News

1 2 3 4
  • All
  • CCS News
  • Press Highlights

Could deliberately adding security bugs make software more secure?

August 8, 2018

The best way to defend against software flaws is to find them before the attackers do.

This is the unshakeable security orthodoxy challenged by a radical new study from researchers at New York University. The study argues that a better approach might be to fill software with so many false flaws that black hats get bogged down working out which ones are real and which aren’t.

‘Chaff Bug’ Defense Rolls Out Shiny Objects for Attackers to Find

August 8, 2018

Camouflage and distraction have long been hallmarks of warfare, and it’s no different when it comes to the cyber-front. A group of researchers from New York University are taking the idea further than it’s gone before with the idea of introducing decoy bugs into code – ultimately non-exploitable vulnerabilities that can attract attacker interest and waste their time, thus eating up their resources.

To make systems safer, put more bugs in them

August 8, 2018

          Instead of routinely hunting and killing bugs, new research is proposing the addition of a “chaff bug” in programs to make them safer. By making software “buggier,” hackers could be baited and therefore overwhelmed by the number of bugs in a system and eventually give up their search,

according to a study by researchers Zhenghao Hu, Yu Hu and Brendan Dolan-Gavitt

         of New York University.

Protect your card details, identity from being doxxed

August 8, 2018

A recent study by New York University Tandon School of Engineering and the University of Illinois at Chicago (UIC) revealed the types of information that is typically exposed by doxxers:

  • 90 percent of the time, the victim’s address is listed
  • 61 percent included a phone number
  • 53 percent included an email address
  • 40 percent shared online user names and IP address

As for sensitive financial information? It’s less common, but it does happen.

  • General financial information was included 8.8 percent of the time
  • 4.3 percent revealed credit card numbers
  • 2.6 included Social Security numbers

Now Transparent: Political Advertising on Facebook, Instagram

August 8, 2018

Conceived by Computer Science and Engineering Assistant Professor Damon McCoy, the Online Political Ads Transparency Project has built easy-to-use tools to collect, archive, and analyze political advertising data. The researchers, including NYU Tandon doctoral student Laura Edelson and Shikhar Sakhuja NYUSH ‘19, pledged to improve the transparency of Facebook’s archive by releasing weekly updates of all political advertisements collected through the November election. The team also plans to use its complex data scraping methods to reveal similar information for Twitter.

Top tip? Sprinkle bugs into your code to throw off robo-vuln scanners

August 8, 2018

Miscreants and researchers are using automation to help them find exploitable flaws in your code. Some boffins at New York University in the US have a solution to this, and it’s a new take on “security through obscurity”.

Why confidence matters in facial recognition systems

August 8, 2018

Nasir Memon, a professor of computer science at the New York University Tandon School of Engineering, said it isn’t realistic to expect these systems to be completely accurate.

Cramming Software With Thousands of Fake Bugs Could Make It More Secure

August 8, 2018

Brendan Dolan-Gavitt, assistant professor at NYU Tandon and one of the researcher on this study, told me in an email that they’ve been working on techniques to automatically put bugs into programs for the past few years as a way to test and evaluate different bug-finding systems. Once they had a way to fill a program with bugs, they started to wonder what else they could do with it.

Twenty-Two Organizations From AI, Automotive, Blockchain, Cloud and More Join The Linux Foundation and Invest in Open Source Technology

August 8, 2018

NYU Tandon School of Engineering empowers people to use science and technology as tools to build a better society. SDNLAB is a leading platform …

High School Women Train in Cybersecurity at NYU School of Engineering

August 8, 2018

Recently, a group of high school women spent three weeks as participants in the Computer Science for Cyber Security (CS4CS) program, picking up fundamentals at the NYU Tandon School of Engineering. Nearly 50 students attended classes at the downtown campus of the university, where they learned about programming, computer architecture, careers in computer science and cybersecurity and how to do professional networking. Now they’re expected to return to their schools and serve as ‘computer science and cybersecurity ambassadors’ and recruit a team of classmates to compete in Cyber Security Awareness Week, Tandon’s annual cybersecurity competition.

