News Items

  • news

    Visible to the public Open for Nominations - Submission Period Extended!

    The 8th Annual Best Scientific Cybersecurity Paper Competition is now open for nominations. This year's nominating period runs through midnight on March 31, April 15, 2020. We look forward to receiving your nominations.

  • news

    Visible to the public NIST Releases Draft Security Feature Recommendations for IoT Devices

    NIST Releases Draft Security Feature Recommendations for IoT Devices

    "Core Baseline" guide offers practical advice for using everyday items that link to computer networks.

    August 01, 2019

  • news

    Visible to the public NSA-approved cybersecurity law and policy course now available online

    NSA-approved cybersecurity law and policy course now available online

    Cyber Scoop

    Shannon Vavra

    August 27th, 2019

    Anyone who is interested in cybersecurity law and policy can now take an online course that was partly shaped by National Security Agency.

  • news

    Visible to the public Verification Tool Competition

    ARCH brings together researchers and practitioners to establish a curated set of benchmarks for verification, testing and reachability, and evaluate them in a friendly competition. ARCH started in 2014 and has sustained a vibrant community since. Since 2017, ARCH has organized as a part of the workshop the International Competition on Verifying Continuous and Hybrid Systems (ARCH-COMP, https://cps-vo.org/group/ARCH/), now in its 3rd iteration.

  • news

    Visible to the public Game-theoretic Paper Wins Annual Paper Competition

    The winner of the 6th Annual Best Scientific Cybersecurity Paper Competition is How Shall We Play a Game? A Game-theoretical Model for Cyber-warfare Games by Tiffany Bao, Yan Shoshitaishvili, Ruoyu Wang, Christopher Kruegel, Giovanni Vigna, and David Brumley. These researchers are from Carnegie Mellon University and University of California, Santa Barbara. This paper was originally accepted at 30th IEEE Computer Security Foundations Symposium (CSF '17).

    To learn more visit the competition homepage: https://cps-vo.org/group/sos/papercompetition/pastcompetitions

  • news

    Visible to the public Secretary of Energy Rick Perry Announces $68.5 Million for Advanced Vehicle Technologies Research

    WASHINGTON, D.C. - Today, U.S. Secretary of Energy Rick Perry announced up to $68.5 million in available funding for early-stage research of advanced vehicle technologies that will enable more affordable mobility, strengthen domestic energy security, and enhance U.S. economic growth.

  • news

    Visible to the public 2018 NSF CPS Program Solicitation

    The 2018 Cyber-Physical Systems Program Solicitation has been released. The submission window for proposals is April 27, 2018 - May 8, 2018. Please see the full solicitation for additional details and the summary of program requirements: https://cps-vo.org/node/45729

  • news

    Visible to the public NSA SoS Lablet Call for Proposals is Open

    The National Security Agency has distributed its BAA (really a request for proposals) for its next generation of SoS Lablets. These lablets include lablets on the 5 Hard Problem areas in Science of Security, on the Science of Privacy and dealing with Cyber Physical Systems. Proposals are due August 21. While the SoS team is not the point of contact for the contracting process, we can aid in directing: https://cps-vo.org/group/SoS/contact

  • news

    Visible to the public U.S. Department of Transportation Launches Smart City Challenge to Create a City of the Future

    Smart City Challenge

  • news

    Visible to the public NEW 2016 NSF-USDA Solicitation: Innovations at the Nexus of Food, Energy, and Water Systems (INFEWS)

    Innovations at the Nexus of Food, Energy and Water Systems (INFEWS)


    Program Solicitation
    NSF 16-524

    National Science Foundation

  • news

    Visible to the public Sticky News Item

    This news item always appears at the top of the 'recent news' list because the 'pin to top of lists' box is checked under 'publishing options' below. News Items can also be set to show in the spotlight slideshow feature.

  • news

    Visible to the public Sticky News Item

    This news item always appears at the top of the 'recent news' list because the 'pin to top of lists' box is checked under 'publishing options' below. News Items can also be set to show in the spotlight slideshow feature.

  • news

    Visible to the public "Google Removes 500+ Malicious Chrome Extensions From the Web Store"

    More than 500 malicious Chrome extensions were recently removed from Google's Web Store. An investigation conducted by security researcher Jamila Kaya and Cisco's Duo security found that the extensions injected malicious ads (malvertising) in millions of Chrome installs. The code injected by the extensions redirected users to a site at which malware is downloaded or a phishing page. In other cases, users were redirected to legitimate sites such as Macy's, Dell, or Best Buy. According to a report released by Duo Security, the extensions were related to a larger malware operation, found to be active for about two years. Google has responded to this discovery by banning the malicious extensions from its official Web Store, deactivating the extensions inside every user's browser, and marking each extension as "malicious" so that users can remove and avoid reactivating them. This article continues to discuss the discovery of the malicious Google Chrome extensions, how Google has responded, and past findings surrounding harmful Chrome extensions.

