May 22, 2017
Individuals and institutions affected by the WannaCry ransomware attack face a Hobson’s choice—the malicious software (malware) encrypts a user’s documents while the decryption keys remain in the hands of the cybercriminals. Victims of the attack can either pay the hackers for the release of their files, feeding the profit motive that generates attacks like this in the first instance, or refuse to do so and permanently say goodbye to their computers, say Center for Cybersecurity co-founder Zachary Goldman and Professor Damon McCoy.
May 9, 2017
… There were some reports last week that Apple was having a bit of trouble with key feature in its next iPhone: the fingerprint reader. But there may be other problems with these sensors. New research found that the way smart phones read fingerprints could make them vulnerable to hackers. [interview with Nasir Memon at 14:23]
May 22, 2017
President Trump wants to crack down on botnets, the networks of hacked zombie computers that criminals or adversaries can use to carry out large-scale cyberattacks. Achieving this would surely disrupt the cybercriminal infrastructure, but it will also require that the administration overcome monumental technical and political hurdles. Zachary K. Goldman comments in the MIT Technology Review.
May 15, 2017
The recent ransomware cyberattack has claimed an estimated 300,000 computers in 150 countries. Cyber security expert Justin Cappos is a professor at NYU’s Tandon School of Engineering. He described what the WannaCry malware is doing now and how it invades computers through a loophole in Microsoft Corp’s Windows operating system. He said the malware exploits a weakness in the operating system to spread from computer to computer.
May 15, 2017
… Justin Cappos, an assistant professor of computer systems and security at New York University [Tandon School of Engineering], suggested one quick fix for future security updates. Rather than telling users to update their systems for a “security patch,” Windows could offer a bleak warning: “Hackers can get into your computer right now, so please update so we can fix that.”
April 24, 2017
Updating software is one of the most important ways to keep users and organizations secure. But how can software be updated securely? That’s the challenge that The Update Framework (TUF) aims to solve. Justin Cappos, assistant professor at New York University [Tandon School of Engineering], detailed how TUF works and what’s coming to further improve the secure updating approach in a session at last week’s DockerCon 17 conference in Austin, Texas.