News Items

  • news

    Visible to the public NSF 20-052 - Dear Colleague Letter on the Coronavirus Disease 2019 (COVID-19)

    Dear Colleague,

    In light of the emergence and spread of the coronavirus disease 2019 (COVID-19) in the United States and abroad, the National Science Foundation (NSF) is accepting proposals to conduct non-medical, non-clinical-care research that can be used immediately to explore how to model and understand the spread of COVID-19, to inform and educate about the science of virus transmission and prevention, and to encourage the development of processes and actions to address this global challenge.

  • news

    Visible to the public Call to Action to the Tech Community on New Machine Readable COVID-19 Dataset

    THE WHITE HOUSE
    Office of Science and Technology Policy

    FOR IMMEDIATE RELEASE
    March 16, 2020

    Today, researchers and leaders from the Allen Institute for AI, Chan Zuckerberg Initiative (CZI), Georgetown University's Center for Security and Emerging Technology (CSET), Microsoft, and the National Library of Medicine (NLM) at the National Institutes of Health released the COVID-19 Open Research Dataset (CORD-19) of scholarly literature about COVID-19, SARS-CoV-2, and the coronavirus group.

  • news

    Visible to the public NIST Releases Draft Security Feature Recommendations for IoT Devices

    NIST Releases Draft Security Feature Recommendations for IoT Devices

    "Core Baseline" guide offers practical advice for using everyday items that link to computer networks.

    August 01, 2019

  • news

    Visible to the public NSA-approved cybersecurity law and policy course now available online

    NSA-approved cybersecurity law and policy course now available online

    Cyber Scoop

    Shannon Vavra

    August 27th, 2019

    Anyone who is interested in cybersecurity law and policy can now take an online course that was partly shaped by National Security Agency.

  • news

    Visible to the public Verification Tool Competition

    ARCH brings together researchers and practitioners to establish a curated set of benchmarks for verification, testing and reachability, and evaluate them in a friendly competition. ARCH started in 2014 and has sustained a vibrant community since. Since 2017, ARCH has organized as a part of the workshop the International Competition on Verifying Continuous and Hybrid Systems (ARCH-COMP, https://cps-vo.org/group/ARCH/), now in its 3rd iteration.

  • news

    Visible to the public Game-theoretic Paper Wins Annual Paper Competition

    The winner of the 6th Annual Best Scientific Cybersecurity Paper Competition is How Shall We Play a Game? A Game-theoretical Model for Cyber-warfare Games by Tiffany Bao, Yan Shoshitaishvili, Ruoyu Wang, Christopher Kruegel, Giovanni Vigna, and David Brumley. These researchers are from Carnegie Mellon University and University of California, Santa Barbara. This paper was originally accepted at 30th IEEE Computer Security Foundations Symposium (CSF '17).

    To learn more visit the competition homepage: https://cps-vo.org/group/sos/papercompetition/pastcompetitions

  • news

    Visible to the public Secretary of Energy Rick Perry Announces $68.5 Million for Advanced Vehicle Technologies Research

    WASHINGTON, D.C. - Today, U.S. Secretary of Energy Rick Perry announced up to $68.5 million in available funding for early-stage research of advanced vehicle technologies that will enable more affordable mobility, strengthen domestic energy security, and enhance U.S. economic growth.

  • news

    Visible to the public 2018 NSF CPS Program Solicitation

    The 2018 Cyber-Physical Systems Program Solicitation has been released. The submission window for proposals is April 27, 2018 - May 8, 2018. Please see the full solicitation for additional details and the summary of program requirements: https://cps-vo.org/node/45729

  • news

    Visible to the public NSA SoS Lablet Call for Proposals is Open

    The National Security Agency has distributed its BAA (really a request for proposals) for its next generation of SoS Lablets. These lablets include lablets on the 5 Hard Problem areas in Science of Security, on the Science of Privacy and dealing with Cyber Physical Systems. Proposals are due August 21. While the SoS team is not the point of contact for the contracting process, we can aid in directing: https://cps-vo.org/group/SoS/contact

  • news

    Visible to the public U.S. Department of Transportation Launches Smart City Challenge to Create a City of the Future

    Smart City Challenge

  • news

    Visible to the public NEW 2016 NSF-USDA Solicitation: Innovations at the Nexus of Food, Energy, and Water Systems (INFEWS)

    Innovations at the Nexus of Food, Energy and Water Systems (INFEWS)


    Program Solicitation
    NSF 16-524

    National Science Foundation

  • news

    Visible to the public Sticky News Item

    This news item always appears at the top of the 'recent news' list because the 'pin to top of lists' box is checked under 'publishing options' below. News Items can also be set to show in the spotlight slideshow feature.

