Computer Security, CyberSecurity or Information Technology Security (IT Security) is the protection of computer systems from theft or damage to their hardware, software or electronic data, as well as from disruption or misdirection of the services they provide. CyberSecurity also refers to a set of techniques used to protect the integrity of networks, programs and data from attack, damage or unauthorized access.
Law enforcement has more tools than ever to track your movements and access your communications. Here’s how to protect your privacy if you plan to protest.
How to Protest Safely in the Age of Surveillance Read More
The FBI and DHS say that Beijing’s hacking “jeopardizes” the delivery of much-needed Covid-19 treatment options.
The US Says Chinese Hackers Went Too Far During the Covid-19 Crisis Read More
More than 12 government-backed groups are using the pandemic as cover for digital reconnaissance and espionage, according to a new report.
Google Sees State-Sponsored Hackers Ramping Up Coronavirus Attacks Read More
Hackers laid the groundwork months ago for attacks. Now they’re flipping the switch.
The Covid-19 Pandemic Reveals Ransomware’s Long Game Read More
Security researchers have spotted the “Scattered Canary” group scamming vital benefits programs amid the Covid-19 pandemic.
The Nigerian Fraudsters Ripping Off the Unemployment System Read More
As more people work from home and anxiety mounts, expect cyberattacks of all sorts to take advantage.
Coronavirus Sets the Stage for Hacking Mayhem Read More
An oral history of a devastating strike that hasn’t happened yet.
Imagine the US was just hit with a cyberattack. What happens next? Read More
Students of cybersecurity must be students of cyberattacks and adversarial behavior.
Engineering Trustworthy Systems: A Principled Approach to Cybersecurity Read More
The NIST NICE National Cybersecurity Workforce Framework is a nationally focused resource that establishes a taxonomy and common lexicon to describe cybersecurity work, and workers, regardless of where, or for whom, the work is performed. The NICE Framework is intended to be applied in the public, private, and academic sectors.
National Initiative for Cybersecurity Education Cybersecurity Workforce Framework Read More
The term we use for bad cryptography products is “snake oil,” which was the turn-of-the-century American term for quack medicine.
Bruce Schneier’s List of Snake Oil Warning Signs Read More
A list of 100,000 passwords from Troy Hunt’s “Have I Been Pwned” data set. If you see a password that you use in this list you should change it immediately.
Passwords, passwords everywhere: How password blacklists can help your users to make sensible password choices Read More
Is the increasing use of encryption an impediment in the fight against crime or an essential tool in the defense of personal privacy, intellectual property, and computer security?
Encryption and Surveillance Read More
We need to raise the awareness on a fundamental security technology [WPA2 Enterprise] that is very often deployed by violating its requirements, which creates important risks to users.
Enterprise Wi-Fi: We Need Devices That Are Secure by Default Read More
The technical resources largely exist to address the risk of a hyperconnected world, but the political, economic, and social impetus is lagging. “The fundamental problem is that companies are interested in getting products to market quickly. The market does not reward security,” Schneier says.
Deep Insecurities: The Internet of Things Shifts Technology Risk Read More
Progress in [environmental protection, education, and global health research], however, is wholly dependent upon robust cybersecurity. Without a solid virtual foundation, the ability to move forward in any of these areas will always be held at risk.
The COVID Catalyst Read More
Fuzzing, or fuzz testing, is the process of finding security vulnerabilities in input-parsing code by repeatedly testing the parser with modified, or fuzzed, inputs. Fuzzing is commonly used as a shorthand for security testing because the vast majority of its applications is for finding security vulnerabilities.
Fuzzing: Hack, Art, and Science Read More
Credit card fraudsters can use these doppelgängers [detailed fake user profiles] to attempt to evade the machine-learning-based anomaly-detecting antifraud measures upon which banks and payments service providers have come to rely.
Dark Web’s Doppelgängers Aim to Dupe Antifraud Systems Read More
The digital revolution has urgent and profound implications for our federal national security agencies. It is almost impossible to overstate the challenges. If anything, we run the risk of thinking too conventionally about the future.
I Work for N.S.A. We Cannot Afford to Lose the Digital Revolution. Read More
Amid widespread demonstrations over rising gasoline prices, Iranians began experiencing internet slowdowns over the past few days that became a near-total internet and mobile data blackout on Saturday. The government is apparently seeking to silence protesters and quell unrest. So how does a country like Iran switch off internet access to a population of more than 80 million? It’s not an easy thing to do.
How the Iranian Government Shut Off the Internet Read More
The boundaries of privacy are in dispute, and its future is in doubt. Citizens, politicians and business leaders are asking if societies are making the wisest tradeoffs. The Times is embarking on this monthslong project to explore the technology and where it’s taking us, and to convene debate about how it can best help realize human potential.
The Privacy Project Read More