Columbus Mayor Andrew Ginther recently announced that hackers recently stole data from Ohio’s largest city, but what they got was not usable and no personal information about city workers was made available online.  The mayor noted that the city never received a ransom request.  The city learned that most of the data published to the dark web by the ransomware group Rhysida was corrupted or encrypted.  The ransomware group claimed to have 6.5 terabytes of stolen data, including log-in information, emergency service files, and city camera access.

AutoCanada, a major Canadian car dealership, recently announced that it was affected by a cyberattack that may result in some disruptions.  The incident was discovered on August 11 and impacted some internal IT systems.  The company noted that the investigation is ongoing and that the full scope, nature, impact of the incident, and whether customer, supplier, or employee data has been accessed is still unknown.  AutoCanada operates 70 dealerships in Canada and 18 in Illinois, in the United States, selling tens of thousands of new and used vehicles every year.

Kevin Leach, a Science of Security Virtual Institute Principal Investigator, and James Weimer, both researchers from Vanderbilt University, have been awarded a $2 million contract from the Advanced Research Projects Agency for Health (ARPA-H). Their project, “BALAM-D: Binary Analysis Lodestar for Assuring Medical Devices,” focuses on improving software security in medical devices like insulin pumps and pacemakers.

Arizona State University’s Center for Cybersecurity and Trusted Foundations (CTF), led by NSA Science of Security Virtual Institute Principal Investigator Yan Shoshitaishvili, has been awarded a $4.5 million DARPA grant to establish the American Cybersecurity Education (ACE) Institute. The institute will create a national hub for cybersecurity education, including a master’s program focused on AI applications for security. Inspired by the idea that “it takes a great thief to catch one,” the program will teach students to think like cybercriminals to better defend critical infrastructure.

Researchers at Georgia Tech's Scheller College of Business, in collaboration with colleagues at the University of the District of Columbia, developed a chatbot to conduct sentiment analysis on popular social media sites such as X (formerly known as Twitter), with the goal of identifying cyber threats. Sentiment analysis was performed on human responses to the chatbot's tweets, gauging users' feelings, attitudes, and moods.

We are pleased to share the release of Cybersecurity in Context, a comprehensive introduction to the essential themes shaping the field of cybersecurity. Authored by Chris J. Hoofnagle and Golden G. Richard III, this resource is designed for students and professionals seeking a solid foundation in the technology and policy that influence cybersecurity today.

The National Institute of Standards and Technology (NIST) has finalized its principal encryption algorithms that can withstand the cyberattack of a quantum computer. Researchers worldwide are racing to develop quantum computers that could break the encryption used today to provide security and privacy for nearly all online activities. The announced algorithms are specified in the first completed standards from NIST's post-quantum cryptography standardization project, and are ready for use.

Samy Kamkar, a renowned hacker, has his own version of a laser microphone. He can point an invisible laser at a distant laptop through a window and detect its vibrations to reconstruct almost every character typed on it. The method, which uses the subtle acoustics created by tapping different keys on a computer, works even without a keyboard view if the hacker has a line-of-sight view of a relatively reflective part of the target laptop. This article continues to discuss Kamkar's keystroke eavesdropping technique.

Security researchers Dennis Giese and "Braelynn" found that hackers can take control of Ecovacs vacuum and lawn mower robots to spy on owners using the devices' cameras and microphones. After analyzing several Ecovacs products, the researchers found several vulnerabilities that could be exploited to hack the robots via Bluetooth and remotely turn on microphones and cameras. The main issue is a vulnerability that enables anyone with a phone to connect to and hijack an Ecovacs robot via Bluetooth from as far away as 450 feet.