  • news

    Visible to the public Sticky News Item

    This news item always appears at the top of the 'recent news' list because the 'pin to top of lists' box is checked under 'publishing options' below. News Items can also be set to show in the spotlight slideshow feature.

  • news

    Visible to the public Watch Chicago Bears vs New York Giants Live stream free

    The New York Giants (0-1) will square off against the Chicago Bears (1-0) at Soldier Field in Chicago, Illinois on Sunday afternoon in the second game of the season for both teams.

    Watch Live Free: https://sanynow.com/live/nfl/

    The New York Giants travel to Chicago to play the Bears in Week 2 on Sep 20. Kickoff is 1 p.m. at Soldier Field.

  • news

    Visible to the public [NFL/LIVE]New York Giants vs Chicago Bears Live Stream Free

    Bears vs. Giants: How to watch live stream, TV channel, NFL start time

    Who's Playing

    New York @ Chicago

    Current Records: New York 0-1; Chicago 1-0

    Last Season Records: Chicago 8-8; New York 4-12

    Watch Live Free: https://sanynow.com/live/nfl/

    What to Know

    The Chicago Bears will be playing at home against the New York Giants at 1 p.m. ET Sunday. The Bears are the favorite in this one, with an expected 5.5-point margin of victory.

  • news

    Visible to the public (Stream/NFL) Giants vs Bears Live stream free

    The New York Giants, led by quarterback Daniel Jones, face the Chicago Bears in an NFL regular season game on Sunday, September 20, 2020 (9/20/20) at Soldier Field in Chicago, Illinois.

    Watch Live Free: https://sanynow.com/live/nfl/

    Local fans can watch the game for free via a trial of fuboTV, while out-of-market fans can watch this and all other non-primetime out-of-market games with NFL Sunday Ticket.

    Here's what you need to know:

    What: NFL, Week 2

    Who: New York Giants vs. Chicago Bears

  • news

    Visible to the public "Fatality After Hospital Hacked"

    A cyberattack on a hospital led to the death of a woman in need of urgent medical treatment. Attackers caused IT systems at the Dusseldorf University Clinic (DUC) to crash, resulting in a woman seeking medical care at the hospital having to be transported to another hospital. The 20-mile travel to a hospital in another city delayed her treatment by an hour. In addition, operations at DUC were postponed, and other emergency patients had to be redirected to alternative healthcare providers following the attack. An investigation of the cyberattack experienced by DUC revealed that threat actors exploited a vulnerability contained by widely-used commercial add-on software. This article continues to discuss how a cyberattack on DUC impacted patient care as well as the investigation of this incident.

    Infosecurity Magazine reports "Fatality After Hospital Hacked"

  • news

    Visible to the public "Maze Ransomware Adopts Ragnar Locker Virtual-Machine Approach"

    The operators of Maze ransomware have started distributing ransomware payloads via virtual machines (VM). Researchers at Sophos Managed Threat Response believe that the adversaries distribute the ransomware using virtual machines because it should help the ransomware get around endpoint defenses. The maze malware is being distributed in the form of a VirtualBox virtual disk image (a VDI file).

    Threatpost reports: "Maze Ransomware Adopts Ragnar Locker Virtual-Machine Approach"

  • news

    Visible to the public "National Guard Cybersecurity Units Ready to Protect Election"

    As the US 2020 election draws closer, some states are calling on the National Gaurd to help protect the election process against various threats, ranging from nation-state actors to garage hackers. The National Gaurd will conduct network intrusion analysis and cyberthreat hunting to bolster electoral systems in prepation for the November election. Particular areas of concern and focus include attempts to hack voter rolls and the performance of integrity attacks that would result in the digital disenfranchisement of citizens. Ten states have committed to using their Army or Air Force National Guard cybersecurity units to help protect their election process from online attacks and interference. Another 30 states are considering bringing in Guard members for election security efforts. This article continues to discuss the National Gaurd's efforts towards strengthening election security.

