News Items

  • news

    Visible to the public Logical Foundations of Cyber-Physical Systems (15-424)

    This video sequence accompanies the textbook on Logical Foundations of Cyber-Physical Systems, which teaches undergraduate students the core principles behind CPSs. Designing algorithms for CPSs is challenging due to their tight coupling with physical behavior, while it is vital that these algorithms be correct because we rely on them for safety-critical tasks.

  • news

    Visible to the public 2019 SaTC PI Meeting – Save the Dates

    The 2019 SATC PI meeting will be held at the Hilton Alexandria Mark Center in Alexandria, VA at 5000 Seminary Rd, Alexandria, VA 22311 from October 27-29, 2019. More details regarding registration will be sent shortly, and will be available through https://cps-vo.org/group/satc-pimtg19.

  • news

    Visible to the public Verification Tool Competition

    ARCH brings together researchers and practitioners to establish a curated set of benchmarks for verification, testing and reachability, and evaluate them in a friendly competition. ARCH started in 2014 and has sustained a vibrant community since. Since 2017, ARCH has organized as a part of the workshop the International Competition on Verifying Continuous and Hybrid Systems (ARCH-COMP, https://cps-vo.org/group/ARCH/), now in its 3rd iteration.

  • news

    Visible to the public Game-theoretic Paper Wins Annual Paper Competition

    The winner of the 6th Annual Best Scientific Cybersecurity Paper Competition is How Shall We Play a Game? A Game-theoretical Model for Cyber-warfare Games by Tiffany Bao, Yan Shoshitaishvili, Ruoyu Wang, Christopher Kruegel, Giovanni Vigna, and David Brumley. These researchers are from Carnegie Mellon University and University of California, Santa Barbara. This paper was originally accepted at 30th IEEE Computer Security Foundations Symposium (CSF '17).

    To learn more visit the competition homepage: https://cps-vo.org/group/sos/papercompetition/pastcompetitions

  • news

    Visible to the public Getting Started on Science Fair Projects

    What makes a great cyber science fair project? The SoS-VO has a node for that...

  • news

    Visible to the public Secretary of Energy Rick Perry Announces $68.5 Million for Advanced Vehicle Technologies Research

    WASHINGTON, D.C. - Today, U.S. Secretary of Energy Rick Perry announced up to $68.5 million in available funding for early-stage research of advanced vehicle technologies that will enable more affordable mobility, strengthen domestic energy security, and enhance U.S. economic growth.

  • news

    Visible to the public 2018 NSF CPS Program Solicitation

    The 2018 Cyber-Physical Systems Program Solicitation has been released. The submission window for proposals is April 27, 2018 - May 8, 2018. Please see the full solicitation for additional details and the summary of program requirements: https://cps-vo.org/node/45729

  • news

    Visible to the public NSA SoS Lablet Call for Proposals is Open

    The National Security Agency has distributed its BAA (really a request for proposals) for its next generation of SoS Lablets. These lablets include lablets on the 5 Hard Problem areas in Science of Security, on the Science of Privacy and dealing with Cyber Physical Systems. Proposals are due August 21. While the SoS team is not the point of contact for the contracting process, we can aid in directing: https://cps-vo.org/group/SoS/contact

  • news

    Visible to the public U.S. Department of Transportation Launches Smart City Challenge to Create a City of the Future

    Smart City Challenge

  • news

    Visible to the public NEW 2016 NSF-USDA Solicitation: Innovations at the Nexus of Food, Energy, and Water Systems (INFEWS)

    Innovations at the Nexus of Food, Energy and Water Systems (INFEWS)


    Program Solicitation
    NSF 16-524

    National Science Foundation

  • news

    Visible to the public Sticky News Item

    This news item always appears at the top of the 'recent news' list because the 'pin to top of lists' box is checked under 'publishing options' below. News Items can also be set to show in the spotlight slideshow feature.

  • news

    Visible to the public Sticky News Item

    This news item always appears at the top of the 'recent news' list because the 'pin to top of lists' box is checked under 'publishing options' below. News Items can also be set to show in the spotlight slideshow feature.

