News Items

  • news

    Visible to the public "ForeScout: Without Visibility and Control, OT Security Remains at Severe Risk"

    Further attention is being brought to the cybersecurity of operational technology (OT). Physical infrastructure is a way in which cybercriminals can infiltrate an enterprise network. OT systems are now more connected to the internet and joined with IT networks, increasing their vulnerability to cyberattacks. OT assets are also highly vulnerable as the technology in OT systems such as programmable logic controllers (PLC) were not designed and developed with security in mind. Old OT lacks encryption and authentication. This article continues to discuss the vulnerability of OT to cyberattacks, what organizations should do to secure their physical infrastructure, and efforts made by ForeScout to improve OT security.

    CBR Online reports "Forescout: Without Visibility and Control, OT Security Remains at Severe Risk"

  • news

    Visible to the public "Vulnerability of Cloud Service Hardware Uncovered"

    Scientists at Karlsruhe Institute of Technology (KIT) have discovered that field-programmable gate arrays (FPGAs) are vulnerable to side-channel attacks. FPGAs are often considered for use in the development of new systems because of the modifiable nature of these devices. As a result, FPGAs are used in a variety of different technologies such as smartphones, vehicle electronics, medical engineering equipment, and more. The vulnerability of an FPGA to side-channel attacks stems from the simultaneous use of the chip by multiple users and the versatility of this technology. According to scientists, side-channel attacks on FPGAs could allow cloud service customers to spy on each other as FPGA chips are often used in cloud computing applications. This article continues to discuss the concept and use of FPGAs, as well as the vulnerability of these chips to side-channel attacks.

    Technology Networks report "Vulnerability of Cloud Service Hardware Uncovered"

  • news

    Visible to the public "APPLE JUST PATCHED A MODEM BUG THAT'S BEEN IN MACS SINCE 1999"

    A modem configuration bug has been discovered, that's been in Apple operating systems since 1999. The flaw could have potentially been exploited by an attacker to get persistent, remote root access to any Mac. Only certain generations of OS X and macOS were susceptible of the flaw, and Apple has added protections from an attack like this, since 2016's macOS Sierra that made the bug prohibitively difficult (though still not technically impossible) to exploit in practice. Apple finally patched the modem configuration bug in April.

    WIRED reports: "APPLE JUST PATCHED A MODEM BUG THAT'S BEEN IN MACS SINCE 1999"

  • news

    Visible to the public Prerelease version 3.0.1 now available

    We are bringing the newest version of CAT Vehicle Testbed simulator that is compatible with ROS Melodic and Ubuntu 18.04. It works seamlessly with Gazebo 9.0. Check out the latest version on our GitHub page https://github.com/jmscslgroup/catvehicle

    If you find this work useful please give credits to the authors and developers by citing:

    bibtex:

  • news

    Visible to the public "Unsecured Database Exposes 85GB in Security Logs of Major Hotel Chains"

    Researchers at vpnMentor discovered an unsecured database that exposed 85.4GB of major hotel chains' security logs. The exposure of security audit logs could lead to the exposure of cybersecurity weaknesses contained by major hotels, including Marriott. The unsecured server in which the database was discovered is connected to a hotel and resort management company, called Pyramid Hotel Group. According to researchers, sensitive information such as API keys, passwords, malware alerts, device names, IP addresses of incoming connections, and more, was exposed. This article continues to discuss the discoveries made by researchers in relation to the unsecured database that exposed data from security systems belonging to major hotels.

    ZDNet reports "Unsecured Database Exposes 85GB in Security Logs of Major Hotel Chains"

  • news

    Visible to the public "Unknowingly Loading Malicious Content from 'Trusted' Sites"

    Findings from a study conducted by researchers from CSIRO's Data61, an arm of Australia's national science agency specializing in data and digital technology, reveals that about half of the Internet's most visited websites are vulnerable to being used for malicious activities. The vulnerability of these websites stem from the reliance on ad providers, content distribution networks, tracking services, analytics services, and other third parties used to load content. A dependency chain is created when such third parties load resources from other domains. As the original site trusts these domains and the dependency chain grows, the risk of malicious activity increases. This article continues to discuss the dependence of popular websites on third parties to import external resources and how dependency chains pose a threat to security and privacy.

