• New Cipher System Protects Computers Against Spy Programs

    Researchers have achieved a breakthrough in computer security with the development of a new and highly efficient cipher for cache randomization. The innovative cipher addresses the threat of cache side-channel attacks, offering enhanced security and exceptional performance.

  • De-Risking Authoritarian AI

    You may not be interested in artificial intelligence, but it is interested in you. AI-enabled systems make many invisible decisions affecting our health, safety and wealth. They shape what we see, think, feel and choose, they calculate our access to financial benefits as well as our transgressions. In a technology-enabled world, opportunities for remote, large-scale foreign interference, espionage and sabotage —via internet and software updates—exist at a ‘scale and reach that is unprecedented’.

  • Sandia Helps Develop Digital Tool to Track Cloud Hackers

    Sandia programmers are helping the federal Cybersecurity and Infrastructure Security Agency (CISA) through an innovative program that enlists Microsoft cloud users everywhere to track down hackers and cyberterrorists.

  • Can You Trust AI? Here’s Why You Shouldn’t

    Across the internet, devices and services that seem to work for you already secretly work against you. Smart TVs spy on you. Phone apps collect and sell your data. Many apps and websites manipulate you through dark patterns, design elements that deliberately mislead, coerce or deceive website visitors. This is surveillance capitalism, and AI is shaping up to be part of it.

  • Bolstering Cyber Safety on Roads and Highways

    A new research center is helping prevent potential cyberattacks that could threaten to impede the safe and efficient movement of people and goods in the United States and throughout the world.

  • A New Way to Look at Data Privacy

    Researchers create a privacy technique that protects sensitive data while maintaining a machine-learning model’s performance. The researchers created a new privacy metric, which they call Probably Approximately Correct (PAC) Privacy, and built a framework based on this metric that can automatically determine the minimal amount of noise that needs to be added.

  • Satellite Security Lags Decades Behind the State of the Art

    Thousands of satellites are currently orbiting the Earth, and there will be many more in the future. Researchers analyzed three current low-earth orbit satellites and found that, from a technical point of view, hardly any modern security concepts were implemented. Various security mechanisms that are standard in modern mobile phones and laptops were not to be found.

  • Chinese Intelligence-Linked Hackers Targeted U.S. Government Agencies in Microsoft Hack

    Hackers linked to China’s intelligence agencies, are behind a monthlong campaign that breached some unclassified U.S. email systems, allowing them to access to a small number of accounts at the U.S. State Department and a handful of other organizations.

  • Stressed for a Bit? Then Don’t Click It, Cybersecurity Experts Advise

    Workers feeling a specific form of stress are more likely than others to become the victims of a phishing attack. Phishing psychology study explores what makes workers vulnerable.

  • Recent Chinese Cyber Intrusions Signal a Strategic Shift

    On 25 May, Australia and its partners in the Five Eyes intelligence-sharing network—Canada, New Zealand, the UK and the US—made a coordinated disclosure on a state-sponsored cyber hacking group dubbed ‘Volt Typhoon’. The group has been detected intruding on critical infrastructure since 2021, but the nature of recent intelligence on its behavior hints at worrying developments in the Chinese cyber establishment.

  • Researchers Devise a Way to Evaluate Cybersecurity Methods

    A savvy hacker can obtain secret information, such as a password, by observing a computer program’s behavior, like how much time that program spends accessing the computer’s memory. Security approaches that completely block these “side-channel attacks” are so computationally expensive, so engineers often apply what are known as obfuscation schemes. MIT researchers have developed a system which analyzes the likelihood that an attacker could thwart a certain security scheme to steal secret information.

  • U.S. Agencies Buy Vast Quantities of Personal Information on the Open Market – a Legal Scholar Explains Why and What It Means for Privacy in the Age of AI

    The issues pf the protection of personal information in the digital age is increasingly urgent. Today’s commercially available information, coupled with the now-ubiquitous decision-making artificial intelligence and generative AI like ChatGPT, significantly increases the threat to privacy and civil liberties by giving the government access to sensitive personal information beyond even what it could collect through court-authorized surveillance.

  • As Cybercrime Evolves, Organizational Resilience Demands a Mindset Shift

    Facing the threat of state-sponsored cyberattack groups, the financial motivations of organized cybercrime gangs and the reckless ambitions of loosely knit hacktivist collectives, organizations are fighting a cybersecurity battle on multiple fronts.

  • From Wadham to GCHQ and Back: Robert Hannigan on Cybercrime, Spying and the AI Tsunami Coming Our Way

    Is the much-vaunted cyber-Armageddon likely or even possible? One experts says that “‘State cyber threats do get overplayed. They can’t do everything and countries over-estimate their cyber capabilities – just as they over estimate their military capability.” The expert  insists, however, that “The challenges are ‘moving very fast’, as potential attackers learn fast.”

  • To Pay or Not to Pay? Ransomware Attacks Are the New Kidnapping

    Over the past several years, ransomware attacks have become a persistent national security threat. The inability to respond effectively to this challenge has normalized what should be intolerable: organized cybercriminals harbored by hostile states regularly disrupting and extorting businesses and essential services, causing misery in the process.