News

1 2 3
  • All
  • CCS News
  • Press Highlights

At Cybersecurity Camps, Teen Girls Learn About Protecting Nation, Breaking Barriers

July 19, 2017

Talk to the teenage girls studying cybersecurity at New York University [Tandon School of Engineering] this summer, and you’ll get an earful about their determination to protect their country, safeguard privacy, and conquer their fair share of a male-dominated field.The young women are attending one of a rising number of camps devoted to the niche field of cybersecurity.

WhatsApp Now Allows You to Share Any File Type

July 15, 2017

WhatsApp is adding a brand new feature in its latest update: the ability to share any file type. …Damon McCoy, a Computer Science and Engineering professor at the NYU Tandon School of Engineering, said that “most cellphones unless you root them will only allow you to run apps if they’re from official stores.” In regions where rooting is more common, this could potentially open up users to malware.

Hackers Have Been Stealing Credit Card Numbers from Trump’s Hotels for Months

July 11, 2017

WP_Featured

Guests at 14 Trump properties, including hotels in Washington, New York and Vancouver, have had their credit card information exposed, marking the third time in as many years that a months-long security breach has affected customers of the chain of luxury hotels. … “It seems very negligent that this could happen a number of times,” said Justin Cappos, an associate professor of systems and security at New York University [Tandon School of Engineering].

Guide to the top college and university cyber security degree programs

July 6, 2017

The shortage of cybersecurity professionals is well documented, and this lack of expertise can keep organizations from bolstering their security programs…NYU Tandon School of Engineering offers a master’s degree in cyber security, and the program is rooted in the belief that theory and research must translate into real-world solutions, says Nasir Memon, professor of computer science and engineering at Tandon.

The NotPetya Attack Was About Disruption, Not Ransom (Video)

July 5, 2017

Fox-5-CCS

Justin Cappos, assistant professor of computer science and engineering at the NYU Tandon School of Engineering, comments on the NotPetya “wiper” attack that hit countless computer systems across 64 countries last week. “There seems to be increasing evidence that the people who carried out this attack did not do so for monetary gain, which is usually what you try to do with something like ransomware,” he said.

Justin Cappos on Why Cars Are Not Like Computers When It Comes to Cybersecurity

July 5, 2017

IEEE

Justin Cappos is a professor in the Computer Science and Engineering department at New York University [Tandon School of Engineering], where his research addresses problems in security, systems, software update systems, and virtualization…In this interview, he explores how updates and other security processes are unique to the automotive world.

Beware of Fraudsters When You Go Online

July 1, 2017

Never use the same password for all your accounts. If you can’t remember them all, try a password manager, says Justin Cappos, a professor at New York University’s engineering school…“You’re much less likely to have problems using one of these than if you write all your passwords down on sticky notes you may or may not lose,” Cappos says.

Further Update on the Threat Situation Surrounding the Petya Cyber Attack

June 28, 2017

… The original Petya ransomware that popped up last year encrypted hundreds of file types, and the new code makes some interesting choices in what it encrypts. Justin Cappos, assistant professor of security, operating systems and networks at the New York University Tandon School of Engineering, was interviewed by The Register…

Everything you need to know about the Petya, er, NotPetya nasty trashing PCs worldwide

June 28, 2017

… The original Petya ransomware that popped up last year encrypted hundreds of file types, and the new code makes some interesting choices in what it encrypts.… ‘It’s very odd,’ Justin Cappos, assistant professor of security, operating systems and networks at the New York University Tandon School of Engineering told The Register.

Pay Up or Lose Everything: What Madison Avenue Should Know About The WPP Ransom Hack

June 27, 2017

… The ransomware ground businesses to a halt for at least a day. … ‘A lot of ransomware does not do this, does not let the hackers in in the meantime, but there’s no absolute,’ said Justin Cappos, professor in the computer science and engineering department at the NYU Tandon School of Engineering

The Global Ransomware Attack Weaponized Software Updates

June 27, 2017

Ransomware attacks were nothing new, but this one had a secret weapon, a sophisticated software exploit known as EternalBlue, published by the Shadow Brokers in April and believed to have been developed by the NSA. … NYU [Tandon School of Engineering] security researcher Justin Cappos, who works on securing patching procedures as part of The Update Framework, says those underlying flaws are remarkably common.

Booted: An Analysis of a Payment Intervention on a DDoS-for-Hire Service

June 26, 2017

Ryan Brunt, Prakhar Pandey and Damon McCoy.

Distributed Denial of Service (DDoS) attacks have become a growing threat that, to a large extent, have become commoditized by DDoS-for-hire, or “booter”, services. In this case study, we analyze leaked fine-grain “ground truth” data from a larger booter service, VDoS, which earned over $597,000 over two years and launched 915,000 DDoS attacks and 48 attack years (i.e., the amount of DDoS time faced by victims of VDoS). The time period of the data includes data before and after a payment intervention, providing a rare opportunity to understand how it impacted VDoS’s operation

Software Protecting Future Cars Starts To Make Inroads

June 21, 2017

Uptane, the cyber security software developed by New York University, Southwest Research Institute, and the University of Michigan, is making inroads into the global automotive supply chain. Last week, the German company Advanced Telematic Systems (ATS) said it integrated Uptane into its connected-car products. … NYU [Tandon School of Engineering]’s Justin Cappos runs the project, and he says that the response to Uptane’s release has been surprisingly warm, but ATS’ adoption will help move the needle further.