  • news

    Visible to the public "Consumer IoT Devices Are Compromising Enterprise Networks"

    The number of consumer Internet of Things (IoT) devices connected to enterprise networks has increased significantly. According to the 2019 IoT Threats Report, which highlights findings of a study conducted by researchers at Zscaler ThreatLabZ, many IoT data transactions conducted within the enterprise network are poorly encrypted. The top four IoT devices found in these business environments include set-up boxes, smart TVs, smart watches, and media players. This study brings further attention to the security challenges associated with a BYOD (bring your own device) environment. This article continues to discuss findings of the study in relation to the connection of consumer-grade IoT devices to enterprise networks, the security risks posed by this connection, and security challenges faced by organizations with BYOD environments.

    Dark Reading reports "Consumer IoT Devices Are Compromising Enterprise Networks"

  • news

    Visible to the public "Ransomware Not Gone but More Targeted, Report Says"

    According to the Q1 Global Threat Landscape Report recently released by Fortinet, the launch of ransomware has decreased. However, this form of malware has become more targeted. Ransomware is being tailored more for high-profile targets that could allow attackers to gain access to entire networks. The recent ransomware attack on the Norwegian aluminum company, Norse Hydro ASA, and two U.S.-based chemical companies, Hexion and Momentive, known as LockerGoga is an example of targeted ransomware. This article continues to discuss recent observations surrounding ransomware as well as the tools used to execute cyberattacks and the trend of shared infrastructure between threats.

    Infosecurity Magazine reports "Ransomware Not Gone but More Targeted, Report Says"

  • news

    Visible to the public "Middle East-Linked Hacking Group Is Working Hard to Mask Its Moves"

    Researchers from Cisco's Talos have discovered that the hacking group supposedly linked to the Middle East, called BlackWater, is trying to mask its activities by circumventing host-based signatures and Yara signatures. According to researchers, these hackers have been successful at evading detection systems through the use of PowerShell stager attacks and a Visual Basic for Applications (VBA) script in addition to a separate command and control server. The actors behind BlackWater and the Iranian threat group, MuddyWater, are believed to be related as the code used by the two groups is the same and their targets are similar. This article continues to discuss the BlackWater hacking group in relation to its obfuscating tactics, tools, targets, and supposed links.

    CyberScoop reports "Middle East-Linked Hacking Group Is Working Hard to Mask Its Moves"

  • news

    Visible to the public "Database May Have Exposed Instagram Data for 49 Million"

    It has been identified, that there has been a potential leak of personally identifiable information from Instagram. There was an online database discovered which contained 49 million Instagram users private information, including their email addresses and phone numbers. It was discovered during the investigation, that Chrtbox, a social media company, had stored the information onto the database. Chrtbox is located in India. The database, which was hosted on Amazon Web Services, was left open without password protection on the internet. Chrtbox has since pulled the database offline.

    BankInfoSecurity reports: "Database May Have Exposed Instagram Data for 49 Million"

  • news

    Visible to the public "Google Research: Most Hacker-For-Hire Services Are Frauds"

    According to new research conducted by Google and academics at the University of California, San Diego, most hacker-for-hire services offered online are fraudulent and unsuccessful. The research conducted behind this discovery involved engaging with 27 account hacking service providers and setting up honey pot Gmail accounts. Out of the 27 hacking services, only five executed attacks against the honey pot Gmail accounts. These attacks were performed using social engineering tactics. This article continues to discuss the study in relation to how it was conducted by researchers, along with key observations pertaining to hacking services' techniques, pricing, and responses to inquiries.

    ZDNet reports "Google Research: Most Hacker-For-Hire Services Are Frauds"

  • news

    Visible to the public "Industrial Robotics - Are You Increasing Your Cybersecurity Risk?"