    Homeland Security News Wire reports "Unknowingly Loading Malicious Content from 'Trusted' Sites"

  • news

    Visible to the public "Checkers, Rally's Burger Joints Hit By POS Malware"

    Checkers Drive-In Restaurants, which also runs Rally's, had 102 of its 900 U.S. locations affected with a point-of-sale malware, with one California restaurant infected over more than two years, starting in December 2015. The point-of-sale malware harvested data stored on a payment card's magnetic stripe, including name, card number, card verification code and expiry data. Checkers, which was acquired by private equity firm Oak Hill Capital Partners in 2017, says it "recently" became aware of the malware and is taking steps to remove it.

    Bank Info Security reports: "Checkers, Rally's Burger Joints Hit By POS Malware"

  • news

    Visible to the public "Secure Metropolitan Quantum Networks Move a Step Closer"

    A team of Chinese researchers have made an advancement in quantum communication in which they performed continuous-variable quantum key distribution (CV-QKD) over commercial fiber networks at a significantly longer transmission distance than previously demonstrated. A longer transmission distance over commercial fiber networks indicates that CV-QKD has the potential to be performed in metropolitan areas via current technologies. CV-QKD can enhance the security of people's data such as passwords, email, and more. This article continues to discuss the recent advancement in CV-QKD, previous demonstrations of long-distance CV-QKD, and challenges associated with bringing a practical CV-QKD system to the real world.

    Phys.org reports "Secure Metropolitan Quantum Networks Move a Step Closer"

  • news

    Visible to the public "From Viruses to Social Bots, Researchers Unearth the Structure of Attacked Networks"

    Researchers are looking at how viruses interact with proteins and genes in the human body in order to further understand how to combat cyberattacks on computer networks as well as other adversarial attacks in fields such as ecology, social science, neuroscience, and more. A machine learning model of the protein interaction network has been developed by researchers to explore how viruses operate. This research can be applied to different types of attacks and network models across different fields, including network security. The capacity to determine how trolls and bots influence users on social media platforms has also been explored through this research. This article continues to discuss the machine learning model of the protein interaction network and the application of this research to different fields.

    Science Daily reports "From Viruses to Social Bots, Researchers Unearth the Structure of Attacked Networks"

  • news

    Visible to the public "CSL Researchers Add ‘Time-Travel’ Feature to Solid State Drives to Fight Ransomware Attacks"

    In a paper, titled Project Almanac: A Time-Traveling Solid State Drive, researchers from the Coordinated Science Laboratory at the University of Illinois describe a tool that can allow victims to save their files in the event that they experience a ransomware attack, without having to succumb to the demands for ransom payments. The tool discussed in the paper can be used to enable solid-state drives, which are used in most computers as a component of the storage system, to save old versions of files instead of get rid of them when the files are modified. Through the use of this tool, ransomware attacks can be prevented. This article continues to discuss how the tool can help thwart ransomware attacks, the trade-off associated with this tool, how this trade-off can be managed, and the expected advancement of the tool.

    CSL reports "CSL Researchers Add 'Time-Travel' Feature to Solid State Drives to Fight Ransomware Attacks"

  • news

    Visible to the public "Chinese database exposes 42.5 million records compiled from multiple dating apps"

    Tens of millions of records about users of different dating apps have been discovered on a single database which does not require a password to access. Most of the records discovered had information about American users,the data included IP addresses, geolocation information, age of users, location of users, and account names. It does not include financial information. It is not known if the developers of the applications had bad intent, however the developers of the applications are going through great lengths to cover their identity, and state there location is a subway stop in China, and use a phone number that has been disconnected, which makes it suspicious. The database of individuals information is still online at the moment.

    Cyberscoop reports: "Chinese database exposes 42.5 million records compiled from multiple dating apps"

  • news

    Visible to the public "Texas Passes First Grid Protection Bills to Boost Cybersecurity Monitoring and Best Practices"

    Two grid protection bills, Senate Bill 475 and Senate Bill 936, were recently passed by Texas lawmakers. These bills are in support of improving upon the sharing and implementation of best security practices and creating a framework for collaboration in cybersecurity monitoring for the protection of the power grid against cyberattacks. Under SB 475, The Texas Electric Grid Security Council will develop grid security standards, prepare for threats targeting the power grid, and more. SB 936 calls for the development of strategies for better cybersecurity monitoring of the energy grid. This article continues to discuss the possible disruption to the U.S. power grid as a result of cyberattacks, along with the purpose and goals of SB 475 and SB 936.