ATS Is Integrating The Uptane Security Framework For Over-the-air Software Updates To Connected Vehicles

June 13, 2017

Features Prof. Justin Cappos

ATS Advanced Telematic Systems is the first European company integrating the Uptane security framework into its OTA solutions: OTA Plus and ATS Garage. Uptane is a joint research initiative between NYU’s Tandon School of Engineering, the Southwest Research Institute, and the University of Michigan Transport Research Center, working to develop a common standard for automotive software update security. It was designed in consultation with government regulators, OEMs, and suppliers responsible for 78% of vehicles on U.S. roads.

Following the Money Hobbled vDOS Attack-for-Hire Service

June 6, 2017

A new report proves the value of following the money in the fight against dodgy cybercrime services known as “booters” or “stressers” — virtual hired muscle that can be rented to knock nearly any website offline. … The researchers posed as buyers of nearly two dozen booter services — including vDOS — in a bid to discover the PayPal accounts that booter services were using to accept payments. In response to their investigations, PayPal began seizing booter service PayPal accounts and balances, effectively launching their own preemptive denial-of-service attacks against the payment infrastructure for these services.

[Research is by the Center for Cybersecurity’s, Professor Damon McCoy, and his graduate students Ryan Brunt and Prakhar Pandey]

Higher Ed Stepping in to Fill Cybersecurity Gaps

May 31, 2017

In recent weeks, a pervasive ransomware attack affected systems throughout the world, causing chaos in National Health System hospitals in Great Britain and continuing to cripple hundreds of thousands of computers… The uptick in interest is a far cry from when Nasir Memon, a professor at the NYU Tandon School of Engineering and the founder of the school’s Center for Cybersecurity, started organizing and offering some undergraduate classes in cybersecurity at the school in 1999.

We Need Technology But at What Cost?

May 31, 2017

Though we now think we are protected by fingerprint readers, these are also prone to cyberattacks. If you think your fingerprint is unique, think again. Masterprints, digitally altered fingerprints that work like a master key, have been discovered by researchers for New York University’s Tandon School of Engineering. With these masterprints, one can unlock up to 40 per cent of smartphones.

New Study Exposes Vulnerability of Smartphone’s Fingerprint Scanner

May 28, 2017

One of the prime reasons why phone users prefer fingerprint scanner-enabled smartphones is because of the sense of privacy and security that it offers. Or so we thought … The new findings have been released by Nasir Memon, a professor in the department of computer science and engineering at New York University’s Tandon School of Engineering; Aditi Roy, a post-doctoral fellow at the same college; and Arun Ross, a professor in the department of computer science and engineering at Michigan State University.

Can Big Data Analysis Swing a Political Election? (Video)

May 24, 2017

Fox-5-CCS

As nearly everything in our lives transitions from the real to the digital world, the more those things can — and are — being tracked. Every like, tweet, search and swipe ours is a piece of that digital data mosaic that makes up our online life. But with that massive amount of information, companies, advertisers and now political campaigns are gaining a big advantage. … “There are ways that this can be very creepy and very personalized,” said Justin Cappos, a professor at the NYU Tandon School of Engineering (at 3:07).

Trump’s Call for a Crackdown on Botnets Is a Long Shot

May 22, 2017

MIT-Tech-CCS-lighter

President Trump wants to crack down on botnets, the networks of hacked zombie computers that criminals or adversaries can use to carry out large-scale cyberattacks. Achieving this would surely disrupt the cybercriminal infrastructure, but it will also require that the administration overcome monumental technical and political hurdles. Zachary K. Goldman comments in the MIT Technology Review.

WannaCry Ransomware Attack Illustrates Need for Evolution in Cybersecurity Norms

May 22, 2017

TheHill_Featured

Individuals and institutions affected by the WannaCry ransomware attack face a Hobson’s choice—the malicious software (malware) encrypts a user’s documents while the decryption keys remain in the hands of the cybercriminals. Victims of the attack can either pay the hackers for the release of their files, feeding the profit motive that generates attacks like this in the first instance, or refuse to do so and permanently say goodbye to their computers, say Center for Cybersecurity co-founder Zachary Goldman and Professor Damon McCoy.

New Hacking Threats: Fingerprint Reader Vulnerabilities and Sophisticated Ransomware

May 20, 2017

CNBC-CCS

Researchers for New York University’s (N.Y.U.) Tandon School of Engineering discovered masterprints, digitally altered fingerprints that could match many people’s fingers…”If I have this glove or fake hand with these master prints on it then I can unlock say 25, 30, 40 percent of phones,” Professor Nasir Memon of N.Y.U. Tandon said.

Cybersecurity Experts Discuss the Perfect Storm – A Convergence of Internet of Things, Cloud, and Security

May 17, 2017

Tandon

With the increasing adoption of the Internet of Things (IoT), concerns are growing about security, particularly hardware security, which is an integral part of the IoT framework. Security threats permeated the discussion at the eighth installment of NYU Tandon School of Engineering’s Sloan Lecture Series on April 25, which brought together world-class academics and industry practitioners to discuss advances, risks, and solutions in cybersecurity.

Potential Security Flaw with Fingerprint ID on Cellphones (video)

May 16, 2017

A thumbprint may seem simpler and more secure than a passcode or password. But one of the nation’s top computer scientists says he has discovered a security flaw with the kind of fingerprint identification technology often used to lock cellphones. We traveled to New York University Tandon School of Engineering to interview engineering professor Nasir Memon, who says he has found a way to use synthetic fingerprints to trick touch identification systems.

When a Hack Shuts Down a Hospital, Who’s to Blame?

May 15, 2017

LAT

… Justin Cappos, an assistant professor of computer systems and security at New York University [Tandon School of Engineering], suggested one quick fix for future security updates. Rather than telling users to update their systems for a “security patch,” Windows could offer a bleak warning: “Hackers can get into your computer right now, so please update so we can fix that.”