    Industrial robots have been used to support product manufacturing, productivity, and safety. Though there has not been a wave of cyberattacks against industrial robots that we know of, such robots are expected to become a more attractive target for hackers as the costs of such technology decrease and number of robots increases. Researchers have already demonstrated proof-of-concept (POC) attacks on well-known robots in which ransomware was executed. As cyberattacks on robots in industrial environments can impact the operation of businesses and the physical safety of workers, it is important that the security of such technology is improved through further research and developments. This article continues to discuss the growing use of robots in industrial environments, challenges associated with industrial robots, the cybersecurity risks raised by these robots, and the importance of designing robots with security in mind.

    Security Week reports "Industrial Robotics - Are You Increasing Your Cybersecurity Risk?"

  • news

    Visible to the public "Researchers: Aircraft Landing Systems Vulnerable"

    Researchers from Khoury College of Computer Sciences at Northeastern University in Boston have demonstrated the vulnerability of aircraft landing systems to spoofing attacks, which could be launched by attackers to misguide planes into missing runways. The possibility of spoofing wireless signals to critical aircraft landing systems have been demonstrated by researchers through the use of inexpensive software-defined radios (SDRs). It has been emphasized that most wireless systems used by aviation technology are vulnerable to cyber-physical attacks. The research is detailed in a paper, titled Wireless Attacks on Aircraft Instrument Landing Systems. This article continues to discuss how this study was conducted by researchers, the guidance systems used by modern airplanes, the attacks demonstrated against these navigation tools, and the need for more research in regard to building more secure aircraft landing systems.

    ISMG Network reports "Researchers: Aircraft Landing Systems Vulnerable"

  • news

    Visible to the public "How effective are login challenges at preventing Google account takeovers?"

    Despite the increased use of implementation of bugs that might affect the security of physical security keys, Google argues that physical security keys are still the strongest protection against phishing currently available. On-device prompts and SMS codes are also extremely successful at blocking account hijacking attacks that are caused by automated bots and bulk phishing attacks. On-device prompts and SMS codes still can be bypassed by attackers with some level of skill that focus on targeting specific users. Knowledge-based challenges (recovery phone number, last sign-in location, etc.) are fantastic at stopping bots, but are not very good at preventing bulk phishing and targeted attacks. In the event of a suspicious sign-in attempt, Google's risk analysis engine selects the strongest challenge that an account's legitimate owner should ideally be able to solve. Google's research has shown that simply adding a recovery phone number to one's Google Account can block up to 100% of automated bots, 99% of bulk phishing attacks, and 66% of targeted attacks. Google is urging medium to low risk users to choose strong and unique passwords, set up a recovery phone number or email address and to set up two-factor authentication to decrease likelihood of successful attacks. Google has also urged high-risk users to start using Advanced Protection Program, which requires the use of a physical keys, and limits full access to users' Gmail and Drive to specific apps, and also adds extra steps to the account recovery process. If these procedures are followed, then attacks will be much less likely to be successful.

    HELPNETSECURITY reports: "How effective are login challenges at preventing Google account takeovers?"

  • news

    Visible to the public "Lack of Secure Coding Called a National Security Threat"

    The lack of secure coding is a pervasive and serious threat to national security. In order to fix the problem of coders not performing secure coding, one needs to come up with an objective standard, and a legislative mandate that requires a certain level of assurance to provide an assured product. Fixing this problem will not be easy, due to the problems of speed-to-market pressures and the sheer number of IoT devices being produced. Even though it will be tough to fix, it is important that one takes unsecured coding seriously, in order to help keep individuals information more secure and so software can be produced that is less vulnerable to attacks.

    Bank Info Security reports: "Lack of Secure Coding Called a National Security Threat"

  • news

    Visible to the public "Bluetooth's Complexity Has Become a Security Risk"

    Bluetooth security vulnerabilities arise on account of the protocol's complexity. The documentation for the Bluetooth standard is significantly longer and more comprehensive than the material provided for other wireless protocols, making it increasingly complex and difficult for manufacturers to handle. According to Ken Kolderup, vice president of marketing at the Bluetooth Special Interest Group (SIG), the standard's documentation is extensive because it defines a radio frequency for the standard and covers components of hardware, applications, and more, in order to ensure that interoperability between Bluetooth devices is enabled. This article continues to discuss vulnerabilities associated with the Bluetooth standard, the complexity of the Bluetooth standard, recent discoveries in relation to Bluetooth implementation and configuration issues, and how the Bluetooth SIG plans to help improve to the security of Bluetooth implementations.