    BankInfoSecurity reports "National Guard Cybersecurity Units Ready to Protect Election"

  • news

    Visible to the public "Ransomware Hacking Groups Post Data from 5 Healthcare Entities"

    NetWalker, REvil, SunCrypt, and Pysa (also known as Mespinoza) ransomware hacking groups posted data on the dark web, allegedly stolen from Assured Imaging, University Hospital New Jersey, National Western Life, The College of Nurses of Ontario, and Nonin Medical. These hacking groups are taking advantage of the double extortion ransomware tactic, made popular by the Maze hacking group. In this tactic, threat actors try to maximize their chance of making a profit through threats of selling or auctioning stolen data to increase pressure on their victims to pay the demanded ransom. Pysa hackers claim that they stole data from Assured Imaging, potentially impacting more than 240,000 patients. The same group also claims to have stolen 1.55 GB of files, including data such as budget calculations, payment orders, current settlements, and more, from Nonin Medical. Other sensitive information allegedly stolen by hackers include patients' health status, images of scanned IDs, signatures, and passports. This article continues to discuss the alleged theft of data from five separate healthcare entities by different ransomware hacking groups in recent weeks and the response to these incidents.

    HealthITSecurity reports "Ransomware Hacking Groups Post Data from 5 Healthcare Entities"

  • news

    Visible to the public "QR Codes Serve Up a Menu of Security Concerns"

    Quick Response (QR) codes are booming in popularity due to the coronavirus. Since more people are using QR codes, hackers are flocking to exploit the trend. In a new study, researchers found that many people are unaware that adversaries can easily use QR codes to launch digital attacks. MobileIron found that 71 percent of the survey respondents could not distinguish between a legitimate and a malicious QR code. QR code security should gain more attention from researchers in the future. Especially since 53 percent of the respondents said they would like to see QR codes used more broadly in the future. Almost half of the surveyed participants indicated that they trusted QR codes enough to use QR codes that they received in the mail to vote.

    Threatpost reports: "QR Codes Serve Up a Menu of Security Concerns"

  • news

    Visible to the public "California Elementary Kids Kicked Off Online Learning by Ransomware"

    Adversaries have carried out a new ransomware attack against a California school district. The attack closed down remote learning for 6,000 elementary school students. The cyberattack against the Newhall School district in Valencia affected all distance learning across ten different grade schools. The adversaries carried out the ransomware attack Sunday night and into Monday morning. The adversaries have not sent an extortion demand yet.

    Threatpost reports: "California Elementary Kids Kicked Off Online Learning by Ransomware"

  • news

    Visible to the public "The Phish Scale: NIST’s New Tool Helps IT Staff See Why Users Click on Fraudulent Emails"

    Researchers at the National Institute of Standards and Technology (NIST) developed a new tool called the "Phish Scale." This tool aims at helping organizations improve their training of employees to prevent them from falling victim to phishing attacks. According to estimates from the 2020 Official Annual Cybercrime Report by Cybersecurity Ventures, global cybercrime damages will cost $6 trillion annually by 2021, doubling the estimated cost from 2015. Phishing remains one of the most common types of cybercrime. The Phish Scale uses a rating system to help Chief Information Security Officers (CISOs) understand whether a particular phishing training email is easier or harder for a specific target audience to detect. CISOs can use this tool to better understand why their organization's phishing email click rates are high or low. This article continues to discuss the goal, structure, and development of the Phish Scale.