WannaCry Malware Exploited OS Weakness to Spread

May 15, 2017

Fox-5-CCS

The recent ransomware cyberattack has claimed an estimated 300,000 computers in 150 countries. Cyber security expert Justin Cappos is a professor at NYU’s Tandon School of Engineering. He described what the WannaCry malware is doing now and how it invades computers through a loophole in Microsoft Corp’s Windows operating system. He said the malware exploits a weakness in the operating system to spread from computer to computer.

Global Cyber Attack Cripples British Hospitals

May 12, 2017

A massive cyberattack galloped across international borders on 12 May 2017, crippling such vital organizations as Telefonica (a telecom company in Spain), Britain’s network of hospitals run by the National Health Service (NHS), and the Russian Interior Ministry. … The attack utilized a type of malware called ransomware. … Damon McCoy, an assistant professor of computer science at New York University [Tandon School of Engineering], explained “ransomware”…

Researchers Use Digitally Created Fingerprints to Unlock Smartphones

May 11, 2017

A team of researchers from the Tandon School of Engineering at the New York University has created a method of generating fake digital fingerprints capable of unlocking random smartphones. According to the research team, their method works with an accuracy of 26% to 65% of all tested phones, assuming a maximum number of five attempts per authentication, the standard that most phone-based fingerprint authentication systems give their users.

Cyber Security R&D Showcase Coming in July

May 11, 2017

The 2017 Cyber Security R&D Showcase and Technical Workshop is scheduled for 11-13 July at Washington, D.C.’s Mayflower Hotel. This annual technology showcase event is expected to draw 1,000 government, industry and academia cybersecurity professionals from the United States and abroad over three days. The conference’s highlight is the 11 July R&D Showcase, during which ten mature technologies and projects addressing complex cybersecurity issues will be presented. Projects include Securely Updating Automobiles by Justin Cappos of New York University.

Nightly Business Report – May 9, 2017

May 9, 2017

CNBC-CCS

… There were some reports last week that Apple was having a bit of trouble with key feature in its next iPhone: the fingerprint reader. But there may be other problems with these sensors. New research found that the way smart phones read fingerprints could make them vulnerable to hackers. [interview with Nasir Memon at 14:23]

Phishing, Hacks And Better Online Security

May 4, 2017

… This hour On Point, the Google email attack, an how to protect yourself from online scams, plunder, identity theft. Guests: Justin Cappos, assistant professor in systems and security at the New York University Computer Science and Engineering Department [at 21:10].

Spam Campaign Targets Google Users with Malicious Link

May 4, 2017

Alphabet Inc warned its users to beware of emails from known contacts asking them to click on a link to Google Docs after a large number of people turned to social media to complain that their accounts had been hacked. Google said on Wednesday that it had taken steps to protect users from the attacks by disabling offending accounts and removing malicious pages. … ‘This is a very serious situation for anybody who is infected because the victims have their accounts controlled by a malicious party,’ said Justin Cappos….

Google Docs Users Hit by Phishing Scam

May 4, 2017

BBC

The scam claimed to come from Google Docs – a service that allows people to share and edit documents online. Users who clicked a link and followed instructions, risked giving the hackers access to their email accounts … “This is a very serious situation for anybody who is infected because the victims have their accounts controlled by a malicious party,” Justin Cappos, a cyber security professor at NYU Tandon School of Engineering, told Reuters.

Gmail Users Warned of Phishing Email With Malicious Link

May 3, 2017

Alphabet Inc. warned its users to beware of emails from known contacts asking them to click on a link to Google Docs after a large number of people turned to social media to complain that their accounts had been hacked…’This is a very serious situation for anybody who is infected because the victims have their accounts controlled by a malicious party,’ said Justin Cappos, a cyber security professor at NYU Tandon School of Engineering.

NYU Sophomores Stumble Upon IT Hack

May 1, 2017

WSN-CCS

Two Tandon students from the Offensive Security, Incident Response and Internet Security Laboratory have discovered a vulnerability in the NYU Print Service that would allow black hats — individuals who use their extensive computer knowledge to breach internet security — to take full control of any computer, as long as it is connected to the same Wi-Fi service as the printer, according to one of the two students.

You Really Should Read an App’s Service Terms (Video)

April 25, 2017

Fox-5-CCS

When you install an app on your phone, do you read the terms of service agreement? Probably not…”If you’re using a service that’s a free service, then the reason why it’s a free service is because you’re really the product,” Cappos said. “You’re being sold to marketers.”

How The Update Framework Improves Security of Software Updates

April 24, 2017

Updating software is one of the most important ways to keep users and organizations secure. But how can software be updated securely? That’s the challenge that The Update Framework (TUF) aims to solve. Justin Cappos, assistant professor at New York University [Tandon School of Engineering], detailed how TUF works and what’s coming to further improve the secure updating approach in a session at last week’s DockerCon 17 conference in Austin, Texas.

Fingerprints Fall Short When It Comes to Securing Smartphones

April 20, 2017

Consumers can be pretty lax about their online security. About 4% of the time, the password to unlock a smartphone is 1-2-3-4, says Nasir Memon, a professor of computer science and engineering at New York University Tandon School of Engineering. … A new study, however, conducted over the past year by the Tandon School of Engineering at NYU and Michigan State University College of Engineering, finds that fingerprints are more vulnerable than previously believed.

