Spoofing the Spoofers
Essentially, the software enables a security professional or system administrator to study and react to, hacker activity with much greater sophistication…
Read MoreCyberSecurity
Computer Security, CyberSecurity or Information Technology Security (IT Security) is the protection of computer systems from theft or damage to their hardware, software or electronic data, as well as from disruption or misdirection of the services they provide. CyberSecurity also refers to a set of techniques used to protect the integrity of networks, programs and data from attack, damage or unauthorized access.
Cybersecurity Research for the Future
Nonetheless, while the dark side is daunting, emerging research, development, and education across interdisciplinary topics addressing cybersecurity and privacy are yielding promising results. The shift from R&D on siloed add-on security, to new fundamental research that is interdisciplinary, and positions privacy, security, and trustworthiness as principal defining objectives, offer opportunities to achieve a shift in the asymmetric playing field.
Read More
A moment of reckoning: the need for a strong and global cybersecurity response
It requires that we look with clear eyes at the growing threats we face and commit to more effective and collaborative leadership by the government and the tech sector in the United States to spearhead a strong and coordinated global cybersecurity response.
Read More
Telework and Mobile Security Guidance
End User Telework and Network Security Guides
Read More Cybersecurity Advisories & Technical Guidance
Browse or search our [NSA] repository of advisories, info sheets, tech reports, and operational risk notices.
Read More
Presidential Policy Directive 41 – United States Cyber Incident Coordination
While the vast majority of cyber incidents can be handled through existing policies, certain cyber incidents that have significant impacts on an entity, our national security, or the broader economy require a unique approach to response efforts. These significant cyber incidents demand unity of effort within the Federal Government and especially close coordination between the public and private sectors.
Read More
The Man Who Speaks Softly—and Commands a Big Cyber Army
Meet General Paul Nakasone. He reined in chaos at the NSA and taught the US military how to launch pervasive cyberattacks. And he did it all without you noticing.
Read More
How to Compete in Cyberspace
We learned that we cannot afford to wait for cyber attacks to affect our military networks. We learned that defending our military networks requires executing operations outside our military networks. The threat evolved, and we evolved to meet it.
Read More
Cyber Warranties: Market Fix or Marketing Trick?
Will cyber warranties better align incentives in the market for information security products? Or are they marketing tricks riddled with coverage exclusions hidden in the fine print of the terms and conditions?
Read More
Why Is Cybersecurity Not a Human-Scale Problem Anymore?
In this Viewpoint, we show why cybersecurity is a very difficult problem. The enterprise attack surface is massive and growing rapidly. There are practically unlimited permutations and combinations of methods by which an adversary can attack and compromise our networks. There is a big gap between our current tools and methods, and what is needed to get ahead of cyber-adversaries.
Read More
Firing Christopher Krebs Crosses a Line—Even for Trump
The president dismissed the widely respected cybersecurity agency director Tuesday night for pushing back against election disinformation.
Read More
Meltdown: Reading Kernel Memory from User Space
This article presents Meltdown, a novel attack that exploits a vulnerability in the way the processor enforces memory isolation.
Read More
Beware a New Google Drive Scam Landing in Inboxes
Scammers just found a new phishing lure to play with: Google Drive. A flaw in the Drive is being exploited to send out seemingly legitimate emails and push notifications from Google that, if opened, could land people on malicious websites.
Read More
Light Blue Touchpaper
“Light Blue Touchpaper” is the blog of the University of Cambridge Computer Laboratory and is written by researchers in the Security Group. Read here brief and timely essays on recent developments and topics related to computer security.
Read More
National CyberSecurity Awareness Month – October 2020
October is CyberSecurity Awareness Month, a time to focus on why cybersecurity is important and what we can do to protect our personal and business information.
Read More
SANS Security Awareness Work-from-Home Deployment Kit
Everything you need to create a secure work-from-home environment during the COVID-19 pandemic and beyond.
Read More
Dark Mirror: Edward Snowden and the American Surveillance State
Edward Snowden touched off a global debate in 2013 when he gave Barton Gellman, Laura Poitras and Glenn Greenwald each a vast and explosive archive of highly classified files revealing the extent of the American government’s access to our every communication. They shared the Pulitzer Prize that year for public service. For Gellman, who never stopped reporting, that was only the beginning.
Read More
Worried About Privacy at Home? There’s an AI for That
How edge AI will provide devices with just enough smarts to get the job done without spilling all your secrets to the mothership.
Read More
The Confessions of Marcus Hutchins, the Hacker Who Saved the Internet
At 22, he single-handedly put a stop to the worst cyberattack the world had ever seen. Then he was arrested by the FBI. This is his untold story.
Read More
Security Engineering: A Guide to Building Dependable Distributed Systems, 3rd Ed.
Cambridge University professor Ross Anderson updates his classic textbook and teaches readers how to design, implement, and test systems to withstand both error and attack. The third edition brings it up to date for 2020. As people now go online from phones more than laptops, most servers are in the cloud, online advertising drives the Internet and social networks have taken over much human interaction, many patterns of crime and abuse are the same, but the methods have evolved. Ross Anderson explores what security engineering means in 2020.
Read More