France Accuses China of “Vast” Cyberattacks Campaign against French Organizations, Companies
The director-general of ANSSI, France’s cyber defense agency, said France has been under a sustained and sever cyberattacks by Chinese government hackers since the beginning of the year. France has so far abstained from publicly attributing cyberattacks on its infrastructure or on French companies.
-
-
Pegasus Project Shows the Need for Real Device Security, Accountability and Redress for those Facing State-Sponsored Malware
It is no surprise that people around the world are angry to learn that surveillance software sold by NSO Group to governments has been found on cellphones worldwide. People all around the world deserve the right to have a private conversation. Communication privacy is a human right, a civil liberty, and one of the centerpieces of a free society. And while we all deserve basic communications privacy, the journalists, NGO workers, and human rights and democracy activists among us are especially at risk, since they are often at odds with powerful governments.
-
More headlines
The long view
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.