Crackdowns on Social Media Accounts Backfire by Driving up Demand

April 18, 2017

NBC-CCS

Facebook shut down as many as 30,000 fake accounts in the past week — but that’s unlikely to hurt the multi-million-dollar spam industry. … “If you go to the underground markets where they sell fake Facebook accounts, you can buy 1,000 of these for $300 to $400,” Damon McCoy, a New York University [Tandon School of Engineering] computer science professor specializing in cybercrime, told NBC News. “In terms of economics of replacing these 30,000 accounts, they took down something, but perhaps not as much as you might think.”

Former counterterrorism adviser: There are bound to be more cyberattacks

April 17, 2017

CNN

Russia’s successful incursion into the 2016 presidential election has opened a new, menacing phase in cyberwarfare and is a harbinger of attacks to come, says President Barack Obama’s former top counterterrorism adviser, Center for Cybersecurity Distinguished Senior Fellow Lisa O. Monaco.

The Axe Files with Lisa Monaco

April 17, 2017

Axe-Files-CCS

Lisa Monaco, the former homeland security adviser to President Obama, talks with David Axelrod about what she thinks are the greatest threats facing America today, why the Trump administration’s travel ban hurts our counterterrorism efforts, and why she believes Russia’s incursion into our election has opened a new phase in cyberwarfare.

Computer Scientists Are Developing A ‘Master’ Fingerprint That Could Unlock Your Phone

April 14, 2017

Fingerprint readers, like the TouchID on an iPhone, exist to make your device extra secure while keeping the process of unlocking it easy. Computer scientists at New York University and Michigan State are poised to turn that security benefit on its head. Like a master key that can open any lock, these researchers developed digital “master prints” that could emulate a variety of partial fingerprints enough to hypothetically hack into a device. … “The sensors are small and they don’t capture the full fingerprint,” says Nasir Memon, a computer scientist at NYU’s Tandon School of Engineering and one of the authors of the study.

Computer Scientists Are Developing a ‘Master’ Fingerprint That Could Unlock Your Phone

April 13, 2017

Popular_Sciance_Featured

Fingerprint readers, like the TouchID on an iPhone, exist to make your device extra secure while keeping the process of unlocking it easy. Computer scientists at New York University and Michigan State are poised to turn that security benefit on its head. … “The sensors are small and they don’t capture the full fingerprint,” says Nasir Memon, a computer scientist at NYU’s Tandon School of Engineering and one of the authors of the study.

Researchers Develop Master Fingerprints That Can Break Into Smartphones

April 13, 2017

Researchers at New York University and Michigan State University have recently found that the fingerprint sensor on your phone is not as safe as you think. ‘The team has developed a set of fake fingerprints that are digital composites of common features found in many people’s fingerprints,’ reports Digital Trends. ‘Through computer simulations, they were able to achieve matches 65 percent of the time, though they estimate the scheme would be less successful in real life, on an actual phone.’ … Nasir Memon, a computer science and engineering professor at New York University [Tandon School of Engineering], explained the value of the study to The New York Times.

Your Smartphone Fingerprint Security System May Not Be as Safe as You Think

April 12, 2017

…A team of researchers from New York University Tandon School of Engineering and Michigan State University College of Engineering have found that partial similarities between prints are common enough to fool biometric security systems … leading them to be much more vulnerable than previously thought.

Robots to the Rescue at the Kennedy Space Center

April 12, 2017

Tandon

It’s no small task to build a fully autonomous robot capable of mining raw materials from the surface of Mars, but that’s exactly what a team of NYU Tandon School of Engineering students is attempting to do. For the sixth consecutive year, a Tandon team will be taking part in the NASA Robotic Mining Competition.

That Fingerprint Sensor on Your Phone Is Not as Safe as You Think

April 10, 2017

NY_Times_Logo_Featured

New findings published Monday by researchers at New York University and Michigan State University suggest that smartphones can easily be fooled by fake fingerprints digitally composed of many common features found in human prints. In computer simulations, the researchers from the universities were able to develop a set of artificial “MasterPrints” that could match real prints similar to those used by phones as much as 65 percent of the time. … “It’s as if you have 30 passwords and the attacker only has to match one,” said Nasir Memon…

The President Test: Anderson Cooper 360

April 10, 2017

CNN

NYU Center for Cybersecurity Distinguished Senior Fellow Lisa O. Monaco discusses the national security and foreign policy challenges facing the White House on CNN.

So You Think You Can Secure Your Mobile Phone With a Fingerprint?

April 10, 2017

Tandon

NYU Tandon and Michigan State University Researchers Find That Similarities in Partial Fingerprints May be Sufficient to Trick Biometric Security Systems on Smartphones…Nasir Memon, a professor of computer science and engineering at NYU Tandon and the research team leader, explained that the MasterPrint concept bears some similarity to a hacker who attempts to crack a PIN-based system using a commonly adopted password such as 1234…

Lisa Monaco and CNN’s Jim Sciutto on National Security in the Trump Administration

April 6, 2017

IOP-CCS

NYU Center for Cybersecurity Distinguished Senior Fellow Lisa O. Monaco discusses the future of national security in the Trump administration with CNN’s Jim Sciutto. As President Obama’s former top counterterrorism and homeland security advisor, Monaco coordinated policy development and crisis response to terrorist attacks, cyberincidents, and public health emergencies and natural disasters.

Google Users Being Targeted With Google Doc Phishing Email

April 5, 2017

… Users are asked to click on a link to view a document, which provides the hackers access to the contents of their Google accounts, including email, contacts and online documents, according to security experts who reviewed the scheme. ‘This is a very serious situation for anybody who is infected because the victims have their accounts controlled by a malicious party,’ said Justin Cappos, a cyber security professor at NYU Tandon School of Engineering.

Did Obama Blow It on the Russian Hacking?

