SoS Musings #8 Need for Scientifically Backed Security

Phishing continues to be the most used tactic by attackers in launching targeted attacks, as it exploits the psychological weaknesses of humans. Studies show that an overwhelming majority of cyberattacks are initiated by the clicking of an email. This…

Ransomware has significantly grown in strength and frequency as shown by the recent widespread outbreaks of WannaCry and Petya attacks. In order for enterprises to become better prepared in the battle against ransomware, they must be aware of the…

Robert Hickey, an aviation program manager within the Cyber Security Division of the DHS S&T Directorate, has revealed a demonstration that was performed over a year ago in which a Boeing 757 was remotely hacked by him and his team of experts.…

Security researchers have discovered a vulnerability, which can be exploited by attackers to gain access to millions of user conversations and SMS messages sent by applications that use the Twilio service. The "Eavesdropper" vulnerability…

ASU Now interviewed Stephanie Forrest, who is the director of ASU Biodesign Institute Center for Biocomputing, Security and Society, as well as a professor in the School of Computing, Informatics and Decision Systems Engineering. Forrest discussed…

Security researchers at Bkav, an information security firm based in Vietnam, claim to have defeated the facial-recognition system used to authenticate users of Apple’s newest iPhone. Researchers have carefully crafted a mask with the use of 3D printing,…

The execution of the first ever federal bug bounty program by the name of “Hack The Pentagon” showed promising results as multiple vulnerabilities within certain public-facing DoD websites were able to be resolved. The discovery of these security…

Authentication is a major part of our everyday lives as we use various forms of identification such as driver’s licenses, ID cards, passwords, passcodes, and more to prove our identities offline and online. Although the process of authentication is…

Over the weekend, two researchers by the names of Daniel J. Bernstein and Tanja Lange were able to reproduce an attack that exploited a known flaw in Infineon Technologies RSA chips called CVE-2017-15361, also know as ROCA (Return of the Coppersmith…

Cyberattacks are expected to become significantly more devastating for companies in the coming year. As companies are increasingly taking action to defend against cyberattacks, attackers are expected to take on more volatile methods of launching…

Shape Security has recently released its BlackFish AI technology aimed at helping organizations detect credential stuffing attacks.  Attackers perform credential stuffing by using stolen account credentials derived from data breaches to access…