• Using AI to Develop Enhanced Cybersecurity Measures

    Using artificial intelligence to address several critical shortcomings in large-scale malware analysis, researchers are making significant advancements in the classification of Microsoft Windows malware and paving the way for enhanced cybersecurity measures.

  • U.S. Disrupts Botnet China Used to Conceal Hacking of Critical Infrastructure

    In December 2023, the FBI disrupted a botnet of hundreds of U.S.-based small office/home office (SOHO) routers hijacked by People’s Republic of China (PRC) state-sponsored hackers. The Chinese government hackers used privately-owned SOHO routers infected with the “KV Botnet” malware to conceal the PRC origin of further hacking activities directed against U.S. critical infrastructure and the critical infrastructure of other foreign victims.

  • Identifying Types of Cyberattacks That Manipulate Behavior of AI Systems

    AI systems can malfunction when exposed to untrustworthy data – what is called “adversarial machine learning” — and attackers are exploiting this issue. New guidance documents the types of these attacks, along with mitigation approaches. No foolproof method exists as yet for protecting AI from misdirection, and AI developers and users should be wary of any who claim otherwise.

  • Hidden Fortunes and Surprising Overestimations in Cybercrime Revenue

    To what extent methodological limitations and incomplete data impact the revenue estimations of cybercriminal groups using the Bitcoin blockchain was largely unknown. A new study challenges existing figures regarding cybercriminals’ Bitcoin earnings to date, revealing the full scale of the financial impact of cybercriminal activity.

  • Why Federal Efforts to Protect Schools from Cybersecurity Threats Fall Short

    In August 2023, the White House announced a plan to bolster cybersecurity in K-12 schools – and with good reason. Between 2018 and mid-September 2023, there were 386 recorded cyberattacks in the U.S. education sector and cost those schools $35.1 billion. K-12 schools were the primary target. While the steps taken by the White House are positive, as someone who teaches and conducts research about cybersecurity, I don’t believe the proposed measures are enough to protect schools from cyberthreats.

  • AI Networks Are More Vulnerable to Malicious Attacks Than Previously Thought

    Artificial intelligence tools hold promise for applications ranging from autonomous vehicles to the interpretation of medical images. However, a new study finds these AI tools are more vulnerable than previously thought to targeted attacks that effectively force AI systems to make bad decisions.

  • Interference-Free Elections? How Quaint!

    There are three major elections taking place in 2024: in Taiwan, the United States, and Russia. So, what are the chances that we’ll see cyber-enabled disruption campaigns targeting each of these polls? Tom Uren writes that in the case of the upcoming U.S. election, it seems inevitable.

  • New CPU Vulnerability Makes Virtual Machine Environments Vulnerable

    Researchers have identified a security vulnerability that could allow data on virtual machines with AMD processors to fall under the control of attackers.

  • Is the Fear of Cyberwar Worse Than Cyberwar Itself?

    Unrealistic cyberwar expectations could hold the insurance industry back, and that’s the real economic security problem. The “hyperbolic characterization of cyberwar is likely a bigger problem than the threat of cyberwar itself. The problem is one of economic security,” Tom Johansmeyer writes.

  • From ********* to EZacces$! Your Browser Extension Could Grab Your Password and Sensitive Info

    When you type a password or credit card number into a website, you expect that your sensitive data will be protected by a system designed to keep it secure. That’s not always the case.

  • EPA Cancels Certain Cyber Regulations for Water Utilities

    Following growing concerns about the cybersecurity of the U.S. water infrastructure, the EPA announced this week it will no longer require cybersecurity audits of water utility facilities through sanitary surveys.

  • Study of Wartime Deepfakes Reveals Their Impact on News Media

    Deepfakes are artificially manipulated audio-visual material. A new study, the first empirical analysis of the use of deepfakes in wartime misinformation and propaganda, examined tweets about deepfakes during the Russo-Ukrainian war, demonstrating that deepfakes undermine peoples trust generally in news media.

  • New Cyber Algorithm Shuts Down Malicious Robotic Attack

    Researchers have designed an algorithm that can intercept a man-in-the-middle (MitM) cyberattack on an unmanned military robot and shut it down in seconds.

  • Critical Vulnerabilities Found within Major LLMs

    Large Language Models (LLMs) such as ChatGPT and Bard have taken the world by storm this year, with companies investing millions to develop these AI tools, and some leading AI chatbots being valued in the billions. Computer scientists have demonstrated that chunks of these LLMs can be copied in less than a week for as little as $50, and the information gained can be used to launch targeted attacks.

  • Responsible AI Initiative Seeks to Solve Societal Problems

    With a $100 million investment, a new research initiative focuses on artificial intelligence (AI) that aims to responsibly use advanced AI technology to tackle societal issues.