April 3, 2017

Politico-Mag-CCS

It’s a question that still rankles many a Clinton loyalist: Why didn’t the Obama administration do more to sound the alarm over Russia’s meddling in the 2016 presidential campaign? Few former officials have explained it, but in a new interview for The Global POLITICO, Lisa Monaco, President Obama’s top homeland security and counterterrorism adviser, describes a White House afraid of “doing the Russians’ work for them.”

The Global Politico with Lisa Monaco

April 3, 2017

Global-Politico-CCS

NYU Center for Cybersecurity Distinguished Senior Fellow Lisa O. Monaco appeared on The Global Politico, a weekly podcast about the world in the Trump era. In addition to her experiences with counterterrorism, she discussed how the Obama White House handled the Russian hacking of the 2016 elections–the first extensive comments by someone in the room at the Obama White House.

Lecture Will Explore the Dangers of Hardware Hackers in a World of Interconnected Devices

April 3, 2017

Tandon

The eighth event in a series of open lectures on cybersecurity and privacy at the New York University Tandon School of Engineering will convene in Downtown Brooklyn on Tuesday, April 25, 2017, with an exploration of the hardware security challenges posed by interconnected devices and cloud computing. Convergence of IoT, Cloud, Security: A Perfect Storm will feature Walden (Wally) C. Rhines, president and chief executive officer of Mentor Graphics.

Fox 5 Report: Selling Your Online Search History, featuring Prof. Justin Cappos (video)

March 30, 2017

Fox-5-CCS

Justin Cappos, Assistant Professor of computer science and engineering at NYU Tandon School of Engineering comments on a new bill that the House and Senate passed that rolls back privacy protection rules put in place by President Obama: “Now when you browse the web you are going to be tracked by the person you are paying to provide Internet access.”

Days After London Terror Attack, the UK Government Is Already Going After WhatsApp’s Encryption

March 29, 2017

Gizmodo-CCS

NYU Center for Cybersecurity co-founder Zachary K. Goldman comments on the encryption debate in light of the most recent attacks in London: While there is “an undeniable governmental need for these messages,” the question is really whether companies should be forced to build a product that allows the government to access data…Any action on this issue “has a trade-off associated with it,” Goldman said—if we want the government to be able to read these messages, it means dramatically undermining end-to-end encryption for everyone.

The (Research) Stars Shine Bright in Texas

March 24, 2017

Tandon

When Jeyavijayan (JV) Rajendran was a graduate student at the NYU Tandon School of Engineering, it was not unusual to see him mentioned on the school website. Working with Professor Ramesh Karri of Electrical and Computer Engineering, he helped cement Tandon’s reputation at the forefront of hardware security … Now a tenure-track assistant professor at the University of Texas Jonsson School of Engineering and Computer Science, in Dallas, Rajendran is still giving Tandon plenty of reason for pride. He was recently awarded a highly prestigious National Science Foundation (NSF) Faculty Early Career Development grant (better known as the CAREER Award).

Is Privacy Real? The CIA Is Jeopardizing America’s Digital Security, Experts Warn

March 24, 2017

WikiLeaks released the latest cache of confidential C.I.A. documents Thursday as part of an ongoing ‘Vault 7’ operation, exposing the U.S. government of its hacking and digital espionage capabilities. … The agency may have left millions open to the exact attacks it said it was trying to prevent, regardless of its intentions, by not reporting those flaws to major companies, Justin Cappos, a professor in the Computer Science and Engineering department at New York University [Tandon School of Engineering] and cyber security expert whose created digital privacy software, told IBT.

Will the Trump Administration Protect Hard-Won Progress with China on Cybersecurity? Featuring Robert Silvers

March 22, 2017

Lawfare-CCS

As Presidents Trump and Xi prepare for their first meeting next month at Mar-a-Lago, most early attention has centered on tension points involving Taiwan policy, the South China Sea, North Korea and trade. But another U.S.-China issue hangs in the balance: cybersecurity.

Tandon Team Develops Software to Combat Child Exploitation

March 20, 2017

WSN-CCS

A team of engineers at NYU Tandon, in partnership with Griffeye — a digital intelligence technology company — is developing a new software that will help law enforcement combat the increasingly prevalent issue of child exploitation.

Zachary Goldman on the US indictment of Russians allegedly behind Yahoo hack

March 17, 2017

NYU-Law-CCS

NYU Center for Cybersecurity co-founder Zachary K. Goldman discusses the significance and consequences of the recent indictment of the Russians behind the Yahoo hacks. “This indictment is part of a broader sustained effort on the part of the US government to deter Russia from committing cyberattacks by prosecuting Russian cybercriminals, imposing sanctions, and taking other measures like expelling Russian diplomats and spies,” Goldman argues.

3D Printing Has an Urgent Need for Cybersecurity

March 17, 2017

… According to a new paper, “Manufacturing and Security Challenges in 3D Printing”, written by researchers at New York University’s Tandon School of Engineering … 3D printing carries cybersecurity vulnerabilities that can lead to potentially dangerous, undetectable defects as well as opening the door for counterfeit products. Nikhil Gupta, an associate professor of mechanical and aerospace engineering at NYU Tandon, and one of the co-authors of the paper, told Design News that the cybersecurity risks that come with AM are far more significant that common threats we hear about today.

Researchers Race To Develop Software To Prevent Car Hacking (audio – featuring Prof. Justin Cappos at 1:19)

March 17, 2017

Modern cars have between 50 and 100 electronic control units, or computers, to run everything from the overhead dome light to the automatic transmission. Many of the computers are networked together but made by different vendors, which makes them easier to hack. Now, researchers backed by the Department of Homeland Security are looking for ways to protect cars from hacking.