    ZDNet reports "Google Removes 500+ Malicious Chrome Extensions From the Web Store"

  • news

    Visible to the public "Plastic Surgery Patient Photos, Info Exposed by Leaky Database"

    Due to the improper security of an Amazon Web Services (AWS) S3 bucket, approximately 900,000 documents were leaked from NextMotion, a France-based technology company that provides imaging and patient management services for 170 plastic surgery clinics globally in 35 countries. The unsecured S3 bucket exposed patients' personally identifiable information (PII), photos, videos, dermatological treatments, and consultation documents. Researchers stressed the danger of leaking this type of data as it could be used by malicious actors to perform a variety of scams, fraud, and online attacks. This article continues to discuss the exposure of plastic surgery patients' photos, videos, and PII resulting from an unsecured database.

    Bleeping Computer reports "Plastic Surgery Patient Photos, Info Exposed by Leaky Database"

  • news

    Visible to the public "Researchers Design a Tool to Identify the Source of Errors Caused by Software Updates"

    Software updates intend to make applications run faster or more smoothly, however, sometimes software updates can have bugs known as performance regressions, which can make the software run slower or less smoothly. Usually, it takes a lot of time to fix these bugs, because locating the software errors usually takes a lot of human intervention. Researchers at Texas A&M University, with collaboration with computer scientists at Intel Labs, have developed a new completely automated way of identifying the source of errors caused by software updates. The algorithm they use is called deep learning, which is a form of machine learning. The use of the deep learning algorithm allows one to find performance bugs in a few hours instead of a few days.

    Help Net Security reports: "Researchers Design a Tool to Identify the Source of Errors Caused by Software Updates"

  • news

    Visible to the public "New Cryptography Method Promising Perfect Secrecy Is Met With Skepticism"

    A team of researchers from King Abdullah University of Science and Technology, the University of St. Andrews, and the Center for Unconventional Processes of Sciences claims to have demonstrated a "perfect secrecy cryptography system" that is resistant to future attacks by quantum computers. Much research on achieving perfect secrecy in cryptography has focussed on using quantum key distribution (QKD) systems. These systems use particles of light known as photons to encode data in quantum bits, which are transmitted to a sender and receiver in the form of an encryption key. However, the deployment of QKD systems would require companies and governments to invest a considerable amount of money into new quantum communication channels. The new perfect secrecy cryptography technique described in the journal, Nature Communications, is said to function using existing optical communication infrastructure. This article continues to discuss how the new method of achieving perfect secrecy in cryptography works, the skepticism about this approach, and other attempts at achieving perfect secrecy using QKD systems.

    IEEE Spectrum reports "New Cryptography Method Promising Perfect Secrecy Is Met With Skepticism"

  • news

    Visible to the public "Mac Malware Threats Are Now Outpacing Attacks on Windows PCs"

    Researchers that work for a cybersecurity company Malwarebytes analyzed a year of data on cyberattacks their customers were affected with and found that malicious activity and malware attacks targeting Macs rose significantly over the past year. In 2019, the average number of threat detections per Mac was 11, compared to an average of 4.8 in 2018. The number of threat detections per Mac was higher than it was for Windows users during 2019, with an average of 5.8 detections on Windows machines during 2019.

    ZDNet reports: "Mac Malware Threats Are Now Outpacing Attacks on Windows PCs"

  • news

    Visible to the public "Architectural Analysis IDs 78 Specific Risks in Machine-Learning Systems"

    A formal risk framework aimed at improving the development of secure machine learning (ML) systems has been developed by researchers at the Berryville Institute of Machine Learning (BIML). The BIML researchers conducted an architectural risk analysis of ML systems, concentrating on highlighting the issues that engineers and developers need to consider in the design of ML systems. BIML researchers' architectural analysis delved into the different components of a typical ML system, including raw data, dataset assembly, and learning algorithms. The data security risks associated with each of the components, such as data poisoning, subtle nudges to an online learning system, and more, were identified and ranked. The identification, ranking, and categorization of these risks can help engineers and developers figure out what security controls need to be implemented to mitigate those risks. This article continues to discuss BIML's architectural risk analysis of ML systems and the importance of securing data when using such systems.