A Doozy of a Week for Industry Bosses

August 8, 2018

Article cites research by Damon McCoy, assistant professor of computer science and engineering at NYU Tandon School of Engineering.
President Trump is now officially the biggest political advertiser on Facebook, according to a group of New York University [Tandon School of Engineering] researchers. My colleague Sheera Frenkel reported that the president and his political action committee had spent $274,000 for ads on the social network since early May.

Now Transparent: Political Advertising on Facebook, Instagram

July 18, 2018

The Online Political Ads Transparency Project was conceived by Computer Science and Engineering Assistant Professor Damon McCoy to build easy-to-use tools to collect, archive, and analyze political advertising data. Although Facebook became the first major social media company to launch a searchable archive of political advertising, for both Facebook and Instagram, in May 2018, McCoy found the archive difficult to use, requiring time-consuming manual searches. He decided to apply versions of the data scraping techniques he had previously used against criminals, including human traffickers who advertised and used Bitcoin.

How The Update Framework Improves Software Distribution Security

July 18, 2018

In recent years that there been multiple cyber-attacks that compromised a software developer’s network to enable the delivery of malware inside of software updates. That’s a situation that Justin Cappos, founder of The Update Framework (TUF) open-source project, has been working hard to help solve.

The Biggest Spender of Political Ads on Facebook? President Trump

July 18, 2018

…Damon McCoy, who conducted the study with two fellow researchers, Laura Edelson and Shikhar Sakhuja, said they were not able to tally the total spending for Republicans and Democrats because their analysis was ongoing, though they planned to release those figures in the future.

Justin Cappos on Why Cars Are Not Like Computers When It Comes to Cybersecurity

July 17, 2018

Justin Cappos is a professor in the Computer Science and Engineering department at New York University [Tandon School of Engineering], where his research addresses problems in security, systems, software update systems, and virtualization. His research philosophy focuses on solving real world security problems in practice, with software such as Docker, git, Python, and most Linux distributions using his research advances. The practical impact of his work is why Cappos was named to Popular Science’s Brilliant 10 list in 2013. In this interview, he explores how updates and other security processes are unique to the automotive world.

Reaching greater depths with 3D printing

July 5, 2018

Syntactic foam is a strong and buoyant material commonly used in the manufacturing of submarines. Now, a team of researchers have developed a method of 3D printing components of syntactic foam that could take submarines to greater depths. Nikhil Gupta, Associate Professor of Mechanical and Aerospace Engineering at New York University’s Tandon School of Engineering, joins Hari Sreenivasan to discuss this innovation.

Justin Cappos: Security in Kubernetes

June 28, 2018

The New Stack Makers podcast episode Justin Cappos recently recorded with TNS Founder Alex Williams at KubeCon + CloudNativeCon 2018 is now live on SoundCloud and YouTube, click here to listen.

Fake rental ads are everywhere, and Colorado consumers need to watch out

June 21, 2018

“There is usually something that engenders trust and makes you want to help them,” said Damon McCoy, an assistant professor of computer science and engineering at New York University’s Tandon School of Engineering.

Container and Kubernetes Security: It’s Complicated

June 14, 2018

CNCF does not mandate or prescribe a reference architecture for Kubernetes and associated project deployment. However, Justin Cappos, professor in the Computer Science and Engineering department at New York University and leader of the TUF project, said the various projects do tend to communicate with each other.

Breaking Down The AT&T-Time Warner Decision

June 14, 2018

Randal Milch, Former General Counsel and strategic policy advisor to Verizon’s Chairman and CEO. Co-chair of the NYU Center for Cybersecurity.

Hundreds of Apps Can Empower Stalkers to Track Their Victims

June 13, 2018

Damon McCoy’s research on spyware is on the front page the New York Times and jumps to all of page 11. His student, Periwinkle Doerfer, is quoted.