New Forensic Tool Could Add Filter to Child Porn Scans

March 16, 2017

The staggering amount of data involved in searching for child pornography is a serious hurdle in hunting down pedophile rings. … A new set of filters improving the ability to comb through terabytes of data and hundreds of thousands of hours of video is now under development by computer scientists at New York University. The machine-learning techniques focus on picking out nudity—and identifying the physical features of children, said Nasir Memon, the NYU [Tandon] professor of computer science and engineering leading the work.

New Forensics Tools Will Speed the Identification and Rescue of Children Pictured in Child Sexual Exploitation Material

March 16, 2017

Researchers at the New York University Tandon School of Engineering and the digital intelligence tech company Griffeye have begun building a sophisticated suite of tools to be provided pro bono to law enforcement officials seeking to identify children in child sexual exploitation material (sometimes referred to as child pornography) and rescuing victims. … Professor of Computer Science and Engineering Nasir Memon leads the software development along with Griffeye Director Johann Hofmann.

NYU Tandon Paper on Cyber Risks of 3D Printing is Springer’s Most-Read Engineering Research of 2016

March 15, 2017

The publishing company Springer has more than 245 engineering journals in its portfolio … when editors took stock of the works that had been the most cited, downloaded, and shared in 2016, it was an article from JOM, The Journal of the Minerals, Metals & Materials Society that stood out at number one in the category of Engineering. That article, “Manufacturing and Security Challenges in 3D Printing,” was written by a team of [NYU] Tandon researchers [including] Nikhil Gupta, noted materials expert and an associate professor of mechanical engineering; lead author Steven Eric Zeltmann, a graduate student in mechanical engineering; and Ramesh Karri, professor of electrical and computer engineering.

Law Enforcement Agencies to Receive Free Access to NYU Developed Solution Combating Child Exploitation

March 14, 2017

Researchers at the New York University Tandon School of Engineering and the digital intelligence tech company Griffeye have begun building a sophisticated suite of tools to be provided pro bono to law enforcement officials seeking to identify children in child sexual exploitation material (sometimes referred to as child pornography) and rescuing victims….Professor of Computer Science and Engineering Nasir Memon leads the software development along with Griffeye Director Johann Hofmann.

Podcast: What to expect from Trump on cybersecurity

March 13, 2017

CS-Monitor-CCS

Distinguished Senior Fellow Lisa O. Monaco is featured on the Cybersecurity Podcast from Passcode, commenting on the future of cybersecurity in the new Presidential administration.

The 42 Words You Can Never Say in Emails to the D.C. Government

March 10, 2017

WP_Featured

The District’s email system, it turns out, has a lot more verboten words than that: 42. A test email from The Post with one of the offending terms to a dc.gov email address brought a bounceback notice. … Justin Cappos, an assistant professor of systems and security at New York University [Tandon School of Engineering], said the District’s approach to spam “isn’t surprising.” The only problem: Bounceback messages might help spammers.

Fox 5 Report: WikiLeaks Revelation of CIA Documents and Personal Device Vulnerabilities, Featuring Professor Justin Cappos (at 3.14)

March 9, 2017

Fox-5-CCS

Justin Cappos speaks with Ernie Anastos, news anchor for Fox 5 News about CIA documents revealed by WikiLeaks, and vulnerabilities of consumer devices. “It’s concerning to me that there is this big warehouse of information on weaknesses that were not disclosed to the vendors of these products, that is now available to hackers and people anywhere,” said Cappos.

WikiLeaks to Help Shield Tech Firms From CIA’s Hacking Tools, Featuring Professor Justin Cappos (video)

March 9, 2017

This could be the largest breach of U.S. intelligence in recent history: thousands of documents posted by WikiLeaks that it claims were stolen from the CIA revealing the agency’s playbook for hacking.

WikiLeaks Says it Will Work with Tech Firms to Defeat CIA Hacking

March 9, 2017

LAT

WikiLeaks will work with technology companies to help defend them against the CIA’s hacking tools, WikiLeaks founder Julian Assange said. … Justin Cappos, a computer security professor in New York University’s Tandon School of Engineering, said any group that had this information first — whether it was WikiLeaks or a government agency — should have worked to disclose it to tech companies before making it public. “Now we’re in a position where a bunch of companies are scrambling to put in fixes because now their users are at risk,” he said.

CCS Announces Call for New Class of NYU Cyber Scholars and The Inaugural Latham & Watkins Award in Technology and Law

March 8, 2017

The NYU Center for Cybersecurity, a collaboration among NYU School of Law, the NYU Tandon School of Engineering, and other NYU schools, is soliciting applications for two interdisciplinary scholarship programs for students passionate about cybersecurity.

Students will aparticipate in weekly cohort meetings with students focusing on cybersecurity from other NYU schools and engage in a substantial research project or construction of a technical tool. The programs are designed so that lawyers may better understand the technological aspects of information security, and the privacy and civil liberties concerns that surround the field. Law students selected for the programs will be obligated to enroll in technical cybersecurity courses at NYU Tandon School of Engineering that are consistent with their academic program. The programs are designed so that lawyers, social scientists, engineers, and business executives may better understand the technological aspects of information security, and the privacy and civil liberties concerns that surround the field.

Students will enter the programs in Fall 2017 and will earn a partial scholarship for each year that they are a part of the program (students will be admitted for one year, potentially renewable for one additional year).

The NYU Cyber Scholarship had its inaugural cohort last year. Students who are selected for this prestigious scholarship program will join a cohort of peers from across the University, including the Tandon School of Engineering, the Steinhardt School of Culture, Education, and Human Development, the Courant Institute of Mathematical Sciences, and other schools as they develop an interdisciplinary understanding of cybersecurity issues that integrates technical and non-technical disciplines. The Cyber Scholars program is designed to train a new generation of cybersecurity professionals who will enter either the public or private sectors.