    Dark Reading reports "Architectural Analysis IDs 78 Specific Risks in Machine-Learning Systems"

  • news

    Visible to the public "New Legislation Would Help Local Gov with Cybersecurity"

    The recently introduced State and Local Cybersecurity Improvement Act aims to address cybersecurity threats faced by systems used by state, local, and territorial governments in the US. The legislation would establish a $400 million grant program at the Department of Homeland Security (DHS) to help fund efforts made by eligible communities to improve their cybersecurity. The areas in which the program would assist include vulnerability scanning, testing, cybersecurity workforce development, and intelligence sharing. Additionally, the bill would require the DHS' Cybersecurity and Infrastructure Agency (CISA) to develop strategies for improving the communities' overall defenses against cyberattacks. This article continues to discuss the State and Local Cybersecurity Improvement Act, as well as another new initiative called Energy Sector Pathfinder, aimed at improving the security of the US Energy Critical Infrastructure and cybersecurity partnerships within the sector.

    CISOMAG reports "New Legislation Would Help Local Gov with Cybersecurity"

  • news

    Visible to the public "Hackers Could Shut Down Satellites – or Turn Them into Weapons"

    Amazon, U.K.-based OneWeb, and other companies are racing to put thousands of satellites in space. These satellites are expected to improve environmental monitoring, global navigation systems, and access to the internet in remote areas of the world. However, commercial satellites are vulnerable to cyberattacks due to the complexity of their supply chains, layers of stakeholders, and lack of cybersecurity standards and regulations. If hackers were to hijack these satellites, they could perform malicious activities such as disable functions, deny access to services, spoof signals, and more. Hackers could cause steerable satellites to crash into each other. Such attacks pose a threat to critical infrastructure, including electric grids, water networks, and transportation systems. This article continues to discuss the launch of new commercial satellites to space, how these satellites could improve everyday life, the vulnerability of these satellites to hacking, notable attacks on satellites over the years, and the need to develop cybersecurity standards for satellites.

    Homeland Security News Wire reports "Hackers Could Shut Down Satellites - or Turn Them into Weapons"

  • news

    Visible to the public "Will Weak Passwords Doom the Internet of Things (IoT)?"

    Weak passwords are expected to be the downfall of the Internet of Things (IoT) security. Security experts have already observed an increase in attacks against IoT devices in which weak passwords were exploited. For example, in 2019, poor password management was abused by threat actors to execute attacks against IoT devices such as printers and phones. Recently, routers were targeted in an IoT attack as a result of a password data dump on a hacker forum. Manufacturers often fail to consider security in the development of IoT devices, as indicated by the shipping of numerous devices with default passwords. This article continues to discuss recent IoT attacks in which weak passwords were exploited and the need for increased efforts from manufacturers, companies, government, and users to improve IoT security.

    Security Intelligence reports "Will Weak Passwords Doom the Internet of Things (IoT)?"

  • news

    Visible to the public "Study Unveils Security Vulnerabilities in EEG-Based Brain-Computer Interfaces"

    Researchers at Huazhong University of Science and Technology did a study on the security of electroencephalography (EEG)-based brain-computer interfaces (BCIs). Breakthroughs in machine learning (ML) have led to the advancement of BCI spellers, which allow people to use their brain activity to control their computers. Much research on developing BCI classifiers has focussed on increasing speed and reliability instead of examining the security vulnerabilities they may have. Recent studies have shown that that ML algorithms such as those used in computer vision, speech recognition, and more, are vulnerable to a variety of attacks. These attacks could lead to misclassification or the production of incorrect output. In this study, researchers examined P300 BCI spellers, which are used in clinics to assess or detect disorders of consciousness. They discovered that adversarial attacks on BCI spellers could result in usability issues, misdiagnoses, and other consequences, posing a threat to the well-being of patients. Researchers hope that this research will help inform the development of better techniques for securing BCIs. This article continues to discuss the goal and key findings of the study on EEG-based BCI security.

    TechXplore reports "Study Unveils Security Vulnerabilities in EEG-Based Brain-Computer Interfaces"

  • news

    Visible to the public "MIT Researchers Identify Security Vulnerabilities in Voting App"

    There has been increased interest in using mobile technology and the internet to improve access to voting. However, computer security experts warn of the vulnerability of mobile voting applications to hacking. Researchers at MIT did an analysis of a mobile voting application, called Voatz. They discovered that the app contains several vulnerabilities that could be exploited by hackers to alter, disrupt, or expose an individual's vote. In addition to the weaknesses found in Voatz's voting process, the researchers found that the app poses a threat to the privacy of users. Voatz uses a third-party vendor for voter ID verification, which can access a voter's photo, driver's license data, and more. The security vulnerabilities were disclosed to the Department of Homeland Security's Cybersecurity and Infrastructure Agency (CISA). This article continues to discuss the discovery of security flaws in the mobile voting application Voatz, what these vulnerabilities could allow hackers to do, the disclosure of the vulnerabilities to CISA, and why transparency is essential in election administration.