Frequently Published Tandon Materials Scientist Takes to Editing

June 13, 2018

Nikhil Gupta, an associate professor of mechanical and aerospace engineering, has seen his research on 3D printing of syntactic foams, cybersecurity in 3D printing, surgical applications for magnesium, and much more published in premier scholarly journals like the prestigious Journal of the Minerals, Metals and Materials Society (JOM). Now he is editing two special issues of the journal that highlight cutting-edge research in composite materials…

NYU Center for Cybersecurity Intern Captures Prestigious Intel International Science and Engineering Fair Prize

June 13, 2018

At the 2018 Intel International Science and Engineering Fair (Intel ISEF), the world’s largest international pre-college science competition, high school student Suha Hussain took home a second-place prize of $1,500 in the Systems Software category for her project “A New Method for the Exploitation of Speech Recognition Systems,” which she completed under the direction of Tandon Professor Ramesh Karri, who co-chairs NYU’s Center for Cybersecurity (CCS), and Tandon Ph.D. candidate Zahra Ghodsi.

Tandon Grad Student Wins Awards for His Computer Science Research

June 13, 2018

How can we identify minute, confusing snippets of code to make programming more efficient? Dan Gopstein, a Ph.D. candidate in NYU Tandon’s Department of Computer Science and Engineering, has in recent months received two distinguished paper awards for publications discussing just that.

Gopstein presented “Atoms of Confusion,” which was prepared under the guidance of Professor Justin Cappos

Now more than ever, cars are just rolling computers

June 13, 2018

Click here to listen to Professor Justin Cappos discuss cybersecurity in the automotive industry.

Uber’s self-driving cars to return to testing tracks

June 13, 2018

‘If there was a war or escalation with a country with strong cyber capability, I would be very afraid of hacking of vehicles. Many of our enemies are nuclear powers but any nation with the ability to launch a cyberstrike could kill millions of civilians by hacking cars,’ warned Justin Cappos,a computer scientist at New York University [Tandon School of Engineering], in an interview given to The Times. ‘It’s daunting. They can send messages to the brakes and shut off the power steering and lock people in the car, and do other things that you wouldn’t want to happen. Once you are in the network you are able to communicate with any device so you could send a message to engage the brakes,’ he added.

Policing modern slavery: Software that detects human trafficking

June 13, 2018

Software can also identify pimps. Damon McCoy of New York University has developed a program that has helped police unearth five big suspected prostitution rings in California and Texas…

Worries grow over privacy, security & tech: NYU Cyber Security Expert Justin Cappos

June 13, 2018

Click here to listen to Professor Cappos’ Podcast.

New York University Scientists Trace Cybercrime Banking Networks and Win Best Research Paper Award

June 13, 2018

The authors, Dr. Damon McCoy and Hongwei Tian of New York University’s Tandon School of Engineering and D. Sean West and Stephen M. Gaffigan of SMGPA found that their research program wasn’t as simple as shooting tracers in the cloud, as the corrupt merchants quickly responded with evasive action.

Finally, an inexpensive vibration sensor that signals blade problems

June 13, 2018

A cleverly simple vibration sensor made of a loop of thin fiber-optic cable and a fixed wavelength laser promises to take cost out of turbine-blade maintenance by letting owners spot problems as they occur. The device, already with two patents, won $150,000 for further development in New York’s PowerBridge competition. “This will let us form the start-up company, LazarOn, to package the sensor, mount it in a turbine, and prove the concept for the early detection of blade damage,” said Dr. Nikhil Gupta, technical lead for the company and Associate Professor of Mechanical and Aerospace Engineering at the NYU Tandon School of Engineering.

NYU and NY Cyber Command team up to offer cheap cybersecurity education and training

May 10, 2018

Earlier this year NYU Tandon School of Engineering and New York’s Cyber Command (NYC3) joined forces to announce one of the country’s most affordable Cybersecurity Master’s Degree in the form of its NY Cyber Fellows program. The program was developed to answer Mayor Bill de Blasio’s New York Works initiative to add 10,000 cybersecurity experts to the workforce within a decade and will offer the degree for $15,000 after scholarships for the entire master’s cybersecurity degree program.