    Utility Dive reports "Texas Passes First Grid Protection Bills to Boost Cybersecurity Monitoring and Best Practices"

  • news

    Visible to the public "Web App Vulnerabilities Flying Under Your Radar"

    Shandon Lewis, a senior Web application penetration tester at Backward Logic gave a presentation, titled Vulnerabilities in Web Applications That Are Often Overlooked, in which he highlighted the importance of concentrating on small Web application vulnerabilities as they are more likely to be used by attackers to infiltrate targets than zero-day vulnerabilities. Web application bugs that are considered to be of low severity can have a significant impact on businesses. According to Lewis, the infiltration into targets is often successful because of phishing attacks, physical intrusion, and the use of weak credentials. This article continues to discuss the importance of looking at low-severity Web application bugs, the components of weak credentials, user enumeration, and rate limiting.

    Dark Reading reports "Web App Vulnerabilities Flying Under Your Radar"

  • news

    Visible to the public "General Data Protection Regulation (GDPR): What You Need to Know to Stay Compliant"

    The General Data Protection Regulation (GDPR) aims to protect the personal data and privacy of EU residents. This regulation is extensive as any company that stores or processes data belonging to EU residents are expected to comply with it. In compliance with the GDPR, companies are required to protect different types of privacy data such as personally identifiable information (PII), web data, biometric data, political opinions, data in relation to sexual orientation, and more. This article continues to discuss the concept, purpose, and far-reaching impact of the GDPR, as well as the roles defined by the GDPR and what companies should do to comply with this regulation.

    CSO Online reports "General Data Protection Regulation (GDPR): What You Need to Know to Stay Compliant"

  • news

    Visible to the public "When it comes to email-based threats, Emotet dominates"

    Emotet has displaced credential stealers, stand-alone downloaders and RATs and has become the most prominent threat delivered via email. During a study of Q1 2019, it was found that 61 percent of all malicious payloads distributed via email were Emotet. Emotet started its life as a banking Trojan, but has since been morphed over time and has become a malware multi-tool, capable of downloading additional malware, stealing passwords, performing brute-force attacks against accounts, sending out spam, and sending out malicious emails.

    HELPNETSECURITY reports: "When it comes to email-based threats, Emotet dominates"

  • news

    Visible to the public "One Million Devices Open to Wormable Microsoft BlueKeep Flaw"

    Security researchers discovered a critical remote code-execution Microsoft flaw, called BlueKeep, that could be as impactful as WannaCry and NotPetya. Although the flaw has been fixed, researchers have warned that one million public internet-connected devices are still vulnerable to the Microsoft bug. Remote Desktop Services contain this flaw and older versions of Windows, including Windows 7, Server 2008, and more, are impacted. A significant increase in scans for vulnerable systems has also been observed by researchers. This article continues to discuss the RDP BlueKeep (CVE-2019-0708) vulnerability, the devices vulnerable to this flaw, and the increase in scans for vulnerable devices by threat actors.

    Threatpost reports "One Million Devices Open to Wormable Microsoft BlueKeep Flaw"

  • news

    Visible to the public "The Pentagon is Trying to Secure Its Networks Against Quantum Codebreakers"

    Quantum computers are expected to be capable of breaking current encryption systems, including those used by the government. Therefore, it is essential that new encryption techniques are further explored and developed. The Defense Information Systems Agency is making efforts towards safeguarding the Pentagon's IT infrastructure from quantum computer attacks. Security researchers are being asked to generate ideas for new encryption algorithms that would be resistant to such attacks. This article continues to discuss the expected advancement of quantum computing, the threat posed by quantum computing to data security, and the need to strengthen the Pentagon's network security against quantum computers.

    Defense One reports "The Pentagon is Trying to Secure Its Networks Against Quantum Codebreakers"

  • news

    Visible to the public "Attackers Could Use Mobile Device Sensors to Generate Unique Device Fingerprint: Research"

    According to researchers at Cambridge University, unique device fingerprints could be generated by attackers through the use of motion sensors built into mobile devices, allowing users to be tracked across the internet via their iOS and Android devices. Access to these sensors does not require special permissions or the escalation of permissions. An individual device's fingerprint can be generated by analyzing sensor output and mathematically inferring details pertaining to the calibration of sensors. Researchers developed an app that is capable of quickly extracting a mobile device's fingerprint. This research focuses on gyroscope and magnetometer sensors on iOS devices. However, researchers expects that the fingerprint attack can also target other embedded sensors to generate fingerprints. This article continues to discuss the use of device fingerprinting, efforts made to limit fingerprinting, the use of motion sensors built into mobile devices to generate fingerprints, and researchers' recommendations for mitigating the fingerprinting attack.