    NIST reports "The Phish Scale: NIST's New Tool Helps IT Staff See Why Users Click on Fraudulent Emails"

  • news

    Visible to the public "Your Contacts Aren't Safe With Popular Messaging Apps, Warn Researchers"

    A team of researchers at the Technical University of Darmstadt and the University of Wurzburg conducted a study on the privacy of popular mobile messengers, including WhatsApp, Signal, and Telegram. They were able to perform practical crawling attacks on these apps using very few resources, posing a significant threat to the privacy of billions of users. Personal (meta) data stored in messengers' user profiles, such as profile pictures, status texts, and nicknames, could be gathered by querying contact discovery services for random numbers. This article continues to discuss the crawling attacks demonstrated by researchers to collect sensitive data from top mobile messengers, as well as the development of accurate behavior models using this data and the impact of this research on service providers.

    TN reports "Your Contacts Aren't Safe With Popular Messaging Apps, Warn Researchers"

  • news

    Visible to the public "DDoS Attacks Skyrocket as Pandemic Bites"

    Researchers have discovered that the first half of 2020 saw a significant increase in the number of distributed denial-of-service (DDoS) attacks compared to the same period last year. Neustar's Security Operations Center (SOC) saw a 151 percent increase in DDoS activity. Neustar also experienced one of the largest and longest attacks it has ever mitigated. The attack came in at 1.17 terabits-per-second (Tbps) and lasted five days and 18 hours.

    Threatpost reports: "DDoS Attacks Skyrocket as Pandemic Bites"

  • news

    Visible to the public "Researchers Identify the Departments and Industries Most Susceptible to Email-Based Cyber-Attacks"

    Keepnet Labs, a cybersecurity awareness and anti-phishing company, released a report that reveals the business sectors and departments most vulnerable to email-based cyberattacks. Based on the analysis of data collected from simulated phishing emails sent to more than 410,000 target users, employees in departments including Quality Management and Health, Administrative Affairs, Research and Development, and Human Resources had the highest rates of opening malicious emails, interacting with content within the emails, and submitting sensitive information back to attackers. Sectors such as Consulting, Banking, Telecommunications, and Transportation were found to have the highest chances of experiencing phishing scams. This article continues to discuss key findings from Keepnet Labs' 2020 Phishing Trends Report.

    Security Boulevard reports "Researchers Identify the Departments and Industries Most Susceptible to Email-Based Cyber-Attacks"

  • news

    Visible to the public "Are Your Devices Spying on You? Australia's Very Small Step to Make the Internet of Things Safer"

    The growing number and use of Internet of Things (IoT) devices increase users' vulnerability to attacks as these devices commonly contain security flaws. Hackers could abuse these vulnerabilities to perform malicious activities such as hijacking devices, stealing personal information, changing data, and spying on users. The Australian government is trying to reduce these risks by introducing a new code of practice to encourage IoT device manufacturers to improve the security of their devices. The code provides guidance that covers secure passwords, security patches, vulnerability reporting, the protection of consumers' personal data, and more. However, the code is voluntary. This article continues to discuss the insecurity of IoT devices, the contributing factors to poor IoT security, Australia's voluntary code of practice to make these devices more secure, other proposed IoT security guidelines, and the suggested co-regulatory approach.

    UNSW reports "Are Your Devices Spying on You? Australia's Very Small Step to Make the Internet of Things Safer"

  • news

    Visible to the public "Security Solution Traps Cybercriminals in a Virtual Network"

    Researchers at the University of Strathclyde's Center for Intelligent and Dynamic Communications are developing a new cybersecurity deception solution. Their solution, called "Lupovis," applies Artificial Intelligence (AI) to lure attackers away from sensitive assets once they have penetrated a network. Lupovis uses AI to create scenarios that lead attackers into believing they are successfully accessing assets and moving through a system when they are actually being observed by the company's Security Operations Center (SOC). According to researchers, Lupovis learns and grows more accurate as the system collects more data. This article continues to discuss how Lupovis works and how this system differs from other cybersecurity deception systems.

    Homeland Security News Wire reports "Security Solution Traps Cybercriminals in a Virtual Network"

  • news

    Visible to the public "Are Your Domain Controllers Safe From Zerologon Attacks?"

    Several proof-of-concept (POC) exploits were released for "Zerologon," a critical elevation of privilege vulnerability found in Microsoft's Netlogon Remote Protocol. The vulnerability, discovered by Secura researchers, impacts all supported Windows Server versions, but it poses the most danger to servers functioning as Active Directory domain controllers. This vulnerability derives from a flaw in a cryptographic authentication scheme used by the protocol. According to the researchers, an attacker on the local network can use the flaw to completely compromise the Windows domain. This article continues to discuss the privilege flaw found in Microsoft's Netlgon in relation to its origin, potential exploitation by attackers, and remediation.