That cheap beach vacation rental on Craigslist could be a scam

May 8, 2018

according to a 2016 study from New York University’s Tandon School of Engineering.

Inside New York City Cyber Command

May 8, 2018

A government agency most people know nothing about that’s leading America’s biggest city into the future.

 

When Studying Doxing Gets You Doxed

May 8, 2018

Doxing is a particular form of this harassment in which a victim’s private information is publicly released with the intent of exacting revenge, seeking justice or intimidating the individual. … Unfortunately, doxing can happen to anyone. It even happened to me; following the release of our study, my colleagues and I experienced doxing firsthand. Our physical addresses and links to our social network profiles were posted online, prompting threatening messages.

Ransomware payments, blockchain and cryptoexchanges

May 8, 2018

The murky ecosystem of ransomware payments comes into focus in new research led by Damon McCoy, an assistant professor of computer science and engineering at the NYU Tandon School of Engineering.

Study exposes murky ecosystem of ransomware payments

May 8, 2018

…in May, Damon McCoy, an assistant professor of computer science and engineering at the NYU Tandon School of Engineering and a team…

As Cities Get High-Tech, Hackers Become More Dangerous

May 8, 2018

 

…as once an hour. “It’s somewhat surprising it doesn’t happen more,” says Justin Cappos, a NYU computer science professor who…

NYU Professor Finds $16 Million Impact of Ransomware

April 12, 2018

A recent study co-authored by NYU Assistant Professor of Computer Science and Engineering at the Tandon School of Engineering Damon McCoy found that ransomware — a type of computer software which encrypts users’ files and does not return them unless payment has been made — has generated approximately $16 million from over 20,000 victims of the cyber attacks throughout the two years the study was conducted.

CYBERSECURITY LECTURE DEBUNKS MYTHS OF FIELD

April 9, 2018

NYU Tandon School of Engineering’s Cybersecurity Lecture Series recently hosted the 10th lecture in its series, which brings together some of the top experts and tech professionals to speak on the latest advances and issues within cybersecurity. Now sponsored by finance and insurance corporation AIG, the lecture comes on the heels of recent global cyber-attacks and ransomware such as Petya, which affected a Ukrainian power grid; WannaCry, which disrupted hospital and school systems; and the 2016 email leak from the Democratic National Committee.

The True Cyber Crime? – Failing to Collaborate

April 5, 2018

Cybersecurity Quarterly – Spring 2018

By Nasir Memon, Associate Dean of Online Learning of NYU Tandon School of Engineering.

With the exponential growth of the Internet of Things and the digital threats to our very democracy in the news on a daily basis, the need for cybersecurity experts is self-evident. …  At New York University Tandon School of Engineering (NYU Tandon), for example, our new Cyber Fellows initiative – an elite, competitive online master’s program – costs just $15,000, thanks to generous scholarships, with no compromises to the high caliber of instruction. We envision it could scale to accommodate hundreds, or even thousands, of students.

Mayor De Blasio Announces NYC Secure, The City’s First-Ever Cybersecurity Initiative To Protect New Yorkers Online

April 5, 2018

Public Now

Mayor de Blasio today announced the launch of NYC Secure, a pioneering cybersecurity initiative aimed at protecting New Yorkers online.  … ‘CyberCrime is sadly a part of our daily reality, and NYU Tandon is eager to continue its partnership with New York City and support Mayor de Blasio’s initiatives that help provide online privacy and security,’ said Nasir Memon, Associate Dean at NYU Tandon School of Engineering.