    Security Week reports "Attackers Could Use Mobile Device Sensors to Generate Unique Device Fingerprint: Research"

  • news

    Visible to the public Pub Crawl #27

  • news

    Visible to the public "Solving the network visibility problem with NaaS"

    Network visibility is important to an organization. In order to achieve network visibility one should do the following things. First, one should clearly map out their network and network endpoints. Secondly, one should conduct a survey of all the different types of Infrastructure-as-a-Service (IaaS), software services, business applications, data centers and local networks their organization utilizes. And thirdly, one should map out the levels that should be associated with each of these corporate resources. Once mapping of an organizations network and compliance standards have occurred, then one will want to build a security strategy and mitigation plan. Once a security mitigation plan is created, and implemented, one should try to utilizing a flexible Network-as-a-Service (NaaS) that will allow an individual to customize and segment network access, as well as provide granular network visibility. If all these steps are conducted, then it will help an organization achieve network visibility while keeping the network safe.

    HELPNETSECURITY reports: "Solving the network visibility problem with NaaS"

  • news

    Visible to the public SoS Musings #26 - Social Engineering Attacks

    SoS Musings #26
    Social Engineering Attacks

  • news

    Visible to the public Cyber Scene #33 - Huawei, Encore et Toujours

    Cyber Scene #33
    Huawei, Encore et Toujours

  • news

    Visible to the public "As Bitcoin Surges, Hackers Rush to Spread Cryptocurrency Malware on Google Play"

    There has been a revival in cryptocurrency malware in response the increased price of Bitcoin. ESET security researchers found two fake cryptocurrency apps on Google Play, called Trezor Mobile Wallet and Coin Wallet. According to researchers, these apps were designed to steal users' cryptocurrency. Both Trezor Mobile Wallet and Coin Wallet apps were developed through the use of templates, which can be sourced online at a low cost. The intent of behind these templates is to develop a generic cryptocurrency wallet. However, this recent discovery of fake cryptocurrency wallet apps have brought further attention to the possibility of attackers modifying templates to reroute users' coins for their own gain. This article continues to discuss the spread of cryptocurrency malware on Google Play, findings from the analysis on the two fake cryptocurrency apps, the modification of templates to perform malicious activities, and the discovery of cryptocurrency scamming apps on Google Play in 2018.

    TNW reports "As Bitcoin Surges, Hackers Rush to Spread Cryptocurrency Malware on Google Play"

  • news

    Visible to the public "If you haven’t yet patched the BlueKeep RDP vulnerability, do so now"


    There is still no public, working exploit code for CVE-2019-0708. The BlueKeep RDP vulnerability is a flaw that could allow an unauthenticated remote attacker to execute remote code on a vulnerable target running Remote Desktop Protocol (RDP). Microsoft has created a patch, to fix the problem. One should implement the patch as soon as possible to protect their computers. If one cannot install the new patches, then the following should be completed to help protect from the flaw. One can Disable RDP services if they are not required, also one can block port 3389 (standard RDP port) at the enterprise perimeter firewall or configure RDP to be only accessible via a VPN or via devices on the LAN, ThDeploy IDS/IPS rules to detect the exploit. One should also enable Network Level Authentication (NLA) - this is a partial mitigation, as affected systems are still vulnerable to RCE exploitation if the attacker can authenticate with valid credentials.

    HELPNETSECURITY reports: "If you haven't yet patched the BlueKeep RDP vulnerability, do so now"

  • news

    Visible to the public "Crowdsourced Security Gaining Ground for IoT and Enterprise"

    Crowdsourced security testing platforms (CSTP) are becoming more popular among enterprises to identify vulnerabilities in IoT products before they are exploited by cybercriminals. The approach of crowdsourced security involves the use of white-hat hackers to discover vulnerabilities contained by applications or devices. Bug bounty programs are a part of crowdsourced security. This article continues to discuss the increased interest in crowdsourced security, the concept of this technique, the advantages that this technique has over traditional penetration testing, incentives for bug bounty hunters, and IoT security.

    IoT World Today reports "Crowdsourced Security Gaining Ground for IoT and Enterprise"

  • news

    Visible to the public "New All-Fiber Device Simplifies Free-Space Based Quantum Key Distribution"

    As the era of fully developed quantum computers approaches, post-quantum cryptographic methods must continue to be explored as this advanced technology is expected to render current encryption algorithms obsolete. The secure communication method, quantum key distribution (QKD), uses particles of light known as photons to encode data in quantum bits, which are transmitted to a sender and receiver in the form of an encryption key. Researchers from the University of Padova in Italy have developed an all-fiber device, called POGNAC (POlarization SaGNAC), which improves QKD by generating the states required for this secure method to work. This article continues to discuss the concept of QKD, the development of a satellite-based quantum communication network, and the new polarization encoder developed by researchers.