    Help Net Security reports "Are Your Domain Controllers Safe From Zerologon Attacks?"

  • news

    Visible to the public "MFA Bypass Bugs Opened Microsoft 365 to Attack"

    Researchers have found bugs in the multi-factor authentication system used by Microsoft's cloud-based office productivity platform, Microsoft 365. The flaws exist in the implementation of what is called the WS-Trust specification in cloud environments where WS-Trust is enabled and used with Microsoft 365. Researchers say that WS-Trust is an "inherently insecure protocol." Microsoft's implementation of the standard gives attackers a number of ways to bypass multi-factor authentication and access cloud services. The flaws could allow adversaries to carry out various attacks, such as real-time phishing and channel hijacking.

    Threatpost reports: "MFA Bypass Bugs Opened Microsoft 365 to Attack"

  • news

    Visible to the public "FBI Says Credential Stuffing Attacks Are Behind Some Recent Bank Hacks"

    The FBI recently issued a private security alert to the US financial sector warning organizations of the rise in credential stuffing attacks against their networks as well as an increase in breaches and significant financial losses resulting from such attacks. Credential stuffing refers to an attack in which usernames and passwords leaked in previous data breaches are used to gain access to accounts at other online services. These attacks rely on automation to enter many username and password combinations into login pages of various online services, emphasizing the importance of not reusing the same login credentials for multiple services. According to the FBI, credential stuffing has become a major problem, particularly for banks, financial service providers, insurance companies, and investment firms. This article continues to discuss the FBI's alert about credential stuffing attacks targeting US financial institutions, which highlight the victims, impact, recent incidents, detection, and mitigation of these attacks.

    ZDNet reports "FBI Says Credential Stuffing Attacks Are Behind Some Recent Bank Hacks"

  • news

    Visible to the public "University Project Tracks Ransomware Attacks on Critical Infrastructure"

    A team of researchers at Temple University in Philadelphia has been tracking ransomware attacks on critical infrastructure. The collection of data on these attacks can be requested by anyone, including educators, grad students, government representatives, and other researchers, for class projects, dissertation literature reviews, Industrial Control System (ICS) training classes, assessing internal responses, comparing data, and more. Their work is described as a repository of critical infrastructure ransomware attacks (CIRWA). As of August 2020, the dataset contained more than 680 records of ransomware attacks documented since November 2013. This article continues to discuss the goal and potential uses of this database, as well as what is currently shown by the analysis of the data.

    Security Week reports "University Project Tracks Ransomware Attacks on Critical Infrastructure"

  • news

    Visible to the public "Virginia's Largest School System Hit With Ransomware"

    Fairfax County Public Schools (FCPS), Virginia's largest school system, recently faced a ransomware attack on its technology systems. The Maze hacking group claimed to have been behind the attack. This ransomware attack disrupted distance learning for some students and staff in that those who were affected had to switch to asynchronous learning activities during the incident. The Maze ransomware group claimed responsibility for the attack and said they stole private information from FCPS. They also published some of the data online to prove their involvement in the attack. This article continues to discuss the ransomware attack experienced by FCPS regarding its impact on learning for some students, how the Virginia school system has responded, and the group behind its launch.

    Dark Reading reports "Virginia's Largest School System Hit With Ransomware"

  • news

    Visible to the public "Telehealth is Healthcare Industry’s Biggest Cybersecurity Risk"

    Due to the coronavirus, the number of telehealth primary care visits has increased exponentially. In a new study, researchers reviewed the 148 most-used telehealth vendors. The researchers found that telehealth providers have experienced a massive increase in targeted attacks since its popularity has skyrocketed. The telehealth providers experienced a 117% increase in IP reputation security alerts.