NYU’s Tandon School of Engineering appoints first female dean

April 5, 2018

Brooklyn Eagle

For the first time in its 164-year history, the former Polytechnic Institute of Brooklyn appointed its first female dean yesterday. Jelena Kovacevic was named dean of NYU’s Tandon School of Engineering by President Andrew Hamilton and Provost Katherine Fleming, effective Aug. 15.  Kovacevic, who comes from Carnegie Mellon University — where she is the Hamerschlag University professor, the head of the Department of Electrical and Computer Engineering and a professor of biomedical engineering — is the first woman to head the school since its founding in 1854.

Inside the Dark World of Trolling

April 4, 2018

Professor Damon McCoy speaks on the dark side of trolling.

Marketing, Cyber Security Professors Weigh in on Cambridge Analytical Scandal

April 4, 2018

Washington Square News

With all of Cambridge Analytica’s lapses, NYU Tandon professor Justin Cappos, who works heavily in cyber security, warns against placing too much of the blame on the data firm, which he likened to a robber and Facebook to a glaringly insecure bank. “Of course, what Cambridge Analytica did was bad but Facebook set up the rules and the system for how this was all supposed to happen,” Cappos said to WSN. “Facebook isn’t in the business of storing data secretly, they’re in the business of gathering information about you and selling it […] to make as much money as possible.”

Why the military needs to take 3-D printer cybersecurity seriously

April 4, 2018

C4ISRNET

The use of 3-D printing in the military is becoming more commonplace, and as a result experts are emphasizing the importance of treating 3-D printers like the hackable machines they are. While a 3-D printer’s capability for experimental on-site manufacturing is far more futuristic than a traditional Wi-Fi enabled printer, the hardware is as vulnerable to cyberattacks as an average laptop or connected printer, said Nikhil Gupta, a New York University [Tandon School of Engineering] associate professor of engineering and materials researcher.

Scientists trace ransomware payments across the globe

April 4, 2018

Futurity

New research brings the murky ecosystem of ransomware payments into focus. Ransomware attacks, which encrypt and hold a computer user’s files hostage in exchange for payment, extort millions of dollars from individuals each month and comprise one of the fastest-growing forms of cyber attack. … Damon McCoy, assistant professor of computer science and engineering at the Tandon School of Engineering at New York University, and his collaborators took advantage of the public nature of the bitcoin blockchain technology to trace ransom payments over a two-year period.

Ransomware payments, blockchain and cryptoexchanges

April 4, 2018

Enterprise Times

The murky ecosystem of ransomware payments comes into focus in new research led by Damon McCoy, an assistant professor of computer science and engineering at the NYU Tandon School of Engineering. … Amongst the most striking findings are: the discovery that South Koreans are disproportionately impacted by ransomware campaigns. … Most ransomware operators used a Russian bitcoin exchange, BTC-E (now seized by the FBI), to convert bitcoin to fiat currencies; the research estimates at least 20,000 individuals made ransomware payments over the past two years, at a confirmed cost of $16 million (the true payment total is likely higher).

More than $16 Million Ransomware Payments Have Been Made in the Past 2 Years

April 4, 2018

Researchers from the NYU Tandon School of Engineering have studied ransomware payments learning that $16 million in ransomware payments have been tracked in the past two years by researchers with South Korea paying about $2.5 million as the country has been hard hit by the impact of ransomware. … ‘Ransomware operators ultimately direct bitcoin to a central account that they cash out periodically, and by injecting a little bit of our own money into the larger flow we could identify those central accounts, see the other payments flowing in, and begin to understand the number of victims and the amount of money being collected,’ says Damon McCoy, an assistant professor of computer science and engineering at the NYU Tandon School of Engineering and who led the research.

Which Russia hack? Part 1

April 4, 2018

Carbonite – Breach (podcast series)

Damon McCoy, assistant professor of computer science and engineering at NYU Tandon at 19:18.

… In this episode of Breach, we attempt to connect the dots between the Yahoo security breach, the DNC hack and efforts to undermine the U.S. presidential election on social media. And while we didn’t find evidence of a direct link, it’s clear that all three can be connected to the larger Russian cybersecurity playbook.