    Science Daily reports "New All-Fiber Device Simplifies Free-Space Based Quantum Key Distribution"

  • news

    Visible to the public "Consumer IoT Devices Are Compromising Enterprise Networks"

    The number of consumer Internet of Things (IoT) devices connected to enterprise networks has increased significantly. According to the 2019 IoT Threats Report, which highlights findings of a study conducted by researchers at Zscaler ThreatLabZ, many IoT data transactions conducted within the enterprise network are poorly encrypted. The top four IoT devices found in these business environments include set-up boxes, smart TVs, smart watches, and media players. This study brings further attention to the security challenges associated with a BYOD (bring your own device) environment. This article continues to discuss findings of the study in relation to the connection of consumer-grade IoT devices to enterprise networks, the security risks posed by this connection, and security challenges faced by organizations with BYOD environments.

    Dark Reading reports "Consumer IoT Devices Are Compromising Enterprise Networks"

  • news

    Visible to the public "Ransomware Not Gone but More Targeted, Report Says"

    According to the Q1 Global Threat Landscape Report recently released by Fortinet, the launch of ransomware has decreased. However, this form of malware has become more targeted. Ransomware is being tailored more for high-profile targets that could allow attackers to gain access to entire networks. The recent ransomware attack on the Norwegian aluminum company, Norse Hydro ASA, and two U.S.-based chemical companies, Hexion and Momentive, known as LockerGoga is an example of targeted ransomware. This article continues to discuss recent observations surrounding ransomware as well as the tools used to execute cyberattacks and the trend of shared infrastructure between threats.

    Infosecurity Magazine reports "Ransomware Not Gone but More Targeted, Report Says"

  • news

    Visible to the public "Middle East-Linked Hacking Group Is Working Hard to Mask Its Moves"

    Researchers from Cisco's Talos have discovered that the hacking group supposedly linked to the Middle East, called BlackWater, is trying to mask its activities by circumventing host-based signatures and Yara signatures. According to researchers, these hackers have been successful at evading detection systems through the use of PowerShell stager attacks and a Visual Basic for Applications (VBA) script in addition to a separate command and control server. The actors behind BlackWater and the Iranian threat group, MuddyWater, are believed to be related as the code used by the two groups is the same and their targets are similar. This article continues to discuss the BlackWater hacking group in relation to its obfuscating tactics, tools, targets, and supposed links.

    CyberScoop reports "Middle East-Linked Hacking Group Is Working Hard to Mask Its Moves"

  • news

    Visible to the public "Database May Have Exposed Instagram Data for 49 Million"

    It has been identified, that there has been a potential leak of personally identifiable information from Instagram. There was an online database discovered which contained 49 million Instagram users private information, including their email addresses and phone numbers. It was discovered during the investigation, that Chrtbox, a social media company, had stored the information onto the database. Chrtbox is located in India. The database, which was hosted on Amazon Web Services, was left open without password protection on the internet. Chrtbox has since pulled the database offline.

    BankInfoSecurity reports: "Database May Have Exposed Instagram Data for 49 Million"

  • news

    Visible to the public "Google Research: Most Hacker-For-Hire Services Are Frauds"

    According to new research conducted by Google and academics at the University of California, San Diego, most hacker-for-hire services offered online are fraudulent and unsuccessful. The research conducted behind this discovery involved engaging with 27 account hacking service providers and setting up honey pot Gmail accounts. Out of the 27 hacking services, only five executed attacks against the honey pot Gmail accounts. These attacks were performed using social engineering tactics. This article continues to discuss the study in relation to how it was conducted by researchers, along with key observations pertaining to hacking services' techniques, pricing, and responses to inquiries.

    ZDNet reports "Google Research: Most Hacker-For-Hire Services Are Frauds"

  • news

    Visible to the public "Industrial Robotics - Are You Increasing Your Cybersecurity Risk?"

    Industrial robots have been used to support product manufacturing, productivity, and safety. Though there has not been a wave of cyberattacks against industrial robots that we know of, such robots are expected to become a more attractive target for hackers as the costs of such technology decrease and number of robots increases. Researchers have already demonstrated proof-of-concept (POC) attacks on well-known robots in which ransomware was executed. As cyberattacks on robots in industrial environments can impact the operation of businesses and the physical safety of workers, it is important that the security of such technology is improved through further research and developments. This article continues to discuss the growing use of robots in industrial environments, challenges associated with industrial robots, the cybersecurity risks raised by these robots, and the importance of designing robots with security in mind.