The Latham & Watkins Award in Technology and Law is a new program that will welcome its inaugural student scholar this year. This scholarship seeks to train a new generation of technology lawyers who are not only equipped to analyze the most complex technology law and policy issues, but also students who have mastered the technical understandings of the discipline. The student selected for this award must demonstrate a passion for technology and cybersecurity law and an interest in the interdisciplinary aspects of the subject.

Application Requirements: Applicants must submit a resume, transcript, and cover letter to CCS@nyu.edu by 5:30 p.m. on Monday, March 27, 2017 with “Cybersecurity Scholarship Application” in the subject line. Eligible students must be in their first or second year of law school or in their first year of a masters or PhD program that is a minimum of two years in duration. Law students who apply will be automatically considered for both scholarships.

If you have questions, please contact CCS@nyu.edu.

Fox 5 Report: WikiLeaks Publishes 1000s of CIA Cyber-Espionage Documents, Featuring Professor Justin Cappos (video)

March 7, 2017

Fox-5-CCS

WikiLeaks has published thousands of documents that it says come from the CIA’s Center for Cyber Intelligence, a dramatic release that appears to give an eye-opening look at the intimate details of the agency’s cyberespionage effort.

Zachary K. Goldman discusses United States v. Jay Michaud and cyber vulnerabilities

March 6, 2017

Gizmodo-CCS

In Gizmodo, Zachary K. Goldman comments on the latest developments in United States v. Jay Michaud. “This doesn’t mean that the FBI’s investigation was unjust or unjustified…It’s the exact opposite. The FBI is placing paramount importance on preserving the ability to use this technique in the future.”

Donald Trump’s allegations: how wiretap warrants work

March 6, 2017

FT-CCS

NYU Center for Cybersecurity Distinguished Fellow Raj De comments on the process behind a FISA warrant, which has been drawn into the spotlight after Donald Trump’s charge that his presidential campaign was illegally wiretapped.

Renters and Sellers Beware of Scammers

March 3, 2017

If you are trying to sell your home, don’t be surprised if someone comes knocking at your door and asks if it’s for rent… That’s because scammers are stealing house for sale listings and putting them up on Craigslist as rentals. (Article based on research by Professor Damon McCoy)

Vice President Mike Pence used an AOL email account as governor – and was hacked

March 3, 2017

Vice President Mike Pence used a private email account that was later compromised while serving as governor of Indiana, his office confirmed on Thursday…”The fact that these emails are stored in a private AOL account is crazy to me,” Justin Cappos, a computer security professor at New York University’s Tandon School of Engineering, told Indy Star. “This account was used to handle these messages that are so sensitive they can’t be turned over in a records request.”

“The Cybersecurity Dilemma” by Ben Buchanan

March 2, 2017

The Center for Cybersecurity was pleased to host Ben Buchanan, the author of “The Cybersecurity Dilemma: Hacking, Trust, and Fear Between Nations” on March 2 for an in-depth discussion of his new book. “The Cybersecurity Dilemma” illuminates some of the strategic dynamics shaping the international relations of cybersecurity.  He focuses on how cyber capabilities among Russia, China, the United States, and others can stabilize or destabilize a precarious global order.We thank Ben for coming and previewing his book’s compelling argument.

Mike Pence Used His AOL Email For Official Business as Indiana’s Governor—And It Got Hacked

March 2, 2017

Vice President Mike Pence routinely used a private email address to conduct political affairs as governor of Indiana, according to the Indianapolis Star….“It’s one thing to have an AOL account and use it to send birthday cards to grandkids,’ said Justin Cappos, a computer security professor at New York University’s Tandon School of Engineering. ‘But it’s another thing to use it to send and receive messages that are sensitive and could negatively impact people if that information is public.”

The World’s Biggest Cyber Security Games Expand to Europe

March 1, 2017

Tandon

The world’s largest student-run set of cyber security games, founded 14 years ago by the New York University Tandon School of Engineering, will expand this year to Europe, where it will be hosted by Grenoble INP – Esisar. Based in Valence, France, Esisar is one of six engineering schools of the Grenoble Institute of Technology (Grenoble INP, located in Grenoble).

The latest hot start-ups to emerge from Israel’s cybersecurity war machine

February 28, 2017

CNBC-CCS

Senior Fellow Judi Germano discusses one of the most active and successful markets for cybersecurity startups: Israel.

Innovative Events and Training Reshape Cybersecurity Education

February 24, 2017

When Nasir Memon, a computer science and engineering professor at New York University, was first starting his cybersecurity program, he wanted to offer more hands-on experiences for his students. “I always thought cybersecurity was not a topic you talk about, but where you learn by doing things,” says Memon. So he organized a cybersecurity awareness event that involved a team competition — with the goal of solving security problems.

Pod Save the World with Lisa Monaco

February 22, 2017

Pod-CCS

Distinguished Senior Fellow Lisa Monaco, President Obama’s former Homeland Security and Chief Counterterrorism Advisor, talks with Tommy Vietor about terrorism, encryption, cybersecurity, the Boston bombings, Trump’s dysfunctional national security team and more.

NYU’s New Joint Degree in STEM and Law

February 21, 2017

Despite NYU’s reputation for its decentralized school structure, the university is quickly mastering the art of inter-school collaboration. The Tandon School of Engineering and NYU Law announced that they are working together on a new master’s program in Cybersecurity Risk and Strategy, focussing on an interdisciplinary education that prepares students to address cybersecurity challenges.

What Can We Do About Donald Trump’s Unsecured Smartphone?