    MIT News report "MIT Researchers Identify Security Vulnerabilities in Voting App"

  • news

    Visible to the public "Security Pros Anticipate Automation Will Reduce IT Security Headcount, but not Replace Human Expertise"

    In a new survey conducted by DomainTools and Ponenom Institue, they found that many companies (77 percent) continue to use or plan to use automation in IT in the next three years. 51 percent of IT respondents believe that automation will decrease headcount in the IT security function, and 37 percent of IT employees believe that automation will cause them to lose their jobs. Overall, 74 percent of the participants agreed that automation enables IT security staff to focus on more severe vulnerabilities and overall network security. 74 percent of the participants say that automation is not capable of specific tasks done by IT security staff. The participants also believe that automation delivers productivity benefits such as reducing false positives and/or false negatives (43 percent), increasing the speed of analyzing threats (42 percent), and prioritizing threats and vulnerabilities (39 percent). The researchers also discovered that participants think that the most common activities likely to be replaced by automation in the next three years are log analysis (68 percent), threat hunting (60 percent), and DevOps (37 percent).

    Help Net Security reports: "Security Pros Anticipate Automation Will Reduce IT Security Headcount, but not Replace Human Expertise"

  • news

    Visible to the public Solicitation: NSF Secure and Trustworthy CyberSpace (SaTC) [Solicitation 19-603]

    Secure and Trustworthy Cyberspace (SaTC)

    PROGRAM SOLICITATION
    NSF 19-603

    REPLACES DOCUMENT(S):
    NSF 18-572

    National Science Foundation

    Directorate for Computer and Information Science and Engineering
    Division of Computer and Network Systems
    Division of Computing and Communication Foundations
    Division of Information and Intelligent Systems
    Office of Advanced Cyberinfrastructure

  • news

    Visible to the public "Inside the Mind of a Hacker"

    Researchers from the University at Buffalo School of Management did a study to find out which personality traits led people to become black, white or gray hat hackers. The researchers surveyed 439 college sophomores and juniors in computer science and management to learn about their personality traits. Scales were then developed to determine the three different types of hacking hats and measure how each person perceives the consequences and opportunities associated with participating in criminal activities. The findings of the study suggest that security compliance will remain a challenge for businesses and organizations. This article continues to discuss the differences between black, white, and gray hat hackers, as well as how the study was done by researchers, what the research findings suggest, and what organizations can do to reduce or prevent security breaches.

    University at Buffalo reports "Inside the Mind of a Hacker"

  • news

    Visible to the public "Social Engineering Scam Hits Washington County Government"

    Benton County, a county in the U.S. state of Washington, fell victim to a social engineering phishing scam in which thieves attempted to steal money. Further investigation revealed that the cybercriminals behind this scam are in India. The thieves pretended to a contractor working on several projects for the county, going so far as to create an online domain name using a legitimate construction firm's name. They sent emails appearing to come from a real employee of the construction company about a bill that Benton County owed for different projects, which led to an electronic transfer of $740,000. Kathleen Cooper, the spokeswoman for the Washington State Auditor's Office, pointed out that local governments and public education institutions are more vulnerable to such attacks because of the amount of sensitive information that they must share in order to perform business functions. This article continues to discuss the social engineering scam faced by Benton County, the response to this incident, other similar fraud schemes, and current efforts to protect local governments from cybersecurity threats.

    GovTech reports "Social Engineering Scam Hits Washington County Government"

  • news

    Visible to the public "Unsecured Estee Lauder Database Exposed 440 Million Records"

    Researchers have discovered an unsecured database belonging to cosmetic giant Estee Lauder, which exposed over 440 million company records. The database, is hosted on the company's Microsoft Azure cloud platform. Since discovering the unsecure database, the company has secured, and password protected the database. It is not clear how long the database was exposed or if anyone accessed any of the data. The researchers discovered the database on January 31st. The unsecured data on the database included: user emails stored in plain text, including internal email addresses from the @estee.com domain; Numerous internal IT logs, including production, audit, error, content management system and middleware reports; References to reports and other internal documents; References to IP address, ports, pathways, and storage used within the company.

    Bank Info Security reports: "Unsecured Estee Lauder Database Exposed 440 Million Records"

  • news

    Visible to the public "Scammers Are Trying to Exploit Coronavirus Concerns to Breach Companies"

    Hackers are taking advantage of the fear stemming from the coronavirus outbreak by sending emails, containing warnings about the economic consequences associated with the spread of this virus, to companies. According to researchers at Proofpoint, hackers are targeting businesses in sectors that are likely to suffer the most as a result of the coronavirus. Targeted businesses include those engaged in manufacturing, transportation, and finance. The phishing emails discovered by researchers specifically address a particular industry, such as the shipping industry, in their subject lines. Recipients are then directed to download on an attachment, which the messages claim to provide additional information on how the coronavirus could impact their industry. The perpetrators behind the execution of these coronavirus-themed phishing scams appear to be from Russia and Eastern Europe. This article continues to discuss the coronavirus and how hackers are exploiting the fears surrounding this outbreak to steal sensitive data from companies.