    Security Week reports "Industrial Robotics - Are You Increasing Your Cybersecurity Risk?"

  • news

    Visible to the public "Researchers: Aircraft Landing Systems Vulnerable"

    Researchers from Khoury College of Computer Sciences at Northeastern University in Boston have demonstrated the vulnerability of aircraft landing systems to spoofing attacks, which could be launched by attackers to misguide planes into missing runways. The possibility of spoofing wireless signals to critical aircraft landing systems have been demonstrated by researchers through the use of inexpensive software-defined radios (SDRs). It has been emphasized that most wireless systems used by aviation technology are vulnerable to cyber-physical attacks. The research is detailed in a paper, titled Wireless Attacks on Aircraft Instrument Landing Systems. This article continues to discuss how this study was conducted by researchers, the guidance systems used by modern airplanes, the attacks demonstrated against these navigation tools, and the need for more research in regard to building more secure aircraft landing systems.

    ISMG Network reports "Researchers: Aircraft Landing Systems Vulnerable"

  • news

    Visible to the public "How effective are login challenges at preventing Google account takeovers?"

    Despite the increased use of implementation of bugs that might affect the security of physical security keys, Google argues that physical security keys are still the strongest protection against phishing currently available. On-device prompts and SMS codes are also extremely successful at blocking account hijacking attacks that are caused by automated bots and bulk phishing attacks. On-device prompts and SMS codes still can be bypassed by attackers with some level of skill that focus on targeting specific users. Knowledge-based challenges (recovery phone number, last sign-in location, etc.) are fantastic at stopping bots, but are not very good at preventing bulk phishing and targeted attacks. In the event of a suspicious sign-in attempt, Google's risk analysis engine selects the strongest challenge that an account's legitimate owner should ideally be able to solve. Google's research has shown that simply adding a recovery phone number to one's Google Account can block up to 100% of automated bots, 99% of bulk phishing attacks, and 66% of targeted attacks. Google is urging medium to low risk users to choose strong and unique passwords, set up a recovery phone number or email address and to set up two-factor authentication to decrease likelihood of successful attacks. Google has also urged high-risk users to start using Advanced Protection Program, which requires the use of a physical keys, and limits full access to users' Gmail and Drive to specific apps, and also adds extra steps to the account recovery process. If these procedures are followed, then attacks will be much less likely to be successful.

    HELPNETSECURITY reports: "How effective are login challenges at preventing Google account takeovers?"

  • news

    Visible to the public "Lack of Secure Coding Called a National Security Threat"

    The lack of secure coding is a pervasive and serious threat to national security. In order to fix the problem of coders not performing secure coding, one needs to come up with an objective standard, and a legislative mandate that requires a certain level of assurance to provide an assured product. Fixing this problem will not be easy, due to the problems of speed-to-market pressures and the sheer number of IoT devices being produced. Even though it will be tough to fix, it is important that one takes unsecured coding seriously, in order to help keep individuals information more secure and so software can be produced that is less vulnerable to attacks.

    Bank Info Security reports: "Lack of Secure Coding Called a National Security Threat"

  • news

    Visible to the public "Bluetooth's Complexity Has Become a Security Risk"

    Bluetooth security vulnerabilities arise on account of the protocol's complexity. The documentation for the Bluetooth standard is significantly longer and more comprehensive than the material provided for other wireless protocols, making it increasingly complex and difficult for manufacturers to handle. According to Ken Kolderup, vice president of marketing at the Bluetooth Special Interest Group (SIG), the standard's documentation is extensive because it defines a radio frequency for the standard and covers components of hardware, applications, and more, in order to ensure that interoperability between Bluetooth devices is enabled. This article continues to discuss vulnerabilities associated with the Bluetooth standard, the complexity of the Bluetooth standard, recent discoveries in relation to Bluetooth implementation and configuration issues, and how the Bluetooth SIG plans to help improve to the security of Bluetooth implementations.

    Wired reports "Bluetooth's Complexity Has Become a Security Risk"

  • news

    Visible to the public "EU Approves Cyber-Attack Sanctions Ahead of Election"

    The European Union (EU) has agreed upon the enforcement of new cyber sanctions that would penalize cyberattackers by freezing their assets and banning them from traveling. The aim of the automatic set of sanctions is to discourage the future launch of cyberattacks as malicious actors have made attempts at attacking the EU's critical infrastructure, stealing commercial secrets, and more. This article continues to discuss the EU's approval of a cyber sanctions regime plan, the aim of cyberattack sanctions, and recent high-profile cyberattacks against the EU.