February 21, 2017

Gizmodo-CCS

Zachary K. Goldman discusses the ongoing cybersecurity implications of Donald Trump use of an unsecured smartphone, and why this challenge is so difficult to ameliorate.

Trump Team Sounding Out Tech Firms Ahead of Delayed Cyber Order

February 18, 2017

Bloomberg-politics-CCS

Distinguished Senior Fellow Lisa O. Monaco comments on Trump’s cybersecurity strategy and the potential for continuation from the Obama administration.

Springer’s Most-Read Engineering Paper of 2016? Research on 3D Printing’s Security Flaws

February 17, 2017

Technical.ly_Featured

A research paper on the security vulnerabilities of 3D printing rose to be the most-read engineering paper of 2016 at Springer Publishing, one of the country’s major publishing houses, NYU Tandon announced last week. … The paper, Manufacturing and Security Challenges in 3D Printing, was written by Tandon researchers Nikhil Gupta, Steven Eric Zeltmann, Ramesh Karri, and others.

Obama officials: There’s hope for cybersecurity under Trump

February 17, 2017

CS-Monitor-CCS

“Although Mr. Trump hasn’t offered policy specifics, some former Obama administration officials said a draft executive order on cybersecurity, which has circulated in Washington, could offer welcome improvements on the technology front. In fact, according to former White House Homeland Security Adviser Lisa Monaco, much of what the Trump administration has floated appears to borrow directly from the Obama playbook on cybersecurity.”

Automotive cyber security: Keeping hackers out of cars

February 17, 2017

… “Attacks will get easier and more profitable unless we take steps now to make to make it harder,” Justin Cappos tells me as he explains a new cyber security program called Uptane, designed to identify and kill vehicle software bugs before the bad guys can exploit them. Cappos is an assistant professor of systems and security at New York University’s Tandon School of Engineering.

Distinguished Fellow Randal Milch to speak on Designing the Future of Cybersecurity

February 16, 2017

On March 17, 2017, Center for Cybersecurity Distinguished Fellow Randal S. Milch will be speaking “Cybersecurity: The Leadership Imperative,” held by The Conference Board. He will discuss the best approaches in governance and risk mitigation to position companies to confront challenges and act on opportunities on cybersecurity.

For more information and to register for this event, click here.

 

New Threats Require New Responses: NYU Announces an MS in Cybersecurity Risk and Strategy Program for Executives

February 14, 2017

Tandon

New York University is announcing the establishment of an MS in Cybersecurity Risk and Strategy Program for executives (MS CRS). Offered jointly by NYU School of Law and NYU Tandon School of Engineering, the one-year program will not simply confer a new degree, but a new category of degree — one built around the interdisciplinary training and perspective needed to address a new category of threat.

A New Master’s Degree for a New Kind of Professional

February 14, 2017

Tandon

…NYU Tandon School of Engineering and the NYU School of Law have teamed up to offer a new master’s degree program built around the interdisciplinary training and perspective needed to address the new threats facing increasingly tech-reliant companies.

NYU’s law and engineering schools announce new MS in Cybersecurity Risk and Strategy Program for executives

February 14, 2017

NYU School of Law and NYU Tandon School of Engineering have announced the establishment of a Master of Science in Cybersecurity Risk and Strategy Program for executives (MS CRS). Offered jointly by the two schools, the one-year program will not simply confer a new degree, but a new category of degree—one built around the interdisciplinary training and perspective needed to address a new category of threat. Read more.

A Visit From Microsoft CEO Satya Nadella

February 10, 2017

Tandon

… Before addressing the students, Nadella met with Tandon’s dean, Katepalli Sreenivasan; Stern’s dean, Peter Blair Henry; Mrs. Tandon; and a select group of professors (Justin Cappos, Rumi Chunara, Luke DuBois, Siddharth Garg, and Vittoria Flamini from the [Tandon] School of Engineering…

Wanted: White hat hackers to break new automotive software updater code

February 9, 2017

TechRepublic_Featured

… “Although widespread attacks are still difficult and expensive, they lie within the capabilities of nation-state cyber warriors, and it is time to begin securing the infrastructure, particularly as automotive electronics increase,” states Professor Justin Cappos of NYU’s Tandon School of Engineering.

NYU Tandon Paper on Cyber Risks of 3D Printing is Springer’s Most-Read Engineering Research of 2016

February 7, 2017

Tandon

That article, “Manufacturing and Security Challenges in 3D Printing,” was written by a team of Tandon researchers…Ramesh Karri, professor of electrical and computer engineering; Michail Maniatakos, professor of electrical and computer engineering at NYU Abu Dhabi…

Proportional response to cyber attacks by foreign governments remains an unclear challenge

February 6, 2017

PRI-CCS

Zachary K. Goldman discusses why it’s challenging to decide what an appropriate response would look like to a sophisticated cyber attack by a foreign government, and the future of cyber strategy.

FBI Official: Feds Can’t Compete With Top Tech Companies for Cybersecurity Analysts

February 2, 2017

NYLJ-CCS

The United States has a shortage of cybersecurity analysts qualified to prevent cyberattacks that is contributing to the vulnerability of the nation’s computer networks, an FBI official said Wednesday…Professor Nasir Memon of the New York University Tandon School of Engineering said a good cybersecurity analyst needs to know not just the technology, but also human behavior.

Zachary K. Goldman to speak on Regulation Rollback? Realities and Implications of Unraveling Regulations

January 31, 2017

RANE-CCS

On February 16, Zachary K. Goldman will speak on the future of regulation governing cybersecurity in the private sector under the new Presidential administration. See more details and register at https://app.ranenetwork.com/events/.