    CyberScoop reports "Scammers Are Trying to Exploit Coronavirus Concerns to Breach Companies"

  • news

    Visible to the public "Hackers Increasing Complex Attacks with Hack Tools, Ransomware"

    According to the recently released Malwarebytes Lab 2020 State of Malware Report, the volume, sophistication, and diversity of cyberattacks against businesses is increasing. Some of the key findings shared in the report include a 98 percent increase in threats faced by the medical sector, the number of malware threat detections on Mac surpassing that of Windows, and a 463 percent increase in adware. The report also highlights the significant rise in the use of hacking tools to manually infect business via misconfigured ports or unpatched vulnerabilities. This article continues to discuss the essential findings of the report regarding the growing frequency and complexity of cyberattacks and threats against businesses.

    HealthITSecurity reports "Hackers Increasing Complex Attacks with Hack Tools, Ransomware"

  • news

    Visible to the public "Social Robots Teach Cyber Safety"

    The University of Delaware developed a social robot, named Zenbo, that provides information on cyber safety for children. Zenbo recently taught fifth-graders from The College School on the University of Delaware's Newark campus about how to protect their information online. The classroom companion uses classic children's stories to give lessons on how to be safe online. For example, in Zenbo's version of Little Red Riding Hood, grandma's house is password-protected, and the Big Bad Wolf is trying to get Red to share the password with him. This robot aims to increase kids' awareness and knowledge surrounding cybersecurity and good digital citizenship. This article continues to discuss the idea and research behind Zenbo, as well as the cyber challenges facing children.

    UDaily reports "Social Robots Teach Cyber Safety"

  • news

    Visible to the public "Quantum Noise Generation Allows For Secure Wireless Transmissions"

    Researchers from Tamagawa University in Japan demonstrated a method to secure wireless transmissions, which involves the use of random quantum noise. Although previous studies revealed the effectiveness of using artificial random noise to prevent interference with secure data transmission, this type of noise is not truly random. The researchers will present their method at the Optical Fiber Communication Conference and Exhibition (OFC) in March 2020. Their proposed cipher system successfully encrypted and decrypted plain text data in two different ways, while maintaining strong signal quality and protection against transmission interception. As new applications emerge in the era of 5G and 6G, such advancements in security are essential. This article continues to discuss the new cipher system for quantum noise encryption and decryption applications, the research behind this system, and the importance of randomness in cryptography.

    Business Wire reports "Quantum Noise Generation Allows For Secure Wireless Transmissions"

  • news

    Visible to the public  "Officials Raise Alarm About Chinese Hacking"

    Officials raised the alarm last Thursday over the volume of Chinese cyberattacks against the US. Chinese hackers are mostly targeting US businesses and academic institutions to try to support China's broad economic goals. FBI Director Chris Wray stated that as of July 2019, there were 1,000 ongoing investigations into Chinese espionage in the US. He also stated that China represented the most significant foreign cyber threat to the US.

    Naked Security reports: "Officials Raise Alarm About Chinese Hacking"

  • news

    Visible to the public "Researchers Transmit Data Covertly by Altering Screen Brightness"

    Researchers at Ben-Gurion University (BGU) of the Negev have demonstrated a new way to extract data from air-gapped computers, which involves altering the pixel density of these computers' LCDs. Air-gapped computers refer to systems isolated from the internet due to its containment of highly sensitive information. Other methods of stealing data from air-gapped computers that have been discovered by BGU researchers, involve using speakers, blinking LEDs in PCs, infrared lights in surveillance cameras, and computer fans. In a recently published paper, the researchers described a covert optical channel that can be detected by cameras, but not users. The idea is to transmit the information by changing a screen's brightness in a sequential pattern. A camera would be used to capture the compromised computer's screen. This article continues to discuss the method discovered by BGU researchers that can be used to covertly transmit data from an air-gapped computer, the limitations of this technique, and other methods developed by researchers to communicate with such computers.

