Articles tagged with Cybersecurity
Researchers at North Carolina State University found that companies that disclose their cybersecurity risk management efforts fare better than those that don't after a breach. By implementing voluntary reporting guidelines, companies can reduce the impact of the 'contagion effect' and increase investor attractiveness.
Companies can mitigate risks by strengthening every vendor handling their data, according to new research from American University. High-profile breaches have shown that even strong cybersecurity measures are not enough if vendors are weak.
The University of Arizona's two-year AZSecure Cybersecurity Fellowship program will continue to train students in cybersecurity, covering tuition and fees, with a stipend of $34,000 per year. The renewal funding will help about 20 more students over the next five to seven years.
Researchers are developing a form of cybersecurity inspired by human biological systems, detecting and addressing threats in their earliest stages. The team is also offering training and research opportunities to students from underrepresented backgrounds.
West Virginia University is creating 40 annual scholarships to support students in cybersecurity roles. The program aims to address the growing demand for cybersecurity experts amid escalating cyber threats and unfilled positions globally.
The University of Arkansas has received a $4.6 million award to train the next generation of cybersecurity professionals. The program will provide education and job training for students, focusing on critical industries such as transportation and energy, and addressing a national shortage of skilled cybersecurity experts.
Researchers developed an AI program called Pluribus that defeated leading professionals in six-player no-limit Texas hold'em poker. The AI uses a limited-lookahead search algorithm to develop strategies for situations with incomplete information.
The new framework helps government and industry organizations visualize their ability to out-maneuver attacks by scoring their agility. Researchers used a honeypot system to attract and analyze malicious traffic, allowing them to better understand how cyberattacks evolve over time.
The University of Texas at San Antonio (UTSA) has developed the first cyber agility framework to score the agility of cyber attackers and defenders. This framework uses a honeypot to analyze malicious traffic over time, allowing defenders to visualize how well they out-maneuver attacks.
Researchers at UBC have developed a program to improve the security of smart meters and protect against software-interference attacks. The method addresses vulnerabilities that can be carried out by an attacker with low-cost equipment, found nine types of attacks within an hour through code-level analysis.
Researchers at the US Army Research Laboratory identified a new strategy to improve cybersecurity by compressing network traffic without losing malicious activity detection capabilities. The technique stops transmitting data after a set number of messages, reducing bandwidth usage and increasing security alert reliability.
Fanny Ye aims to design methods and algorithms for automating the analysis of online underground markets. She will also develop a novel framework for cross-market user identification and profiling to gain insights into cybercriminal social networks and secure cyberspace.
Researchers developed the free software 'CoinEater', which recognises and blocks crypto mining on websites without user approval. The software scans over 100,000 pages daily to detect cryptojacking and pop-up scams.
A multicenter study by Brigham and Women's Hospital found that hospital employees are susceptible to phishing attacks, with a high click rate of 14.2%, but also showed improvement in response rates with increasing campaigns and phishing awareness training.
The Goethe University co-ordinates a mega-project on cybersecurity and data protection, with a total grant of €16 million. The project aims to establish international standards in cybersecurity and boost the effectiveness of Europe's security capacities.
The University of Texas at San Antonio has developed a framework using deep neural networks to classify and detect malware. This system was recognized as the top prize winner in the AICS 2019 Challenge sponsored by Crowdstrike Foundation and MIT Lincoln Laboratory, showcasing UTSA's expertise in cybersecurity.
Virginia Tech has received a $3 million grant from the US Department of Energy to develop comprehensive solutions for electric vehicle charging infrastructure cybersecurity. The team will focus on mitigating threats and ensuring the reliability of EV transportation, including fast charging systems and user privacy.
A team of researchers has developed a new proactive defense technique called moving target defense (MTD) to protect computer systems from cyberattacks. MTD involves changing the IP address of computers frequently enough to confuse attackers and make it harder for them to exploit vulnerabilities.
Akatosh, a new security analysis tool, provides deeper context to existing IT infrastructure, automating the process of sorting through intrusion detection system (IDS) alerts. This reduces the time and cost required to identify the source of a security incident and neutralize threats.
A series of articles and commentaries highlights the importance of process improvements, team culture, and enterprise cybersecurity in preventing cyberattacks. Healthcare executives discuss key components of effective cybersecurity strategies, including organization-wide training and shared responsibility.