    Help Net Security reports: "Telehealth is Healthcare Industry's Biggest Cybersecurity Risk"

  • news

    Visible to the public "Razer Gaming Fans Caught Up in Data Leak"

    A security consultant discovered a misconfigured Elasticsearch cloud cluster that exposed a segment of Razer's infrastructure to the public internet, where anyone could access the information. Razer is a company that sells gaming gear. It is not yet known if any people with malicious intent accessed the information. The information in the misconfigured cloud cluster included full names, emails, phone numbers, customer internal IDs, order numbers, order details, billing addresses, and shipping addresses. The cloud cluster included data from over 100,000 customers. The security consultant found the open cloud cluster on August 18th and alerted Razer on August 19th. It took Razer 3 weeks to fix the misconfigured cloud cluster.

    Threatpost reports: "Razer Gaming Fans Caught Up in Data Leak"

  • news

    Visible to the public "Ransomware Accounted for 41% of All Cyber Insurance Claims in H1 2020"

    A report recently published by Coalition, one of the leading providers of cyber insurance and security, revealed that ransomware incidents made up 41% of cyber insurance claims filed in the first half of 2020. The high number of claims confirms cybersecurity firms' reports that ransomware is still one of the most common threats. Coalition has also observed a rise in ransomware attacks against nearly every industry it serves. In addition to the increased frequency of ransomware attacks, the average ransom demand has risen by 47%. The cyber insurer listed Maze and DoppelPaymer as two of the most aggressive ransomware gangs. This article continues to discuss the rise in ransomware incidents as indicated by cyber insurance claims made in H1 2020, the increase in the average ransom demanded from victims, the most destructive ransomware gangs, and the spike in the number of claims for funds transfer fraud attacks and Business Email Compromise (BEC) events.

    ZDNet reports "Ransomware Accounted for 41% of All Cyber Insurance Claims in H1 2020"

  • news

    Visible to the public "Bluetooth Bug Opens Devices to Man-in-the-Middle Attacks"

    Researchers at Purdue University have discovered a flaw they are calling "BLURtooth." The high-severity Bluetooth vulnerability exists in the pairing process for Bluetooth 4.0 through 5.0 implementations. The vulnerability could allow an unauthenticated adversary within wireless range (330 feet for Bluetooth 4.0 devices, and 800 feet for Bluetooth 5.0) to eavesdrop or alter communications between paired devices.

    Threatpost reports: "Bluetooth Bug Opens Devices to Man-in-the-Middle Attacks"

  • news

    Visible to the public "Hackers Use Cloud Monitoring Tool to Install Cryptominers"

    Reports from Microsoft and Intezer reveal the weaponization of a legitimate cloud monitoring tool, called Weave Scope, to install cryptominers in cloud environments. TeamTNT is the hacking group discovered to be using the tool to perform this malicious activity. The group, initially discovered in May, used botnets to install cryptomining malware on unprotected Kubernetes and Docker systems running on top of Amazon Web Services (AWS) servers to steal AWS credentials. Weave Scope is an open-source visualization and monitoring tool from Weave Works that integrates with Docker, Kubernetes, and AWS Elastic Compute Cloud (ECS). It is now being used by the group to gain access to these cloud platforms and install cryptomining malware. This article continues to discuss TeamTNT's use of the Weave Scope tool to target cloud platforms and other recent findings of cryptomining campaigns targeting cloud platforms and containers.

    BankInfoSecurity reports "Hackers Use Cloud Monitoring Tool to Install Cryptominers"

  • news

    Visible to the public "Third-Party Components Putting Operational Hardware and Software Technologies at Risk"

    Six critical vulnerabilities have been discovered by Claroty researchers in a third-party software component used by top Industrial Control System (ICS) software vendors such as Rockwell Automation and Siemens. These vulnerabilities were found in Wibu-Systems' CodeMeter third-party license management component, which increases Operational Technology (OT) environments' exposure to exploits through phishing campaigns or direct cyberattacks. The exploitation of the vulnerabilities could allow attackers to modify existing software licenses, inject malicious ones, cause processes to crash, and more. Researchers also discovered encryption implementation issues that could be used by bad actors to execute code remotely and move laterally on OT networks. This article continues to discuss the flaws found in CodeMeter and how these vulnerabilities put OT environments at risk.

