• FBI agrees with CIA: Russia’s cyberattacks campaign aimed to help Trump win election

    The U.S. intelligence and law enforcement communities are now united in their conclusion that Russian government hackers have actively intervened in the 2016 U.S. presidential elections to help Donald Trump win the presidency. FBI director James B. Comey and Director of National Intelligence James R. Clapper Jr. have strongly supported the CIA assessment, which reached the same conclusions. Trump has consistently praised Vladimir Putin and his policies – and has consistently rejected the U.S. intelligence community’s conclusions about Russian government hacking.

  • To Russia with love: Trump’s precarious path on hacking and intelligence

    The key point in the debate over Russian hacking of the U.S. 2016 presidential election is that the CIA, the Director of National Intelligence, and the Secretary of Homeland Security have drawn identical conclusions about Russian motives for hacking and propaganda during the 2016 race – to support a Trump victory. The CIA has been blunt in its most recent statement of foreign criminal hacking calculations: “It is the assessment of the intelligence community that Russia’s goal here was to favor one candidate over the other, to help Trump get elected.” In response to the CIA and interconnected findings from several other sources, Trump has openly rejected this intelligence feedback. Despite the fluidity of what intelligence can and cannot do, the high confidence of the CIA should not be automatically ignored or discredited. The fact that Trump has continued to belittle the agency and its widely echoed findings indicates a president-elect who either does not pay attention to the intelligence product, or does not understand how intelligence operates.

  • “Nightmare scenario”: Nuclear power plants vulnerable to hacking by terrorists

    Security experts fear Fukushima-like disaster as terrorists use new technology to attempt attacks. The frequency and scope of cyberattacks on nuclear plants have increased dramatically, and experts say that a successful hack is now all but inevitable. They say that nuclear plant operators should focus more on preparing to contain and limit the damage when it does occur.

  • DHS S&T transitions eighth cybersecurity technology to commercialization

    DHS S&T has announced the eighth cybersecurity technology transitioning to commercialization as a part of its Cyber Security Division’s (CSD) Transition to Practice (TTP) program. ZeroPoint has spun off as a startup company called ZeroPoint Dynamics.

  • Cybersecurity’s next phase: Cyber-deterrence

    From 2005 to 2015, federal agencies reported a 1,300 percent jump in cybersecurity incidents. Clearly, we need better ways of addressing this broad category of threats. Some of us in the cybersecurity field are asking whether cyber deterrence might help. Cyberspace will never be immune to attack – no more than our streets will be immune to crime. But with stronger cybersecurity, increased use of active cyber defenses, and international cyber norms, we can hope to at least keep a lid on the problem.

  • Trump absolves Russia, rejects U.S. intel. community evidence, over Russia’s DNC hacking

    In an astonishing statement on Wednesday, Trump again absolved Russia from responsibility for the hacking of the DNC and the Clinton campaigns. Trump told Time magazine that the U.S. intelligence was accusing Russia of the hack because of politics and that he rejected their conclusion. Democrats in both houses of Congress are pressuring the administration to disclose more details about Russia’s role in disrupting the campaign of Hillary Clinton in order to help Donald Trump win the 2016 U.S. elections. Senator Lindsey Graham (R-South Carolina) said he would lead an inquiry into the Russian operation. Graham said he would pursue inquiries via subcommittees of which he is the chair.

  • Ben-Gurion University, PayPal join forces in cybersecurity research

    Ben-Gurion University of the Negev (BGU) and PayPal announced a new partnership this morning in order to conduct joint research and development in the fields of big data, machine learning and cyber security. It is the first such collaboration between PayPal and an Israeli university. PayPal’s involvement in big-data and machine learning technology has been supported by its significant R&D activity in Israel, starting with the acquisition of Fraud Sciences in 2008 and the establishment of a global risk and data sciences R&D center in Tel-Aviv.

  • Protecting the Internet from weaknesses of many “connected” devices

    As an increasing number of devices — from cars to light bulbs to kitchen appliances — connect with computer networks, experts are raising concerns about privacy and security. Just this fall, attackers used compromised home devices, including security cameras and DVRs, to bombard an Internet infrastructure company with traffic, slowing Internet access for much of the U.S. East Coast. to address these concerns, an organization of academics and industry leaders released a report that provides guidance on how to build security and privacy protections into the emerging Internet of things (IoT).

  • Declassify information related to Russia’s meddling in the U.S. election: Lawmakers

    Senator Ron Wyden (D-Oregon) led seven members of the Senate Intelligence Committee on Wednesday in asking President Barack Obama to declassify information relating to the Russian government and the U.S. election. Russian government hackers – employed by two Russian government agencies — conducted a hacking and disinformation campaign in the run up to the election, aiming to undermine Hillary Clinton and help Donald Trump, but no evidence has emerged to suggest that the Russian government hackers interfered with the voting process itself.

  • More than 1 million Google accounts breached by Gooligan malware campaign

    Check Point Research Team says that on Tuesday, hard work done by the company’s security research teams revealed a new and alarming malware campaign. The attack campaign, named Gooligan, breached the security of over one million Google accounts. The number continues to rise at an additional 13,000 breached devices each day. The company’s research exposes how the malware roots infected devices and steals authentication tokens that can be used to access data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more.

  • Russian gov. hackers may disrupt Germany’s 2017 elections: Germany’s intel chief

    The Russian government’s broad hacking campaign to undermine Hillary Clinton’s presidential bid and help Donald Trump become the U.S. next president may well be the template Russia is following in the run-up to next year’s German general election. Russia has actively – both overtly and covertly — supported right-wing, ethno-nationalist, populist, and proto-Fascist parties like Front National in France, Golden Dawn in Greece, Ataka in Bulgaria, and Jobbik in Hungary. These parties share not only anti-immigrant policies – but they are also fiercely anti-EU and want to distance their countries from NATO. One of the major themes in the public rallies – and political platform – of the German far-right, anti-Muslim, anti-immigrant Pegida movement is that the influence of President Vladimir Putin’s Russia in Germany would be a welcome alternative to the imperial designs of the United States and Brussels.

  • Restoring power to a grid facing a cyberattack

    Currently, utility companies in North America have procedures and capacity to handle localized power outages caused by events such as extreme weather and high usage on hot days. However, there are not any tools available to resolve the type of widespread outages that can be caused using malware. Researchers from SRI International are leading a collaborative team to develop cutting-edge technology that can be used by utilities and cyber first responders to restore power to an electric grid that has come under a cyberattack.

  • Check Point identified a new, image-based method for malware dissemination

    Check Point researchers identified a new attack vector, named ImageGate, which embeds malware in image and graphic files. Furthermore, the researchers have discovered the hackers’ method of executing the malicious code within these images through social media applications such as Facebook and LinkedIn.

  • Continuously scrambling code to limit chances of hacking success

    As long as humans are writing software, there will be coding mistakes for malicious hackers to exploit. A single bug can open the door to attackers deleting files, copying credit card numbers or carrying out political mischief. A new program called Shuffler tries to preempt such attacks by allowing programs to continuously scramble their code as they run, effectively closing the window of opportunity for an attack.

  • Malware covertly turns PCs into eavesdropping devices

    Researchers have demonstrated malware that can turn computers into perpetual eavesdropping devices, even without a microphone. Using SPEAKE(a)R, malware that can covertly transform headphones into a pair of microphones, the researchers show how commonly used technology can be exploited.