    Engadget reports "EU Approves Cyber-Attack Sanctions Ahead of Election"

  • news

    Visible to the public "Will the U.S. Government Draft Cybersecurity Professionals?"

    The National Commission on Military, National, and Public Service, is considering modernizing the Selective Service System (SSS) to include the possible conscription of those that are highly skilled in cybersecurity. One of the goals of this modification is to recruit and promote cybersecurity experts that are of greater age with a lot of experience, thus focusing on experts that are 30 or older. This article continues to discuss the possible compulsory enlistment of cybersecurity experts to serve in the military and civil service, current Selective Service rules, changing the shape of the military with cybersecurity professionals, and the increased deployment of more experienced security practitioners by the U.S. Army Cyber Command.

    CSO Online reports "Will the U.S. Government Draft Cybersecurity Professionals?"

  • news

    Visible to the public Winners of the 2019 NSA Research Directorate Awards at ISEF 2019

    Phoenix, AZ - On Thrusday Night, May 16, 2019, The National Security Agency Executive Director, Mr. Harry Coker, and NSA Researcher and Science of Security and Privacy (SoS) Technical Lead, Dr. Adam Tagert, presented the NSA Research Directorate Awards to 10 outstanding high school scientists. These students were finalists at the 2019 Intel International Science and Engineering Fair (ISEF).

  • news

    Visible to the public "How to Break Our Bad Online Security Habits – with a Flashing Cyber Nudge"

    Cyberattacks continue to rise as a result of human error, the growing complexity of technology, and the increasing sophistication of attack methods. It is important that methods for encouraging good cybersecurity behaviors continue to be explored and developed. A circuit board, called the Adafruit Circuit Playground, can be used to nudge end users into following proper cybersecurity practices. This article continues to discuss privacy fatigue, the exploitation of users' busyness to launch attacks, approaches to breaking bad cybersecurity habits, and the idea behind the Adafruit Circuit Playground.

    Phys.org reports "How to Break Our Bad Online Security Habits - with a Flashing Cyber Nudge"

  • news

    Visible to the public 2019 Music City BEST Season Registration is Open!

    I am excited to announce the 2019 Season Dates! This year's game is "Off the Grid". Team registration is now open.

    • Kickoff - 09/21/19 - Allen Arena
    • Practice - 10/26/19 from 3:30-5:30 pm - McQuiddy Gym
    • Game Day - 11/02/19 - Allen Arena

    This should be a fun challenge and very relevant to existing technical challenge in several US locations.

  • news

    Visible to the public "Unsecured Survey Database Exposes Info of 8 Million People"

    An independent security researcher, named Sanyam Jain, discovered an unsecured Elasticsearch database, which exposed personal information belonging to 8 million people who have responded to online surveys, entered sweepstakes, and requested free product samples. The information exposed by this database included full names, home addresses, email addresses, IP addresses, phone numbers, and more. A performance-based marketing company, named Ifficient, was found to be the owner of the database. This article continues to discuss the discovery of the unsecured database, what information was exposed, and Ifficient's response to this discovery.

    Bleeping Computer reports "Unsecured Survey Database Exposes Info of 8 Million People"

  • news

    Visible to the public "Blockchains Are Being Exploited by Bots for Profit"

    New research conducted at Cornell Tech brings attention to the exploitation of weaknesses in blockchains by attackers through the use of bots for the purpose of gaining profit. The blockchain is a decentralized distributed ledger used to process and finalize cryptocurrency transactions. According to researchers, bots are exploiting time delays in the blockchain system in order to make trades at a higher speed than humans. As a result, bots can have access to information in advance, which could be used to make deals. This article continues to discuss blockchain technology, research discoveries surrounding the inefficiencies of the blockchain system, and the exploitation of these weaknesses by an army of bots.

    Homeland Security News Wire reports "Blockchains Are Being Exploited by Bots for Profit"

  • news

    Visible to the public "Billions of Malicious Bot Attacks Take to Cipher-Stunting to Hide"

    In addition to the growing advancement of malware development, cybercriminals are also increasing the complexity of the ways in which they evade detection. According to researchers at Akamai, attackers have been observed to be increasing their use of a TLS tampering technique, called cipher stunting, which masks malicious bot activity as live human traffic on the web, thus allowing detection attempts to be evaded. This article continues to discuss the concept, increased performance, and targets of cipher stunting.