    Wired reports "Bluetooth's Complexity Has Become a Security Risk"

  • news

    Visible to the public "EU Approves Cyber-Attack Sanctions Ahead of Election"

    The European Union (EU) has agreed upon the enforcement of new cyber sanctions that would penalize cyberattackers by freezing their assets and banning them from traveling. The aim of the automatic set of sanctions is to discourage the future launch of cyberattacks as malicious actors have made attempts at attacking the EU's critical infrastructure, stealing commercial secrets, and more. This article continues to discuss the EU's approval of a cyber sanctions regime plan, the aim of cyberattack sanctions, and recent high-profile cyberattacks against the EU.

    Engadget reports "EU Approves Cyber-Attack Sanctions Ahead of Election"

  • news

    Visible to the public "Will the U.S. Government Draft Cybersecurity Professionals?"

    The National Commission on Military, National, and Public Service, is considering modernizing the Selective Service System (SSS) to include the possible conscription of those that are highly skilled in cybersecurity. One of the goals of this modification is to recruit and promote cybersecurity experts that are of greater age with a lot of experience, thus focusing on experts that are 30 or older. This article continues to discuss the possible compulsory enlistment of cybersecurity experts to serve in the military and civil service, current Selective Service rules, changing the shape of the military with cybersecurity professionals, and the increased deployment of more experienced security practitioners by the U.S. Army Cyber Command.

    CSO Online reports "Will the U.S. Government Draft Cybersecurity Professionals?"

  • news

    Visible to the public Winners of the 2019 NSA Research Directorate Awards at ISEF 2019

    Phoenix, AZ - On Thrusday Night, May 16, 2019, The National Security Agency Executive Director, Mr. Harry Coker, and NSA Researcher and Science of Security and Privacy (SoS) Technical Lead, Dr. Adam Tagert, presented the NSA Research Directorate Awards to 10 outstanding high school scientists. These students were finalists at the 2019 Intel International Science and Engineering Fair (ISEF).

  • news

    Visible to the public "How to Break Our Bad Online Security Habits – with a Flashing Cyber Nudge"

    Cyberattacks continue to rise as a result of human error, the growing complexity of technology, and the increasing sophistication of attack methods. It is important that methods for encouraging good cybersecurity behaviors continue to be explored and developed. A circuit board, called the Adafruit Circuit Playground, can be used to nudge end users into following proper cybersecurity practices. This article continues to discuss privacy fatigue, the exploitation of users' busyness to launch attacks, approaches to breaking bad cybersecurity habits, and the idea behind the Adafruit Circuit Playground.

    Phys.org reports "How to Break Our Bad Online Security Habits - with a Flashing Cyber Nudge"

  • news

    Visible to the public 2019 Music City BEST Season Registration is Open!

    I am excited to announce the 2019 Season Dates! This year's game is "Off the Grid". Team registration is now open.

    • Kickoff - 09/21/19 - Allen Arena
    • Practice (late afternoon practice, time is TBD) - 10/26/19 - McQuiddy Gym
    • Game Day - 11/02/19 - Allen Arena

    This should be a fun challenge and very relevant to existing technical challenge in several US locations.

  • news

    Visible to the public "Unsecured Survey Database Exposes Info of 8 Million People"

    An independent security researcher, named Sanyam Jain, discovered an unsecured Elasticsearch database, which exposed personal information belonging to 8 million people who have responded to online surveys, entered sweepstakes, and requested free product samples. The information exposed by this database included full names, home addresses, email addresses, IP addresses, phone numbers, and more. A performance-based marketing company, named Ifficient, was found to be the owner of the database. This article continues to discuss the discovery of the unsecured database, what information was exposed, and Ifficient's response to this discovery.