Researchers at Ruhr-University Bochum discovered vulnerabilities in IPsec's IKEv1 protocol, which enable attackers to intercept specific information. The Bleichenbacher attack was successful against four network equipment providers, prompting manufacturers to eliminate security gaps.
The study finds that both state and non-state actors face similar decisions when it comes to claiming credit for cyberattacks, but their strategies diverge due to different optics. The researchers highlight the importance of understanding how attackers' motives and identity can be revealed through credit claims.
Researchers at UTSA created an authorization framework for connected cars to prevent cyber attacks and unauthorized access to sensors and data. The framework provides a conceptual overview of various access control decision and enforcement points needed for dynamic interaction in smart car ecosystems.
A multidisciplinary team at KU is tackling the fundamental science underpinning IoT security, focusing on solutions to side-channel attacks and securing information in the cloud. The team aims to improve resilience and trust between computers, essential for addressing growing cybersecurity concerns.
The use of digital recordings in medical visits holds great promise for improving healthcare outcomes, including enhanced patient engagement, shared decision-making, and education. However, the authors caution that there are pressing need to develop new policies on data collection, management, and storage.
Researchers demonstrated that two common email encryption standards are vulnerable to attacks, compromising secure communication. The S/MIME standard is not suitable for secure communication due to outdated cryptography, while OpenPGP can be configured securely but often isn't.
Researchers at UCSB are developing a chip that uses ionic memristor technology to create a physically unclonable device, rendering it vulnerable to cyber attacks. The technology aims to prevent cloning and hijacking of devices in networks, making them ideal for securing IoT devices.
Cybersecurity risks exist in cardiac devices due to software integration and wireless communications, according to the American College of Cardiology's Electrophysiology Council. The potential consequences include device malfunction, battery depletion, and interruptions in life-saving therapies.
Researchers from UC3M and CSIC have developed a system to analyze electromagnetic emissions from smartphones for security vulnerabilities. The study focuses on lateral movement attacks, where attackers try to exploit the energy emitted by devices to breach encryption.
The NSF Secure and Trustworthy Cyberspace program aims to address the growing cybersecurity challenge through foundational research and education. The $74.5 million investment will support a wide range of research areas, including access control, cryptography, and human interaction, to develop safer and more secure cyber systems.
The University of Texas at San Antonio has received a $5 million grant to create a multidisciplinary center focusing on cybersecurity and cloud computing. The Center for Security and Privacy Enhanced Cloud Computing (C-SPECC) aims to develop well-trained professionals in the industry and strengthen San Antonio as a cybersecurity hub.
Berkeley Lab is developing algorithms to monitor the grid for irregularities and dispatch safe settings to counter potential cyber attacks. The project aims to enhance grid resilience while maintaining security. It partners with industry leaders and utilities to leverage best practices and standards.
Experts outline steps hospitals can take to reduce risk, including workforce training, patching operating systems, and reporting attacks promptly. However, full security is unlikely to be achievable due to the complexity of modern hospital systems.
Researchers are working on a method to distribute processing power to programs based on their needs, enabling computers to cope with future requirements. This approach aims to prevent unpredictable delays and frequent interruptions by providing accurate information regarding application needs.
Researchers found security gaps in open-source DNA processing programs, allowing unauthorized access to computer systems and potentially manipulated DNA results. They recommend strengthening computer security and privacy protections through best practices, adversarial thinking, and monitoring.
A nationwide team of security experts, led by Clemson University's Hongxin Hu, is developing a new operating system to fundamentally change how large computer and network systems are built, making data more secure. The S2OS system could be transformative for cloud computing, protecting users' data from cyber threats.
Lenvio Inc. has exclusively licensed Hyperion, a malware behavior detection technology from Oak Ridge National Laboratory (ORNL), to quickly identify malicious software behavior. This technology improves upon traditional signature detection methods, providing a new class of cyber protection against large-scale cybersecurity threats.
Virginia Tech researchers discovered that Android apps collude to mine user information, compromising security. The study found thousands of pairs of apps that could leak sensitive data, with the biggest risks coming from seemingly innocuous apps like ringtones and widgets.
CISPA researchers have developed an early warning system to detect and prevent mass cyber attacks, including DDoS attacks. The system uses honeypots to track and analyze attack patterns, providing valuable insights into the motivations behind these attacks.