    Naked Security reports "Researchers Transmit Data Covertly by Altering Screen Brightness"

  • news

    Visible to the public "FBI Director Warns of Sustained Russian Disinformation Threat"

    The FBI Director warns that Russia is still spreading disinformation campaigns against the United States. Russia's goal of the foreign influence operations is to spread disinformation, push foreign nations' policy agendas, sow discord, and ultimately undermine confidence in the United States democratic institutions and values. Usually, Russia spreads disinformation about issues that Americans feel passionately about to pit people against each other. Russia targeted election systems across all 50 states before the 2016 elections. The Russian's were able to gain access to some systems, including Illinois, and could alter and delete voter data. There is no evidence that Russia altered or deleted any voter data in 2016. Because of Russia's success in gaining access to voting systems, it has caused some people's confidence in the US elections to weaken. There is no evidence that Russia is targeting the 2020 elections. However, securing election systems in all 50 states is essential to make sure that Russia cannot gain access to the systems again. The spread of disinformation campaigns are currently and will continue to be a big issue in the future and will have to be addressed more in the future.

    Naked Security reports: "FBI Director Warns of Sustained Russian Disinformation Threat"

  • news

    Visible to the public "Why Is the Healthcare Industry Still So Bad at Cybersecurity?"

    Healthcare continues to be a common target for cybercriminals, as indicated by the increased frequency of data breaches and ransomware attacks faced by healthcare organizations. According to Black Book Market Research, data breach breaches cost the healthcare sector an estimate of $4 billion in 2019. The CyberMed Summit is a conference that gathers physicians, security researchers, medical device manufacturers, healthcare administrators, and policymakers to discuss cybersecurity problems faced by the healthcare industry and how these problems could be addressed. Raising awareness among patients about the cybersecurity of medical devices was a major topic of discussion at the 2019 summit. This article continues to discuss the increased targeting of the healthcare industry by cybercriminals, the significant impact that cyberattacks on medical devices could have on patients, the CyberMed Summit, and the "last mile" awareness problem discussed at last year's summit.

    Ars Technica reports "Why Is the Healthcare Industry Still So Bad at Cybersecurity?"

  • news

    Visible to the public "Insecure Configurations Expose GE Healthcare Devices to Attacks"

    Researchers from the healthcare industry-focussed cybersecurity firm, CyberMDX, recently discovered six high-risk vulnerabilities in GE Healthcare products. The vulnerabilities, collectively dubbed MDhex, derive from insecure configurations of features provided by GE Healthcare's patient monitoring devices and servers for remote access and administration. These vulnerabilities involve the reuse of a hard-coded private key, the inclusion of outdated software, insecure updates, and more. According to researchers, these types of vulnerabilities are common in the medical device world. Manufacturers need to consider security in the design of medical devices as attacks on such devices have the potential to impact the security and safety of patients. This article continues to discuss the vulnerabilities found in GE Healthcare products, recommendations on how to mitigate these vulnerabilities, and the importance of implementing security controls during the design of medical devices.

    CSO Online reports "Insecure Configurations Expose GE Healthcare Devices to Attacks"

  • news

    Visible to the public "Governments Are Soft Targets for Cybercriminals"

    Corvus, a provider of AI-driven commercial insurance products, conducted research released new research that highlights the increasing vulnerability of governments to cyberattacks. According to a report from Corvus, three factors make governments soft targets for cybercriminals. These factors include larger attack surfaces, lack in the use of basic email authentication schemes, and higher rates of internal hosting. Researchers stress that the combination of these three key factors leaves governments more vulnerable than other organizations. This article continues to discuss the findings of Corvus' report on the security of municipal governments and agencies.

    Infosecurity Magazine reports "Governments Are Soft Targets for Cybercriminals"

  • news

    Visible to the public "Intrusion Alert: System Uses Machine Learning, Curiosity-Driven ‘Honeypots’ to Stop Cyber Attackers"

    The FBI has brought further attention to the increased targeting of government systems and networks in cyberattacks. In an effort to help stop these attacks, researchers at Purdue University developed a detection system called LIDAR (lifelong, intelligent, diverse, agile, and robust). The system operates through the use of supervised machine learning, unsupervised machine learning, and rule-based learning. The implementation of these types of machine learning allows LIDAR to detect anomalies in the system, compare detected abnormalities to known attack templates, and determine the validity of a potential attack. LIDAR also uses a honeypot to attract attackers without allowing them to enter the system. This article continues to discuss the components and capabilities of Purdue's LIDAR system.

    Purdue University reports "Intrusion Alert: System Uses Machine Learning, Curiosity-Driven 'Honeypots' to Stop Cyber Attackers"

  • news

    Visible to the public "Critical Bluetooth Bug Leaves Android Users Open to Attack"

    Google has put out a new security update to address a critical flaw that researchers found in Android's Bluetooth implementation. The flaw allows remote code execution without user interaction. The vulnerability is called CVE-2020-002 and affects devices running Android Oreo (8.0 and 8.1) and Pie (9.0). Two-thirds of Android devices in use have this flaw, which is why it is rated critical. No user interaction is needed to exploit the flaw, an adversary only needs to know the Bluetooth MAC address of the target, and can use the flaw to obtain personal data or distribute malware.