    Security Magazine reports "Third-Party Components Putting Operational Hardware and Software Technologies at Risk"

  • news

    Visible to the public "COVID-19 Sites Plagued with Third-Party Tracking, Posing Privacy Risk"

    According to a new study published in JAMA, almost all websites designed to provide information to people regarding COVID-19 symptoms, testing, and prevention contain code that transfers data to third parties, posing a threat to users' privacy. Researchers from the University of Pennsylvania Perelman School of Medicine and Carnegie Mellon University's School of Computer Science found that 95% of the 538 analyzed COVID-19-related websites included a data request from a third-party domain, and 89% had a third-party cookie. This article continues to discuss the study of third-party tracking on sites related to the pandemic, the limitations of this study, and the insufficient privacy and security of most government COVID-19 contact tracing apps across the world.

    HealthITSecurity reports "COVID-19 Sites Plagued with Third-Party Tracking, Posing Privacy Risk"

  • news

    Visible to the public "Digital Point's Unsecured Database Exposed Records of Over 800,000 Users"

    An Elasticsearch database belonging to Digital Point, the world's largest webmaster forum and marketplace for web services, was discovered to be left online without password protection. The unprotected database contained more than 62 million records belonging to over 800,000 Digital Point users. These records included emails, names, internal ID numbers, user posts, and more. According to the researchers who made the discovery, an attacker could have edited, downloaded, or deleted this data without administrative credentials. A recent study conducted by Comparitech found that cybercriminals attacked unsecured databases 18 times in a single day. These findings further highlight the importance of securing databases. This article continues to discuss the discovery of Digital Point's unprotected database and the risks associated with unsecured databases.

    CISO MAG reports "Digital Point's Unsecured Database Exposed Records of Over 800,000 Users"

  • news

    Visible to the public "Spyware Labeled ‘TikTok Pro’ Exploits Fears of US Ban"

    Researchers have discovered a malicious app called TikTok Pro. Threat actors are urging users via SMS and Whatsapp messages to download the latest version of Tiktok from a specific web address. The fake TikTok Pro app contains malware that can take over basic device functions, including capturing photos, reading and sending SMS messages, making calls, and launching apps. The malicious application can also steal victims' Facebook credentials. Once the application is downloaded, the spyware launches a fake notification, which then disappears along with the app's icon. The adversaries use the fake notification tactic to redirect the user's attention as the app hides and to make them believe the app is faulty.

    Threatpost reports: "Spyware Labeled 'TikTok Pro' Exploits Fears of US Ban"

  • news

    Visible to the public "More IT Security in Port Terminals"

    Ports are critical infrastructures and require improved security, as attacks resulting in disruptions could significantly impact the economy. Digitalized container terminal operations, in particular, face various potential security risks. The movement of transporters between ships, trucks, and trains during loading and unloading will be automated in the future, making them cyber-physical systems capable of reacting to the environment using sensors, tracking their location at terminals using actuators, and automatically processing transportation orders. These cyber-physical systems will be exposed to hacking, physical tampering, and other risks. Therefore, research scientists at the Fraunhofer Institute for Factory Operation and Automation IFF and its industry partners have developed a new technique and toolset to increase cyber-physical systems' security against attacks and to help improve supply chain security. Their solution involves using digital twins to increase critical infrastructures' resilience and applying a three-stage plan to identify, localize, and rectify malfunctions. This article continues to discuss the growing automation of container terminal operations, threats facing port operators, and the scientists' solution for protecting port terminals from cyberattacks.

    Fraunhofer reports "More IT Security in Port Terminals"

  • news

    Visible to the public Popular Android Apps Are Rife With Cryptographic Vulnerabilities"

    Researchers at Columbia University have recently released Crylogger, an open source dynamic analysis tool that shows which Android apps contain cryptographic vulnerabilities. The researchers used the tool to test 1780 popular Android apps from the Google Play Store. All of the Android applications tested broke at least one of the 26 crypto rules. Many of the applications (1775) use an unsafe pseudorandom number generator (PRNG), and 1076 of the applications use the CBC operation mode, which is vulnerable to padding oracle attacks in client-server scenarios. Most of the applications (1764) use a broken hash function (SHA1, MD2, MD5, etc.), and 820 of the applications use a static symmetric encryption key (hardcoded).