    Threatpost reports "Billions of Malicious Bot Attacks Take to Cipher-Stunting to Hide"

  • news

    Visible to the public "CyberPatriot Competitions Offer Answers to U.S. Cybersecurity Workforce Challenges"

    A section in the new Executive Order on America's Cybersecurity Workforce calls for the establishment of more cyber competitions in support of raising awareness about the cybersecurity field, cultivating cyber skills, and sustaining a national cybersecurity workforce. It is important that efforts are made to further prepare the next generation of cybersecurity professionals. The CyberPatriot Program, created by the Air Force Association, is aimed at developing the cyber skills of middle school and high school students, and encouraging them to explore career paths in cybersecurity or other STEM disciplines. This article continues to discuss the objective of CyberPatriot and its National Youth Cyber Defense Competitions.

    GovTech reports "CyberPatriot Competitions Offer Answers to U.S. Cybersecurity Workforce Challenges"

  • news

    Visible to the public "Before Blaming Hackers, Check Your Configurations"

    Widely-used cloud platforms, such as Office 365 from Microsoft or G-Suite from Google are often administered by IT professionals tasked with all aspects of configuration; security is not their primary focus. Most Software as a Service (SaaS), have default settings that are tuned to empower end-users with full control over collaboration and data access. The default setting are usually configured to easy access and usability instead of better security. Users of SaaS should look at the default settings and change them to be focus more on security. Improving configuration management in SaaS applications can minimize the risk of data loss, phishing campaigns and can help prevent breaches.

    InfoSecurity reports: "Before Blaming Hackers, Check Your Configurations"

  • news

    Visible to the public "How AI Augments Mobile Authentication"

    The U.S. Department of Defense recently awarded a 20-month $2.42 million contract to a company, named TWOSENSE.AI, in support of developing technology that uses artificial intelligence (AI) to learn about mobile users' behavior and continuously authenticates the users based on the behaviors learned by the AI. The behaviors that will be monitored and learned by the technology include gait, keystrokes, and fingertip pressure. The technology will supplement traditional authenticators instead of replace them as users will still be asked to provide usernames, passwords, one-time personal identification numbers, or biometric identifiers, if the authentication process involving learned behaviors goes wrong. This article continues to discuss the concept, support, development, and research behind this technology.

    GCN reports "How AI Augments Mobile Authentication"

  • news

    Visible to the public "A Cisco Router Bug Has Massive Global Implications"

    Security researchers at Red Balloon have discovered two vulnerabilities in the Cisco 1001-X series router. Cisco's 1001-X routers are used for connectivity at stock exchanges, local malls, corporate offices, and more. The exploitation of these security flaws could allow hackers to steal the data that passes through the routers. These bugs are significant in that they enable hackers to remotely gain root access to routers and circumvent the security protection, Trust Anchor, which has been built into most of Cisco's enterprise devices since 2013. According to researchers, the techniques used to bypass Trust Anchor could be used by attackers to infiltrate the networks in which these devices are connected. This article continues to discuss the vulnerabilities and the potential impact that these flaws could have on institutions, along with some concerns surrounding the mitigation of the vulnerabilities and the research conducted behind these discoveries.

    Wired reports "A Cisco Router Bug Has Massive Global Implications"

  • news

    Visible to the public "Why Local Governments Are a Hot Target for Cyberattacks"

    Cyberattacks against local governments have been on the rise as indicated by the recent wave of ransomware attacks faced by municipalities within the U.S. Security experts have provided reasons as to why local governments have become an attractive target for cyberattacks. According to researchers, cities are increasingly utilizing the Internet to deliver services, city systems are storing massive amounts of data, cities are resource-constrained in regard to cybersecurity, and more. This article continues to discuss recent cases in which U.S. municipalities have been hit with malware and ransomware, and why cities are vulnerable to cyberattacks.

    CSO Online reports "Why Local Governments Are a Hot Target for Cyberattacks"

  • news

    Visible to the public "Employees are aware of USB drive security risks, but don’t follow best practices"

    In a study that was conducted, employees were found to be aware of the risks associated with inadequate USB drive security. It was found that while 91 percent of respondents claimed that encrypted USB drives should be mandatory, 58 percent of respondents confirmed that they regularly use non-encrypted USB drives. Although 64 percent of organizations have a policy outlining acceptable use of USB devices, 64 percent of respondents said their employees use USB drives without obtaining advance permission to do so. It was also discovered that nearly half of the respondents lost a USB drive without notifying appropriate authorities about the incident. It is important that employers implement strict security policies to defend against the shortcuts employees will take. Beyond policies and procedures, organizations should reinforce that their employees use encrypted USB drives that require a unique PIN to make information on USB drives more secure.

    HELPNETSECURITY reports: "Employees are aware of USB drive security risks, but don't follow best practices"