    WeLiveSecurity reports: "Critical Bluetooth Bug Leaves Android Users Open to Attack"

  • news

    Visible to the public "Organized Cybercrime: Not Your Grandfather’s Mafia"

    Research from Michigan State University explored whether the stereotype of organized crime applies to organizations of hackers. The study identified the common characteristics of cybercrime networks, examining how groups in these networks operate and collaborate. According to Thomas Holt, MSU professor of criminal justice co-author of the study, the most dangerous cybercrime groups are the ones that are loosely-structured. These types of groups consist of individuals who gather to perform an activity effectively for a certain amount of time and then disappear. Cybercrime networks differ from traditional organized crime networks because they lack historic validity, and are hard to document and trace. Holt and lead author E. R. Leukfeldt, a researcher at the Netherlands Institute for the Study of Crime and Law Enforcement, conducted this study by reviewing data from 18 cases in which individuals were prosecuted for cases related to the performance of phishing attacks. This article continues to discuss the purpose and key findings of this study.

    Homeland Security News Wire reports "Organized Cybercrime: Not Your Grandfather's Mafia"

  • news

    Visible to the public "Emotet Can Spread to Poorly Secured Wi-Fi Networks And Computers on Them"

    Researchers have discovered and analyzed a malware program that can spread the Emotet Trojan to nearby wireless networks and compromise computers on them. Emotet is one of the most versatile malware threats currently used. The researchers found that after the malware infects a computer that has Wi-Fi capability, it then uses the wlanAPI interface to discover any Wi-Fi networks in the area. If the Wi-Fi networks found require passwords to join, then the malware will try to guess the possible passwords, and if it guesses the passwords correctly, then it will connect to the Wi-Fi network. Once Emotet is on the Wi-Fi network, it will then scan all other computers connected to the same network for any Windows computers that have file sharing enabled. The malware then retrieves a list of all user accounts on those computers discovered and attempts to guess the passwords to those accounts as well as the Administrator account. If the malware can guess the correct passwords, then the malware copies itself to that computer and installs itself by running a remote command on the other computer.


    Help Net Security reports: "Emotet Can Spread to Poorly Secured Wi-Fi Networks And Computers on Them"

  • news

    Visible to the public "Thwarting Hacks by Thinking As the Humans Behind Them"

    A study conducted at Michigan State University highlights the importance of paying closer attention to the potential motives behind cyberattacks to improve the prediction, identification, and prevention of cyberattacks. While it is essential to follow security practices such as installing antivirus software and periodically updating computer software to reduce the risk of a cyberattack, security professionals are encouraged to delve deeper into the human aspect of cybercriminals to develop stronger defenses. Thomas Holt, study author and MSU professor of criminal justice, supports the modeling of hackers' decision-making processes to help defenders think like hackers and bolster the security of their systems. Holt worked with Rutger Leukfeldt and Steve Van De Weijer from the Netherlands Institute for the Study of Crime and Law Enforcement to analyze over 100,000 incidents of web defacement hacks regarding the motives behind these attacks and the differences in how they are performed. This article continues to discuss key findings of the study on the importance of understanding the humans behind hacking incidents.

    MSUToday reports "Thwarting Hacks by Thinking As the Humans Behind Them"

  • news

    Visible to the public "Charging Your Phone Using a Public USB Port? Beware of 'Juice Jacking'"

    Travelers are urged to avoid using publicly available USB power charging stations because they may be infected with dangerous malware. The Los Angeles County District Attorney's Office recently pointed out the use of publicly accessible USB charging ports or cables at shopping centers, hotels, fast-food restaurants, and on public transport, by cybercriminals to perform malicious activities. In a USB Charger Scam, called "juice jacking," cybercriminals are loading malware onto the charging stations or cables in public areas to infect unsuspecting users' devices. The malware can then allow attackers to steal personal data, delete data, spy on users' activities, or disable phones. Such activities can leave victims vulnerable to identity theft, financial fraud, and more. This article continues to discuss how the juice jacking attack works, how users can tell if they experienced this attack, in addition to how users can protect themselves from such attacks or respond if they have been juice jacked.

    TechXplore reports "Charging Your Phone Using a Public USB Port? Beware of 'Juice Jacking'"

  • news

    Visible to the public "An Artist Used 99 Phones to Fake a Google Maps Traffic Jam"

    An artist named Simon Weckert created the Google Maps Hack to bring further attention to the potential ease at which malicious actors can fool a product such as Google Maps and other similar products. The Google Maps Hack project was prompted by an incident that occurred almost three years ago at a May Day demonstration in Berlin. During the event, Weckert saw that Google Maps was detecting a significant traffic jam despite the absence of cars on the road. Weckert later found that Google Maps was picking up on the mass of people present at the event, specifically through their smartphones. To replicate the incident, he decided to gather 99 phones and walk up and down with them on the road. The wagon of phones was successful at tricking Google Maps into showing a traffic jam. This article continues to discuss the Google Maps hack, how this project demonstrates the vulnerability of such systems to manipulation, and how these types of hacks can impact users' perceptions.