How to Protect Today’s Highly Computerized Cars from Hackers (video)

April 4, 2018

Interview with Justin Cappos, associate professor of Computer Science and Engineering at NYU Tandon, at 7:50.

“Certainly as these systems get more and more complex there are more and more opportunities for hackers,” said Cappos. “It’s not clear whether having cars that drive themselves or have advanced safety systems are more at risk or less at risk … safety systems may actually reduce risks as they fight hackers.”

Opening Arguments Begin In AT&T And Time Warner Merger Case

March 22, 2018

The telephone and Internet giant AT&T wants to buy the media conglomerate Time Warner. President Trump has opposed this $85 billion deal, and the U.S. Justice Department is in federal court to try and stop it. The opening arguments are scheduled to begin this week…. [Center for Cybersecurity Co-Chair Randy] Milch says a judgment against AT&T may well ice future corporate deals.

Randy Milch, CCS Co-Chair and Judi Germano, CCS Senior Fellow to speak at PCCE Cybersecurity Conference

March 21, 2018

On behalf of the NYU School of Law Program on Corporate Compliance and Enforcement (PCCE), we would like to invite you to our upcoming conference, Global Cyber Threats: Corporate and Governmental Challenges to Protecting Private Data on April 6, 2018 at the Lester Pollack Colloquium Room, 9th Floor, Furman Hall, 245 Sullivan Street, New York, New York.

 

The conference is an off-the-record event and is invitation only. In order to attend, you must pre-register.

OSIRIS Lab Welcomes First Female Hacker-In-Residence

March 15, 2018

NYU Tandon’s Offensive Security, Incident Response and Internet Security Laboratory, well known as the OSIRIS Lab, recently welcomed a new hacker-in-residence: Sophia d’Antoine, a Senior Security Researcher at Trail of Bits.

Professor Nikhil Gupta’s lab develops breakthrough 3D-printed foam

March 15, 2018

… Only 5 percent of the Earth’s oceans have been explored, according to the National Oceanic and Atmospheric Administration. But that could be changing, thanks in part to a new development by researchers at the NYU Tandon School of Engineering. Coming out of the lab of Professor Nikhil Gupta

Pay Us Bitcoin or Never See Your Files Again…

March 15, 2018

A study by researchers at Google, Chainalysis, University of California San Diego and NYU Tandon School of Engineering estimated that from 2016 to mid 2017, victims paid $25 million in ransom to get files back. CSE Professor, Damon McCoy’s research was referenced in this article.

Justin Cappos, Associate Professor, featured on PBS Sci Tech

February 26, 2018

Professor Cappos’ segment on PBS Sci Tech will be airing ­­on 3/26/18 on WLIW at 7:30pm. It will repeat on 3/28/18 at 5:30pm and 4/01/18 at 6pm. Additionally, the show will be posted to http://scitechnow.org/ following the first airing.

Damon McCoy, Assistant Professor, Sat on FTC Information Injury Workshop

February 26, 2018

Professor McCoy described his research with doxing, which is the public release of people’s information and other methods of social engineering that collect personal information. His research indicates that the use of this data can be innocuous or harmful if it is used for extortion or other stalking purposes.

Cyber Fellows Master’s Program Highlighted in City & State New York Article

February 26, 2018

Professor Nasir Memon talked about the city’s and industries’ strategies to find and recruit more qualified personnel. As part of the strategy, the two mentioned the “Cyber Fellowship” initiative; a master’s program in cybersecurity.

Nasir Memon, Co-Founder of NYU CCS, featured in The Bridge BK Podcast

February 20, 2018

Professor Memon, a pioneer in computer science, spoke on The Bridge BK podcast about how he aims to make the field affordable and open to all. Click the link to listen.