    Help Net Security reports: "Popular Android Apps Are Rife With Cryptographic Vulnerabilities"

  • news

    Visible to the public "Verizon Engineers Work to Secure the 5G Network"

    Verizon recently released details about its efforts to secure the 5G network. According to Verizon, its network security engineers are developing an Artificial Intelligence (AI) and Machine Learning (ML) security framework to detect security anomalies and analyze cell towers' performance. They are also experimenting with network accelerators, storing data fingerprints in the blockchain, and the security of connected vehicles. This article continues to discuss what 5G network security solutions that Verizon is testing and the launch of the 5G network in 35 cities across the US.

    CNET reports "Verizon Engineers Work to Secure the 5G Network"

  • news

    Visible to the public "Post-COVID-19 Cybersecurity Spending Update"

    Earlier reports have suggested that the uncertainty of the COVID-19 pandemic interrupted security budgets and spending. Organizations have held back on spending while they gain a more in-depth insight into the economic environment, as indicated by reports from practitioners of pauses in projects and hiring worldwide. However, recent findings show that those initial spending freezes may now be thawing out as organizations realize the importance of spending more to secure a remote workforce in the long run. They also recognize the need to spend more to reduce risks associated with accelerating digital transformation strategies required to support new consumer and business-to-business circumstances. This article continues to discuss findings from recent studies on the continued growth in security spending, the top cybersecurity investments since the beginning of the pandemic, and staffing increases.

    Dark Reading reports "Post-COVID-19 Cybersecurity Spending Update"

  • news

    Visible to the public "Lockdown Sees Increase in Girls Applying for GCHQ Cyber Courses"

    According to the Government Communications Headquarters (GCHQ), a British intelligence agency, there has been a significant increase in the number of young people, especially girls, applying for online cybersecurity skills courses offered by its CyberFirst program during the COVID-19 pandemic. More girls have taken part in this year's CyberFirst summer courses than last year, as indicated by the 60% increase in girls' applications. The number of girls who applied this year increased to 1,492 from 930 in 2019, and boys' applications grew to 2,398 this year from 1,824 last year. The CyberFirst courses teach young people, between the ages of 14 and 17, skills in digital forensics, ethical hacking, cryptography, and digital problem-solving. The cybersecurity skills of young girls must continue to be cultivated to increase the number of skilled security professionals and to diversify the cybersecurity workforce. This article continues to discuss the increased participation of girls in cyber courses during the pandemic, what is offered by the CybeFirst program, and the importance of addressing the cybersecurity skills gap.

    Computer Weekly reports "Lockdown Sees Increase in Girls Applying for GCHQ Cyber Courses"

  • news

    Visible to the public "CISA Pushes Vulnerability Disclosure Policies"

    The U.S. Homeland Security Department's Cybersecurity & Infrastructure Security Agency (CISA) has issued a binding operational directive (BOD) ordering federal executive branch departments and agencies to develop and publish vulnerability disclosure policies (VDPs). A BOD is a compulsory direction in support of safeguarding federal information and information systems. BOD 20-01 requires most executive branch agencies to publish a VDP as a public web page within 180 calendar days after this directive's issuance. The VDP must include which systems are in scope, what types of testing are allowed, a description of how to submit vulnerability reports, and more. This article continues to discuss the finalization, requirements, and importance of the new directive.

    Infosecurity Magazine reports "CISA Pushes Vulnerability Disclosure Policies"

  • news

    Visible to the public "Facebook Announces New Details on How It Will Disclose Bugs Found in Third-Party Products"

    Facebook has announced its first formal policy that addresses how it will disclose vulnerabilities found in third-party products by security researchers. This policy also covers how long Facebook will give the third-parties to respond, fix, and distribute a patch for discovered security bugs. According to Nathaniel Gleicher, the purpose of sharing the policy is to help everyone understand what is expected in the reporting or disclosure of bugs. This article continues to discuss what is covered by Facebook's new policy.

    SC Media reports "Facebook Announces New Details on How It Will Disclose Bugs Found in Third-Party Products"