    Bleeping Computer reports "Unsecured Survey Database Exposes Info of 8 Million People"

  • news

    Visible to the public "Blockchains Are Being Exploited by Bots for Profit"

    New research conducted at Cornell Tech brings attention to the exploitation of weaknesses in blockchains by attackers through the use of bots for the purpose of gaining profit. The blockchain is a decentralized distributed ledger used to process and finalize cryptocurrency transactions. According to researchers, bots are exploiting time delays in the blockchain system in order to make trades at a higher speed than humans. As a result, bots can have access to information in advance, which could be used to make deals. This article continues to discuss blockchain technology, research discoveries surrounding the inefficiencies of the blockchain system, and the exploitation of these weaknesses by an army of bots.

    Homeland Security News Wire reports "Blockchains Are Being Exploited by Bots for Profit"

  • news

    Visible to the public "Billions of Malicious Bot Attacks Take to Cipher-Stunting to Hide"

    In addition to the growing advancement of malware development, cybercriminals are also increasing the complexity of the ways in which they evade detection. According to researchers at Akamai, attackers have been observed to be increasing their use of a TLS tampering technique, called cipher stunting, which masks malicious bot activity as live human traffic on the web, thus allowing detection attempts to be evaded. This article continues to discuss the concept, increased performance, and targets of cipher stunting.

    Threatpost reports "Billions of Malicious Bot Attacks Take to Cipher-Stunting to Hide"

  • news

    Visible to the public "CyberPatriot Competitions Offer Answers to U.S. Cybersecurity Workforce Challenges"

    A section in the new Executive Order on America's Cybersecurity Workforce calls for the establishment of more cyber competitions in support of raising awareness about the cybersecurity field, cultivating cyber skills, and sustaining a national cybersecurity workforce. It is important that efforts are made to further prepare the next generation of cybersecurity professionals. The CyberPatriot Program, created by the Air Force Association, is aimed at developing the cyber skills of middle school and high school students, and encouraging them to explore career paths in cybersecurity or other STEM disciplines. This article continues to discuss the objective of CyberPatriot and its National Youth Cyber Defense Competitions.

    GovTech reports "CyberPatriot Competitions Offer Answers to U.S. Cybersecurity Workforce Challenges"

  • news

    Visible to the public "Before Blaming Hackers, Check Your Configurations"

    Widely-used cloud platforms, such as Office 365 from Microsoft or G-Suite from Google are often administered by IT professionals tasked with all aspects of configuration; security is not their primary focus. Most Software as a Service (SaaS), have default settings that are tuned to empower end-users with full control over collaboration and data access. The default setting are usually configured to easy access and usability instead of better security. Users of SaaS should look at the default settings and change them to be focus more on security. Improving configuration management in SaaS applications can minimize the risk of data loss, phishing campaigns and can help prevent breaches.

    InfoSecurity reports: "Before Blaming Hackers, Check Your Configurations"

  • news

    Visible to the public "How AI Augments Mobile Authentication"

    The U.S. Department of Defense recently awarded a 20-month $2.42 million contract to a company, named TWOSENSE.AI, in support of developing technology that uses artificial intelligence (AI) to learn about mobile users' behavior and continuously authenticates the users based on the behaviors learned by the AI. The behaviors that will be monitored and learned by the technology include gait, keystrokes, and fingertip pressure. The technology will supplement traditional authenticators instead of replace them as users will still be asked to provide usernames, passwords, one-time personal identification numbers, or biometric identifiers, if the authentication process involving learned behaviors goes wrong. This article continues to discuss the concept, support, development, and research behind this technology.

    GCN reports "How AI Augments Mobile Authentication"

  • news

    Visible to the public "A Cisco Router Bug Has Massive Global Implications"

    Security researchers at Red Balloon have discovered two vulnerabilities in the Cisco 1001-X series router. Cisco's 1001-X routers are used for connectivity at stock exchanges, local malls, corporate offices, and more. The exploitation of these security flaws could allow hackers to steal the data that passes through the routers. These bugs are significant in that they enable hackers to remotely gain root access to routers and circumvent the security protection, Trust Anchor, which has been built into most of Cisco's enterprise devices since 2013. According to researchers, the techniques used to bypass Trust Anchor could be used by attackers to infiltrate the networks in which these devices are connected. This article continues to discuss the vulnerabilities and the potential impact that these flaws could have on institutions, along with some concerns surrounding the mitigation of the vulnerabilities and the research conducted behind these discoveries.