    Wired reports "An Artist Used 99 Phones to Fake a Google Maps Traffic Jam"

  • news

    Visible to the public "Your Philips Hue Light Bulbs Can Still Be Hacked — And Until Recently, Compromise Your Network"

    In 2016, security researchers demonstrated the use of a drone to hack Philips Hue smart light bulbs from the outside of a building. Today, security researchers from Check Point conducted another test on Philips Hue models. They discovered that the same vulnerability used to demonstrate that attack four years ago was never fully addressed as the researchers recently exploited it to hack into a home's computer network. According to researchers, the exploitation of this vulnerability requires patience because it involves uploading a malicious over-the-air update to a Philips Hue Hub and trying to get the owner to reset and re-add the bulb to the network by altering its color and brightness. Although Philips issued a patch to fix the problem, researchers say other brands of smart home systems may also be affected by the same vulnerability stemming from the Zigbee communications protocol. This article continues to discuss the technique used in 2016 to hack Philips Hue smart light bulbs, researchers' recent use of this technique to infiltrate a home network, and how the same protocol flaw may impact other smart home brands.

    The Verge reports "Your Philips Hue Light Bulbs Can Still Be Hacked -- And Until Recently, Compromise Your Network"

  • news

    Visible to the public "Critical Cisco 'CDPwn' Flaws Break Network Segmentation"

    Cisco issued patches for five critical vulnerabilities contained by the CISCO Discovery Protocol (CDP), which is a tool used by network administrators and engineers to identify and map Cisco products on a network. According to researchers at the enterprise security firm Armis, the exploitation of the collection of critical flaws dubbed CDPwn can allow attackers to break network segmentation and move freely between different parts of a network, posing a significant threat to enterprises. As Cisco is the leader in the network equipment market, these security flaws impact millions of devices, including switches, routers, IP phones, and IP cameras. Cisco is urging users to apply the recently released patches as bad actors can perform several attacks using the flaws, such as extracting data from a network's traffic via switches and routers, viewing sensitive information from IP cameras, altering traffic on corporate switches, and more. This article continues to discuss the purpose of the Cisco Discovery Protocol (CDP), the critical security flaws discovered in this protocol, the impact that such vulnerabilities can have on enterprises, the disclosure of these flaws, and how Cisco has responded.

    Threatpost reports "Critical Cisco 'CDPwn' Flaws Break Network Segmentation"

  • news

    Visible to the public "Malware And Ransomware Attack Volume Down Due to More Targeted Attacks"

    Results of threat intelligence collected throughout 2019 through the use of over 1.1 million sensors placed in over 215 countries and territories were published in the 2020 SonicWall Cyber Threat Report. The researchers found that there were 9.9 billion malware attacks during the study, which is a slight 6% year-over-year decrease. While malware decreased 6% globally, many of the new threats masked their exploits within today's most trusted files. Office (20.3%) and PDFs (17.4%) represented 38% of the new threats detected by Capture ATP. While the total number of ransomware attacks (187.9 million) dipped 9% in 2019, highly targeted attacks left many state, provincial and local governments paralyzed and took down email communications, websites, telephone lines, and dispatch services. The researchers discovered a moderate 5% increase in IoT malware, with a total number of 34.3 million attacks in 2019. Cryptojacking declined 78% in the second half of 2019. The researchers also found that 3.7 million malware attacks were sent over TLS/SSL traffic, which is a 27% year-over-year increase that is trending up and expected to climb through the year.

    Help Net Security reports: "Malware And Ransomware Attack Volume Down Due to More Targeted Attacks"

  • news

    Visible to the public "New York City Partners with Israel-based Firm to Boost Cybersecurity"

    New York City and an Israel-based venture capital firm, named Jerusalem Ventures Partners (JVP) is partnering in support of the Cyber NYC initiative. The initiative aims to make NYC a global leader in cyber innovation and increase the number of cybersecurity job openings. Cybersecurity needs to be prioritized by large corporations as data breaches grow more frequent, and attackers become more sophisticated. This article continues to discuss the collaboration between New York City and JVP, the goal of this partnership, the expected increase in cybersecurity investments by the end of 2020, in addition to two recently proposed bills related to ransomware payments and helping government entities improve their cybersecurity.

    CISOMAG reports "New York City Partners with Israel-based Firm to Boost Cybersecurity"