• New report urges policy overhaul, transparency in offensive cyber operations

    A newly released report, titled Joint Publication 3-12(R) and authored by the Joint Chiefs of Staff, has revealed that some top commanders are calling for a policy overhaul and more public transparency in offensive cyber operations, given the growing need for such operations. Some previous documents have been published on the topic, but there is no official U.S. military policy book for cyber operations.

  • Banks collaborate to thwart cybercrime

    The Financial Services Information Sharing and Analysis Center (FS-ISAC), a cybersecurity information sharing group, has teamed up with the Depository Trust & Clearing Corporation to form Soltra. Named after a series of fire signals that were used in Europe hundreds of years ago to warn against invaders, the organization alerts member banks of incoming or potential cyber threats.

  • Mobile phones’ applications offering voice communication security vulnerable to attack

    Researchers examined the vulnerabilities in security of video- and voice-over-Internet protocol, or VoIP, communications. The team developed attacks that uncovered these vulnerabilities in a currently used security scheme, and once those weaknesses were identified, the team suggested alternatives that may protect against potential attacks.

  • Head of U.K. surveillance agency: U.S. tech companies have become terrorists' “networks of choice”

    The new director of Government Communications Headquarters (GCHQ), the U.K. intelligence organization responsible for providing signals intelligence (SIGINT) and information assurance to the British government and armed forces, said that privacy has never been “an absolute right.” Robert Hannigan used his first public intervention since becoming head of Britain’s surveillance agency to charge U.S. technology companies of becoming “the command and control networks of choice” for terrorists.

    • view counter

  • Government tries better to define cybersecurity needs

    In a science advisory board meeting on 23 October at the White House Office of Science and Technology Policy (OSTP), officials attempted to glean just where the government cybersecurity workforce stood in terms of talent and hiring necessity. There is currently no government-wide federal job description in the cybersecurity field, and that has led to meetings similar to the October summit.

  • Security contractor USIS failed to notice months-long hacking of its computer systems

    A new report reveals that the cyberattack on security contractor USIS, similar to previous attacks by Chinese government hackers on U.S. firms, was infiltrating USIS computer systems for months before the company noticed. The breach, first revealed publicly by the company and the Office of Personnel Management(OPM) in August, compromised the records of at least 25,000 DHS employees.

    • view counter

  • Contactless cards fail to recognize foreign currency

    New research has highlighted a “glitch” in the Visa system which means their contactless cards will approve foreign currency transactions of up to 999,999.99 in any foreign currency. Side-stepping the £20 contactless limit, transactions can be carried out while the card is still in the victim’s pocket or bag. Transactions are carried out offline, avoiding any additional security checks by the bank, and although the current system requires the credit card to authenticate itself, there is currently no requirement for the POS (point of sale) terminal to do the same.

  • A major cyberattack causing widespread harm to national security is imminent: Experts

    A new report found that more than 60 percent of the roughly 1,600 computer and Internet experts surveyed on the future of cyberattacks believe a nationwide cyberattack is imminent. They did so in response to the question: “By 2025, will a major cyberattack have caused widespread harm to a nation’s security and capacity to defend itself and its people?” The experts also warn about the risks to privacy which will accompany a growing focus on cybersecurity.

  • Identifying ways to improve smartphone security

    What information is beaming from your mobile phone over various computer networks this very second without you being aware of it? Experts say your contact lists, e-mail messages, surfed Web pages, browsing histories, usage patterns, online purchase records and even password protected accounts may all be sharing data with intrusive and sometimes malicious applications, and you may have given permission. The apps downloaded to smartphones can potentially track a user’s locations, monitor his or her phone calls and even monitor the messages a user sends and receives — including authentication messages used by online banking and other sites, he says, explaining why unsecured digital data are such a big issue. Assigning risk scores to apps may slow down unwarranted access to personal information.

  • New report details Russia’s cyber-espionage activities

    Researchers at FireEye, a Silicon Valley-based computer security firm, are connecting the Russian government to cyber espionage efforts around the world. The researchers released a report on Tuesday which says that hackers working for the Russian government have, for seven years now, been hacking into computer networks used by the government of Georgia, other Eastern European governments, and some European security organizations.

  • Georgia Tech releases 2015 Emerging Cyber Threats Report

    In its latest Emerging Cyber Threats Report, Georgia Tech warns about loss of privacy; abuse of trust between users and machines; attacks against the mobile ecosystem; rogue insiders; and the increasing involvement of cyberspace in nation-state conflicts.

  • New smart key software enhances security for homes businesses

    Computer scientists and security specialists have created an innovative electronic smart key system that aims to provide a safer and more flexible security system for homes and businesses. eLOQ is a new software system for the creation and management of electronic keys and locks which cannot be copied or picked.

  • China steals confidential data on the vulnerabilities of major U.S. dams

    The U.S. Army Corps of Engineers’ National Inventory of Dams(NID) contains critical information on the vulnerabilities of the roughly 8,100 major dams in the United States. Between January and April 2013, U.S. intelligence agencies spotted several attempts by China’s People’s Liberation Army (PLA) cyber-espionage unit to access the NID database and steal its contents. On Monday, National Weather Service (NWS) hydrologist Xiafen “Sherry” Chen, 59 was arrested for allegedly breaching the NID security and stealing confidential data on U.S. dam vulnerabilities. The Justice Department has raised the alarm over multiple attempts by China to steal data on U.S. critical infrastructure through individuals with privileged access to confidential databases.

  • Law enforcement: Apple iOS 8 software would hinder efforts to keep public safety

    With its new iOS 8 operating software, Apple is making it more difficult for law enforcement to engage in surveillance of users of iOS8 smartphones. Apple has announced that photos, e-mail, contacts, and other personal information will now be encrypted, using the user’s very own passwords — meaning that Apple will no longer be able to respond to government warrants for the extraction of data.

  • FBI wants Congress to mandate backdoors in tech devices to facilitate surveillance

    In response to announcements by Appleand Googlethat they would make the data customers store on their smartphones and computers more secure and safer from hacking by law enforcement, spies, and identity thieves, FBI director James Comey is asking Congress to order tech companies to build their devices with “backdoors,” making them more accessible to law enforcement agencies.Privacy advocates predict that few in Congress will support Comey’s quest for greater surveillance powers.