    Wired reports "A Cisco Router Bug Has Massive Global Implications"

  • news

    Visible to the public "Why Local Governments Are a Hot Target for Cyberattacks"

    Cyberattacks against local governments have been on the rise as indicated by the recent wave of ransomware attacks faced by municipalities within the U.S. Security experts have provided reasons as to why local governments have become an attractive target for cyberattacks. According to researchers, cities are increasingly utilizing the Internet to deliver services, city systems are storing massive amounts of data, cities are resource-constrained in regard to cybersecurity, and more. This article continues to discuss recent cases in which U.S. municipalities have been hit with malware and ransomware, and why cities are vulnerable to cyberattacks.

    CSO Online reports "Why Local Governments Are a Hot Target for Cyberattacks"

  • news

    Visible to the public "Employees are aware of USB drive security risks, but don’t follow best practices"

    In a study that was conducted, employees were found to be aware of the risks associated with inadequate USB drive security. It was found that while 91 percent of respondents claimed that encrypted USB drives should be mandatory, 58 percent of respondents confirmed that they regularly use non-encrypted USB drives. Although 64 percent of organizations have a policy outlining acceptable use of USB devices, 64 percent of respondents said their employees use USB drives without obtaining advance permission to do so. It was also discovered that nearly half of the respondents lost a USB drive without notifying appropriate authorities about the incident. It is important that employers implement strict security policies to defend against the shortcuts employees will take. Beyond policies and procedures, organizations should reinforce that their employees use encrypted USB drives that require a unique PIN to make information on USB drives more secure.

    HELPNETSECURITY reports: "Employees are aware of USB drive security risks, but don't follow best practices"

  • news

    Visible to the public "Intel CPUs Impacted by New Zombieload Side-Channel Attack"

    A team of researchers have recently disclosed a new side-channel attack, called Zombieload. This attack is of the same category as Meltdown, Spectre, and Foreshadow in that it also abuses the speculative execution capabilities of modern CPUs to gain access to sensitive data. Zombieload exploits the speculative execution capabilities of CPUs' microarchitectural data structures, used to increase the speed at which data is read or written, in order to make assumptions about the data that is being processed in the CPU by other applications. This article continues to discuss Zombieload and other Microarchitectural Data Sampling (MDS) attacks discovered by researchers.

    ZDNet reports "Intel CPUs Impacted by New Zombieload Side-Channel Attack"

  • news

    Visible to the public "Design Flaws Create Security Vulnerabilities for 'Smart Home' Internet-of-Things Devices"

    Flaws in the design of smart home Internet of Things (IoT) devices have been discovered by researchers at North Carolina University. The discovery of these design flaws is shared in a paper, titled Blinded and Confused: Uncovering Systemic Flaws in Device Telemetry for Smart-Home Internet of Things. According to researchers, the exploitation of these design flaws could lead to the prevention of security information sharing by smart home IoT devices to homeowners. Notifications pertaining to security problems such as break-ins can be blocked by attackers. This article continues to discuss the design flaws in smart home IoT devices that have been identified by researchers, the suppression attacks that can be performed through the abuse of the flaws, and potential solutions for addressing these vulnerabilities.

    Science Daily reports "Design Flaws Create Security Vulnerabilities for 'Smart Home' Internet-of-Things Devices"

  • news

    Visible to the public "WhatsApp flaw used to install spyware by simply calling the target"

    A security vulnerability in the popular Facebook-owned end-to-end encrypted messaging app WhatsApp allowed attackers to install spyware on smartphones without any user interaction or knowledge. WhatsApp discovered the vulnerability in early May, and discovered that the vulnerability was being exploited to deliver the Pegasus mobile spyware and was being distributed to distinct targets. The current number of individuals targeted by the attack is currently unknown. It is recommended that every user of WhatsApp downloads the new update, which fixes the vulnerability.

