12th Annual Best Scientific Cybersecurity Paper Competition Winners

12th Annual Best Scientific Cybersecurity Paper Competition Winners

The National Security Agency (NSA) has awarded the 12th Annual Best Scientific Cybersecurity Paper Competition to “Decoding Trust: Comprehensive Assessment of Trustworthiness in GPT Models.” The winning paper, authored by 19 researchers including Professors Dawn Song (UC Berkeley), Bo Li (UIUC), and Sanmi Koyejo (Stanford), proposes a groundbreaking evaluation framework for assessing the trustworthiness of large language models (LLMs) such as GPTs.

Submitted by Regan Williams on

NSA 2023 Cybersecurity Year in Review

NSA 2023 Cybersecurity Year in Review

The National Security Agency has published their 2023 Cybersecurity Year in Review!

In an effort to be more transparent, the National Security Agency publishes an annual year in review sharing information regarding cybersecurity efforts that better equipped U.S. defenses against high priority cyber threats. NSA’s efforts to help secure the nation’s most sensitive systems also help your cybersecurity because NSA cascades these solutions through public guidance and engages with key technology providers to help them bolster the security of their products and services.

Submitted by Regan Williams on

NSA, CISA, and FBI Warn of Potential Foreign Cyber Campaigns Targeting U.S. Infrastructure

NSA, CISA, and FBI Warn of Potential Foreign Cyber Campaigns Targeting U.S. Infrastructure

The NSA, CISA, FBI, and DoD’s DC3 released a joint Cybersecurity Information Sheet titled "Iranian Cyber Actors May Target Vulnerable U.S. Networks and Entities of Interest." The agencies caution that, despite an ongoing ceasefire, Iranian-affiliated threat actors—including state-sponsored groups and hacktivists—could soon launch disruptive campaigns against U.S. networks, particularly those with out-of-date systems or weak credentials.

Key Risks Highlighted:

Submitted by Regan Williams on

Kawaiicon 2025

Join the next Kawaiicon, New Zealand’s premier hacker conference, happening November 6–8, 2025 in Wellington. This year’s edition dives deep into modern exploit techniques, particularly automated memory corruption attacks and emerging mitigation strategies in native languages and runtimes.

Why it matters for SoS‑VO:

OpenSSF Launches “Memory Safety Continuum” to Guide Incremental Security Improvements

OpenSSF Launches “Memory Safety Continuum” to Guide Incremental Security Improvements

The Open Source Security Foundation (OpenSSF) has released The Memory Safety Continuum, a practical framework that helps developers, organizations, and security teams assess and improve their memory safety posture. Unveiled on April 28, 2025, the document positions memory safety not as a binary goal but as an evolving journey—enabling teams to advance their practices in phases through language adoption, mitigation, and testing.

The Continuum guides readers through four core states:

Submitted by Regan Williams on

NSA & CISA Urge Adoption of Memory‑Safe Languages to Prevent Critical Vulnerabilities

NSA & CISA Urge Adoption of Memory‑Safe Languages to Prevent Critical Vulnerabilities

The NSA and CISA have jointly issued a Cybersecurity Information Sheet (CSI), titled Memory Safe Languages: Reducing Vulnerabilities in Modern Software Development, published on June 24, 2025. The guidance emphasizes that memory safety is "critical to a holistic approach to software security", and that using memory-safe languages (MSLs) can significantly lower the risk of memory-based exploits such as buffer overflows, use-after-free, and data races.

Submitted by Regan Williams on
Subscribe to