Supply Chain Security Lessons from a Pager System Breach

Supply Chain Security Lessons from a Pager System Breach

A recent incident involving pager system vulnerabilities highlights critical lessons for modern supply chain security. Hackers exploited an outdated pager network used by hospital staff, exposing sensitive information and underscoring the importance of updating legacy technology. This breach reveals potential risks when outdated systems are integrated into critical supply chains, emphasizing the need for continuous monitoring and timely modernization.

Submitted by Regan Williams on

AI Security: Emerging Threats and the Call for Global Collaboration

AI Security: Emerging Threats and the Call for Global Collaboration

At the recent Singapore International Cyber Week, cybersecurity experts stressed the urgency of addressing the unique security challenges posed by the rapid adoption of artificial intelligence (AI). Discussions highlighted the potential risks of data poisoning, adversarial attacks, and model integrity issues, emphasizing the need for a multi-layered, cooperative approach to safeguard AI systems.

Submitted by Katie Dey on

FutureCon Cybersecurity Conference - Nashville, TN

The FutureCon Cybersecurity Conference is coming to Nashville on Nov 14, 2024, offering a unique platform for cybersecurity professionals to explore current challenges and innovations in the field. Attendees will have the opportunity to connect with thought leaders and experts, engage in discussions on emerging threats, and gain insights into the latest security solutions and strategies. With presentations from industry-leading speakers and interactive sessions, this event is ideal for those seeking to stay at the forefront of cybersecurity trends.

CMU Student Leverages AI to Streamline Cybersecurity Testing

CMU Student Leverages AI to Streamline Cybersecurity Testing

In a promising development for cybersecurity testing, a Central Michigan University undergraduate is pioneering the use of artificial intelligence to simplify testing processes for software vulnerabilities. This innovative approach focuses on applying machine learning to automate and expedite vulnerability testing, potentially enhancing efficiency in cybersecurity workflows. The project highlights how AI can be leveraged to tackle complex cybersecurity challenges and underscores the importance of fostering new talent in the field.

Submitted by Regan Williams on

Enhancing Security in Industrial Control Systems with SDN/NFV

Enhancing Security in Industrial Control Systems with SDN/NFV

Vijay Varadharajan, Uday Tupakula, and Kallol Krishna Karmakar's recent publication, Techniques for Enhancing Security in Industrial Control Systems (ACM Trans. Cyber-Phys. Syst., 2024), explores the challenges and solutions for securing Industrial Control Systems (ICS), which are increasingly connected to the Internet for greater efficiency. The paper introduces a software-enabled security architecture that leverages Software Defined Networking (SDN) and Network Function Virtualisation (NFV) to enhance real-time situational awareness and dynamic decision-making.

Submitted by Katie Dey on

"New Algorithms Increase the Privacy of Sensitive Data"

"New Algorithms Increase the Privacy of Sensitive Data"

Saloni Kwatra, a doctoral student at Umea University, has identified flaws in the technology known as "federated learning" or "collaborative learning" and developed new algorithms to bolster user security. When visiting a doctor, information such as medication prescriptions, X-rays, and genetic tests are recorded to help the physician. In these cases, federated learning reduces the risk of exposing sensitive data as the technology enables multiple devices to work together without sharing actual data with each other.

Submitted by Gregory Rigby on

"Researchers Eye 'Topological Signatures' of Cyber Threats"

"Researchers Eye 'Topological Signatures' of Cyber Threats"

Researchers at Pacific Northwest National Laboratory (PNNL) are developing a new method to exploring the higher-dimensional shape of cyber systems in order to identify adversarial attack signatures. The researchers tested their technique with a publicly accessible dataset used for the analysis of Advanced Persistent Threats (APTs). According to Emilie Purvine, a senior data scientist at PNNL, the method reveals patterns in the data that are aligned with adversary activity.

Submitted by Gregory Rigby on

"Secure Messaging Through Distributed Messages"

"Secure Messaging Through Distributed Messages"

Researchers at the Technical University of Darmstadt have developed a method called "Encrypted Multi-Channel Communication" (EMC2) to secure sensitive messages by distributing trust across multiple communication channels. EMC2 takes advantage of the modern proliferation of messaging apps to distribute encrypted message parts across several independent communication channels. This article continues to discuss the researchers' work to enable better protection for sending sensitive information.

Submitted by Gregory Rigby on

"New NSF-Backed Research Addressing Threat of Security Breaches in Semiconductor Design"

"New NSF-Backed Research Addressing Threat of Security Breaches in Semiconductor Design"

The University of Maine's National Science Foundation (NSF)-funded collaborative research project, “KIPPER: A Scalable Learning-Guided Hardware IP Protection Platform,” will address the threat of confidentiality breaches in semiconductor design, including reverse engineering and Intellectual Property (IP) theft. The KIPPER project will create a new hardware security framework that incorporates Artificial Intelligence (AI) techniques. The AI tools will automate vulnerability detection and simulate security researchers' identification of attack vectors and causes.

Submitted by Gregory Rigby on

"Grad Student Works With Research Team to Strengthen Nonprofits’ Cybersecurity"

"Grad Student Works With Research Team to Strengthen Nonprofits’ Cybersecurity"

Anivesh Sinha, a master's student in Information Science at Penn State Great Valley, is collaborating with a team of faculty and other students to conduct a Presidential Public Impact Research Project to help Pennsylvania nonprofit organizations improve their cybersecurity. Sinha points out that nonprofits usually have fewer resources than for-profit organizations, which can lead to poor information security controls and a lack of expertise to implement advanced security measures. This article continues to discuss the project to bolster cybersecurity for nonprofit organizations.

Submitted by Gregory Rigby on
Subscribe to