    HELPNETSECURITY reports: "WhatsApp flaw used to install spyware by simply calling the target"

  • news

    Visible to the public "Flaws in a Popular GPS Tracker Leak Real-Time Locations and Can Remotely Activate Its Microphone"

    Security vulnerabilities have been discovered in a popular GPS tracker used to monitor children, track vehicles, and send alerts pertaining to elderly patients. The white-label location tracker is manufactured in China and is sold by companies, including Pebble by HoIP Telecom, OwnFone Footprint, SureSafeGo, and more. According to cybersecurity researchers from Fidus Information Security, these flaws could be exploited by attackers to retrieve information about a user's real-time location, secretly listen in on users, or completely disable the device. This article continues to discuss the GPS tracker, the security flaws that it has been discovered to contain, how attackers can exploit these vulnerabilities, and how this problem could be addressed.

    TechCrunch reports "Flaws in a Popular GPS Tracker Leak Real-Time Locations and Can Remotely Activate Its Microphone"

  • news

    Visible to the public "Hackers Still Outpace Breach Detection, Containment Efforts"

    Reports recently released by security researchers, including the Trustwave 2019 Global Security Report and the FireEye 2019 Mandiant M-Trends Report, indicate that there has been an improvement in the discovery and containment of data breaches as organizations have increased the speed at which cyber incidents are detected. According to the results of studies highlighted by these reports, the time between intrusion and detection has been shortened significantly by days. Mandiant shared that the time between the occurrence of compromise and its discovery decreased from 101 days in 2017 to 78 days in 2018, showing a major decrease in dwell time. Dwell time is the amount of time attackers go undetected in a system or the time it takes for an organization to become aware of an incident. Cybersecurity teams should continue striving to reduce dwell time. However, security researchers still emphasize that attackers do not need a lot of time to inflict major damage. This article continues to discuss findings in relation to the improvement in breach detection and containment, and the use of automation to improve such efforts.

    Dark Reading reports "Hackers Still Outpace Breach Detection, Containment Efforts"

  • news

    Visible to the public "Three Ways GDPR Benefits US Companies"

    The European Union's General Protection Regulation (GDPR) went into effect on May 25, 2018. The purpose of the GDPR is to ensure the protection of personal data belonging to EU residents by enforcing a standard upon any companies that manage this data. The GDPR has a far-reaching impact as any company that conducts business with EU citizens are expected to comply with this regulation, pressuring organizations to improve their efforts in regard to privacy and security. There are ways in which U.S. organizations have benefited from GDPR in that this regulation has pushed organizations to improve their incident response strategies, make great efforts to strengthen Internet of Things (IoT) security, and prepare for U.S. data privacy regulations. This article continues to discuss GDPR and how U.S. organizations have benefited from the regulation, along with the GDPR's next steps.

    Help Net Security reports "Three Ways GDPR Benefits US Companies"

  • news

    Visible to the public "Despite warnings, most people still don’t change their passwords"

    1050 individuals were surveyed about their passwords. It was discovered that 64% of people used the same password for some, or even all, of their online accounts, while only 21% used a different password for each account. 21% of the respondents used personal information to create passwords. 9% of respondents said that they had never changde their main email account password. It was also discovered that 45% of users include special characters in their passwords such as @ or $, while 32% say their passwords contain fewer than eight letters. Most passwords (35%) have up to ten characters, while 16% are the most security-conscious, with over 12 characters. It is important for individuals and businesses to take password security seriously, because week passwords, make it much easier for hackers to access sensitive information and cause a data breach.