Researchers from Michigan Technological University highlight the vulnerability of power grids to cyberattacks, citing a 'gap' between physical equipment and software. They propose using quantitative methods to prioritize cybersecurity protection and establishing metrics for grid 'health'.
The study proposes a new approach to designing cyber-physical systems by integrating machine learning, real-time sensors, and effective communication interfaces. The team encourages combining model-based design with data-based learning to establish a durable design methodology for these complex systems.
A new light-based technique creates secure, invisible watermarks that can be used to detect and prosecute counterfeiting. The technique uses a complex pattern of light as a unique watermark, which is embedded into the content to be protected.
Researchers have developed a tool to visualize network traffic data, allowing analysts to identify key changes and patterns. The tool has been used to inspect network traffic during DDoS attacks and map out malware distribution networks.
A study by NIST researchers found that security fatigue leads users to adopt risky computing behavior, causing costs to businesses. The study defines security fatigue as weariness or reluctance to deal with computer security.
Saarland University's IT security team, saarsec, won the top European prize in an international competition that tested their skills in finding vulnerabilities and defending against cyber attacks. The team, comprising students with varying levels of education and expertise, demonstrated exceptional knowledge of IT security and encryption.
Researchers at George Mason University are working on a new method called 'shuffling' to quickly separate hackers from legitimate users and isolate bad actors. The approach aims to prevent denial-of-service attacks that can cripple online businesses with downed websites, financial losses, and damaged client relationships.
The Software Assurance Marketplace (SWAMP) partnership between Morgridge Institute for Research and Bowie State University integrates cybersecurity into undergraduate coding courses. This integration helps students develop prolific programming skills, including reading and interpreting code for errors. The program aims to address the h...
A University at Buffalo researcher has developed a comprehensive model to explain why people fall for spear phishing attacks, accounting for user vulnerabilities and behavior patterns. The model proposes a new approach to training and education, using individual profiles to identify specific weaknesses, and enables organizations to dev...
Stefan Savage's work has made significant contributions to network security, including combating spam and vulnerabilities in automotive systems. His research has also influenced international standards and cybersecurity initiatives.
A recent study by Appthority reveals that over 88% of Android apps secretly spy on user data. Researchers from Saarland University developed an app called TaintArtist to track and monitor suspicious app behavior, providing users with a sense of security.
Boxmate systematically generates program inputs to investigate regular behavior, logging critical data access and resources. This approach catches hidden attacks and prevents them from executing, making malicious programs exposed and unusable.
RIT faculty will develop new cybersecurity curriculum on strategic thinking and tactics with a $25,000 Intel gift. The project aims to train future cybersecurity professionals in applying conventional warfare tactics for defense purposes.
The University of Kansas School of Engineering will educate cyberdefense experts dedicated to public service with a new $4.7 million grant. The initiative supports dozens of students, who commit to work at government cybersecurity jobs safeguarding critical infrastructure.
The University of Massachusetts Amherst has received a $4.2 million grant to establish a CyberCorps Scholarship for Service program, which will support 28 students in their pursuit of careers in cybersecurity. The program aims to address the national shortage of highly trained experts in this field.
The UK and Singapore are collaborating on six joint research projects to develop new cybersecurity solutions, with a focus on enhancing system resilience. The projects aim to improve the detection of cyber threats and create more robust systems for critical infrastructure.
A new study by UTSA professor Max Kilger delves into the human component of cybersecurity, highlighting the unique motivations of cyberterrorists. The research reveals that financial gain is a primary motivator for these attacks, making them a significant and growing threat.
The NSF Secure and Trustworthy Cyberspace (SaTC) program supports research on vulnerabilities in hardware, software, and networking technologies. The awards also focus on human components of cybersecurity, education, and workforce development.
The NSF Secure and Trustworthy Cyberspace (SaTC) program invests $74.5 million in research grants to address vulnerabilities in hardware, software, and networking technologies. The funding supports interdisciplinary research, including the human components of cybersecurity and education initiatives.
A new study by University of Washington and Columbia University researchers found significant security weaknesses in journalists' technological tools and ad-hoc workarounds. Despite the importance of protecting sensitive information, many journalists use insecure methods to organize notes and communicate with sources.
A RAND Corporation study finds companies are paying more attention to cybersecurity, with CEOs listening to CISOs and new products improving security. However, CISOs worry about hackers' sophistication and the difficulty in quantifying data losses, making it hard to estimate costs.