• 4G LTE networks vulnerability allows adversaries to send fake emergency alerts

    Researchers have identified several new vulnerabilities in 4G LTE networks, potentially allowing hackers to forge the location of a mobile device and fabricate messages. The vulnerabilities would allow adversaries to send fake emergency paging messages to a large number of devices, drain a victim device’s battery by forcing it to perform expensive cryptographic operations, disconnect a device from the core network, and more.

  • U.K.'s best cyber defenders compete for chance to take on the U.S. cyber best

    Inter-ACE, now in its third year, was established to help resolve the vast and growing cyber security skills gap, with an estimated shortfall of 1.8 million workers worldwide by 2022. More than 130 students representing eighteen of the U.K.’s top cybersecurity universities battled it out at the Inter-ACE 2018 cybersecurity challenge, hosted by the University of Cambridge. The competition, supported by GCHQ’s National Cyber Security Center, and designed to attract the next generation of cybersecurity talent.

  • Higher education joint cyber security operations center launches

    Indiana University, Northwestern University, Purdue University, Rutgers University and the University of Nebraska-Lincoln have announced the launch and activation of OmniSOC, a specialized, sector-based cyber security operations center, or SOC, that provides trusted, rapid, actionable cyber intelligence to its members. OmniSOC protects five universities, hundreds of thousands of devices and tens of thousands of students and faculty from cyber threats.

  • Senate Intel Committee: Initial election security recommendations for 2018 election cycle

    The Senate Select Committee on Intelligence will hold an open hearing today, Wednesday, 21 March 2018, on the threats to election infrastructure. The hearing will cover Russian attempted attacks on state election infrastructure in 2016, DHS and FBI efforts to improve election security, and the view from the states on their cybersecurity posture. The committee yesterday made available its initial recommendations on election security after investigating Russian attempts to target election infrastructure during the 2016 U.S. elections.

  • Multi-laboratory cyber defense competition

    In little over two weeks, over a hundred college students from across the United States will convene in one of the largest cyber defense competitions in the nation. The event, hosted and funded by the U.S. Department of Energy’s (DOE) Office of Electricity Delivery and Energy Reliability’s (OE) Infrastructure Security and Energy Restoration Division, will take place on 6-7 April 2018. This event will be simultaneously hosted at three of the Department’s national laboratories: Argonne National Laboratory, Oak Ridge National Laboratory and Pacific Northwest National Laboratory.

  • NSA, UWF partner to accelerate cybersecurity degree completion, workforce development

    The University of West Florida and the National Security Agency announced a partnership to enhance cybersecurity workforce development and create accelerated pathways toward completion of an undergraduate cybersecurity degree program. The agreement allows students who complete the Joint Cyber Analysis Course to earn undergraduate credit hours at UWF. JCAC is open to active military. The six-month JCAC course is designed to train individuals with limited computer experience and make them proficient in cyber analysis.

  • To prevent cyberattacks, create agency similar to National Transportation Safety Board: Experts

    After arguably the worst year ever for cyberattacks and data breaches, Indiana University research suggests it may be time to create an independent cybersecurity agency board comparable in approach to the National Transportation Safety Board that investigates airplane crashes and train derailments.

  • Downtime of a top cloud service provider could cost U.S. economy $15 billion

    Businesses in the United States could lose $15 billion if a leading cloud service provider would experience a downtime of at least three days. A new study finds that if a top cloud provider went down, manufacturing would see direct economic losses of $8.6 billion; wholesale and retail trade sectors would see economic losses of $3.6 billion; information sectors would see economic losses of $847 million; finance and insurance sectors would see economic losses of $447 million; and transportation and warehousing sectors would see economic losses of $439 million.

  • Making network-connected systems less vulnerable

    The rise of network-connected systems that are becoming embedded seemingly everywhere–from industrial control systems to aircraft avionics–is opening up a host of rich technical capabilities in deployed systems. Even so, as the collective technology project underlying this massive deployment of connectivity unfolds, more consumer, industrial, and military players are turning to inexpensive, commodity off-the-shelf (COTS) devices with general-purpose designs applicable for a range of functionalities and deployment options. While less costly and more flexible, commodity components are inherently less secure than the single-purpose, custom devices they are replacing. DARPA says it trains its sights on the expansive attack surface of commodity off-the-shelf devices.

  • Interconnected technological risks: Responding to disruptions of cyber-physical systems

    When infectious diseases strike, the World Health Organization acts swiftly, coordinating with the U.S. Centers for Disease Control and Prevention and its foreign counterparts to contain the threat. But there is no equivalent international organization similarly dedicated to identifying and mitigating a cyberattack. The World Economic Forum (WEF), however, is bringing together infrastructure and technology developers, insurers and government officials from across the globe to develop strategies for responding to interconnected technological risks, including those that can cascade when hackers disrupt cyber-physical systems.

  • Multi-channel, nonlinear-optical processing devices to reduce cost of high-speed internet connections

    Breakthrough research could lead to a dramatic reduction in the cost and energy consumption of high-speed internet connections. Nonlinear-optical effects, such as intensity-dependent refractive index, can be used to process data thousands of times faster than what can be achieved electronically. Such processing has, until now, worked only for one optical beam at a time because the nonlinear-optical effects also cause unwanted inter-beam interaction, or crosstalk, when multiple light beams are present.

  • Innovative technologies for preventing cyberattacks

    The Department of Energy’s Pacific Northwest National Laboratory has licensed three of its most unusual technologies for preventing cyberattacks to Cynash Inc., a startup company funded by IP Group, an intellectual property commercialization company. Cynash was formed specifically to bring these three cyber protection technologies to market to provide a powerful new approach to the detection and prevention of cyberattacks. Two of the technologies, DigitalAnts and MLSTONES, are inspired by nature and biology. The third, SerialTap, addresses vulnerabilities inherent in remotely controlled physical systems common in infrastructure and manufacturing.

  • NSF awards nearly $5.7 million to protect U.S. cyberspace

    The National Science Foundation (NSF) recently gave the nation’s cybersecurity professionals a boost with the inclusion of four new universities into its CyberCorps: Scholarship for Service (SFS) program. NSF awarded nearly $5.7 million, with an expected total of almost $16.6 million over the next five years, to universities in Illinois, Maryland, Louisiana, and Texas. The schools will use the money to provide scholarships consisting of full tuition and a stipend up to $34,000 to individuals willing to work after graduation in a cybersecurity position for federal, state, local or tribal governments.

  • Proof of randomness for stronger future digital security

    Nearly all secure online traffic — from shopping to banking to communications — relies on a technique of randomly generating a number that serves as a key to unlock encrypted communication. The problem is that small programming errors can make these systems vulnerable, and those vulnerabilities can often be very difficult to detect. In an effort to block emerging threats to online security, researchers have developed a method to verify the strength of random number generators that form the basis of most encryption systems.

  • Helping secure first responder apps from cyberattacks

    In emergency and disaster situations, mobile devices and apps enable public-safety professionals to receive and share critical information in real-time, which enhances the delivery of life-saving services. As reliance on mobile technology grows, it is important that mobile apps used by public safety are free of malware or vulnerabilities.