    HELPNETSECURITY reports: "Despite warnings, most people still don't change their passwords"

  • news

    Visible to the public "Artificial Intelligence May Not 'Hallucinate' After All"

    Great advancements have been made in machine learning in regard to image recognition as this technology can now identify objects in photographs as well as generate authentic-looking fake images. However, the machine learning algorithms used by image recognition systems are still vulnerable to attacks that could lead to the misclassification of images. Researchers continue to explore the problem of adversarial examples, which could be used by attackers to cause a machine learning classifier to misidentify an image. This article continues to discuss the concept and new research behind adversarial examples.

    Wired reports "Artificial Intelligence May Not 'Hallucinate' After All"

  • news

    Visible to the public "This Ransomware Sneakily Infects Victims by Disguising Itself With Anti-Virus Software"

    According to cybersecurity researchers at Trend Micro, ransomware, called Dharma, which emerged in 2016, has been updated to deceive users into installing it by posing as anti-virus software. New details pertaining to the updated version of Dharma ransomware reveal that the file-locking malware hides inside a fake anti-virus software installation. Researchers suggest that organizations implement stronger cybersecurity practices such as securing email gateways, frequently backing up files, and more, in order to avoid being hit by Dharma and other similar cyberattacks. This article continues to discuss Dharma ransomware in relation to its impact, process, and distribution, along with how organizations can avoid such threats.

    ZDNet reports "This Ransomware Sneakily Infects Victims by Disguising Itself With Anti-Virus Software"

  • news

    Visible to the public "Study Finds Wi-Fi Location Affects Online Privacy Behavior"

    A team of scientists conducted a study to see if a person's location offline affects how they behave online in regard to privacy. The study also explores changes in online privacy behavior resulting from the presence of a virtual private network (VPN) logo, the provision of terms and conditions by the wireless provider, and more. The study was conducted by observing the online behavior of participants from Amazon Mechanical Turk in four different types of physical locations, including a coffee shop, a university, an Airbnb, and home. Scientists observed unethical behavior, ethical behavior, and the disclosure of private information online. This article continues to discuss the purpose and findings of this study.

    Tech Explorist reports "Study Finds Wi-Fi Location Affects Online Privacy Behavior"

  • news

    Visible to the public "Bypassing Popular Passwords"

    A new model for password protection has been proposed by Jaryn Shen and Qinqkai Zeng of the State Key Laboratory for Novel Software Technology, and Department of Computer Science and Technology, at Nanjing University, China. The new approach is aimed to protect passwords from online and offline attacks without requiring users to create and memorize their passwords as it is difficult to get users to create more complex passwords, use password managers, and enable multi-factor authentication. This article continues to discuss the new password protection approach proposed by researchers.

    Phys.org reports "Bypassing Popular Passwords"

  • news

    Visible to the public "The IoT threat landscape is expanding rapidly, yet few companies are addressing third party risk factors"

    There is a dramatic increase in IoT-related data breaches specifically due to an unsecured IoT device or application since 2017. It has jumped from 15 percent to 26 percent, and the results might actually be greater, because most organizations are not aware of every unsecured IoT device or application in their environment or from third party vendors. Most organizations surveyed have no centralized accountability to address or manage IoT risks. Less than half of company board members approve programs intended to reduce third party risk and only 21 percent of board members are highly engaged in security practices and understand third party and cybersecurity risks in general. Companies will have too take all risks, including IoT risks seriously if they want to lessen the chances of a breach occurring.

    HELPNETSECURITY reports: "The IoT threat landscape is expanding rapidly, yet few companies are addressing third party risk factors"

  • news

    Visible to the public "Critical flaw allows attackers to take over Cisco Elastic Services Controllers"

    Cisco had a critical flaw which allowed attackers to take over Cisco Elastic Services Controllers (ESC). ESC is a popular enterprise software for managing virtualized resources. The vulnerability is due to improper validation of API requests. An attacker who found the flaw could exploit this vulnerability by sending a crafted request to the REST API. A successful exploit could allow the attacker to execute arbitrary actions through the REST API with administrative privileges on an affected system. The flaw has since been patched on the critical, remotely exploitable authentication bypass vulnerability in Cisco Elastic Services Controller.

    HELPNETSECURITY reports: "Critical flaw allows attackers to take over Cisco Elastic Services Controllers"