NYU Tandon Student, Abdullah Alharbi, Featured In Nature Nanotechnology

February 6, 2018

journal_header_v3

Electrical and Computer Engineering Student, Abdullah Alharbi’s work on the application of 2D materials for security was featured as a research highlight in Nature Nanontechnology. Click to read more…

NYU Tandon and New York City Cyber Command Launch New York Cyber Fellows Master’s Degree Program

January 26, 2018

New York University Tandon School of Engineering, in partnership with New York City Cyber Command, today launched the New York Cyber Fellows, a unique, affordable online cybersecurity master’s degree program designed in conjunction with leading New York City employers to address the acute shortage of highly trained technical professionals in the city and nation.

Car Hacking Remains a Very Real Threat as Autos Become Ever More Loaded with Tech

January 21, 2018

Automakers and suppliers are making progress in protecting vehicles from cyber attacks, but the car-hacking threat is still real and could get increasingly serious in the future when driverless vehicles begin talking to each other. … Justin Cappos, a computer science professor at New York University’s Tandon School of Engineering, said one of the more promising ways to stay ahead of hackers is through regular over-the-air software updates to fix vulnerabilities as soon as they become known.

A New Way To Track Down Bugs Could Help Save IOT

January 18, 2018

wired

On a clear day this summer, security researcher Ang Cui boarded a boat headed to a government biosafety facility off the northeastern tip of Long Island. … “Right now we haven’t seen much of it because there are so many IoT systems already out there with even more trivially exploitable problems like default passwords,” says Brendan Dolan-Gavitt, a software analysis and embedded device researcher at New York University [Tandon School of Engineering]. “So until those become more scarce, I wouldn’t expect attackers to expend effort.”

Americans Concerned About Cybersecurity of Self-Driving Cars

January 18, 2018

Many Americans are concerned about potential cyber risks to self-driving cars, though the public is more comfortable with the industry’s overall safety than in the past, Morning Consult polling shows. … Justin Cappos, a systems and security professor at the New York University Tandon School of Engineering, said the inherent vulnerabilities in most connected devices — including autonomous vehicle technology — shouldn’t necessarily influence consumers’ opinions about the safety of driverless cars.

IBM Joins New York Cyber Fellows Program to Address Cyber Skills Shortage

January 17, 2018

The growing workforce shortage in the cybersecurity industry is no secret, with thousands of job currently open and a shortfall of nearly 2 million workers anticipated in the next several years. … As part of these efforts, IBM Security works with hundreds of higher education programs around the world on skills, training and recruitment initiatives. Last week IBM expanded those efforts by joining a new program founded by New York University (NYU) Tandon School of Engineering, in partnership with New York City Cyber Command (NYC3).

BlackBerry in Motion: Firm Aims to Secure Cars From Hackers

January 17, 2018

BlackBerry mobile devices are a rare sight. But you may still be using the company’s technology – in your car. … Static binary code scanning tools are good at finding obvious vulnerabilities in code, says Damon McCoy, an assistant professor in the computer science and engineering department at New York University [Tandon School of Engineering]. McCoy, who has not analyzed Jarvis, says BlackBerry may have a bit of an edge given its experience with embedded systems.

BlackBerry in Motion: Firm Aims to Secure Cars From Hackers

January 17, 2018

Static binary code scanning tools are good at finding obvious vulnerabilities in code, says Damon McCoy, an assistant professor in the computer science and engineering department at New York University. McCoy, who has not analyzed Jarvis, says BlackBerry may have a bit of an edge given its experience with embedded systems. But it’s also possible that BlackBerry might lag competitors’ sophistication when it comes to the algorithms they use to find potential vulnerabilities.

With More Tech Comes More Hacking Risk for Smart Cars

January 16, 2018

Automakers and suppliers are making progress in protecting vehicles from cyberattacks, but the car-hacking threat is still real and could get increasingly serious in the future when driverless vehicles begin talking to each other. … Justin Cappos, a computer science professor at New York University’s Tandon School of Engineering, said one of the more promising ways to stay ahead of hackers is through regular over-the-air software updates to fix vulnerabilities as soon as they become known.

Car Hacking Remains a Very Real Threat as Autos Become Ever More Loaded With Tech

January 13, 2018

Automakers and suppliers are making progress in protecting vehicles from cyber attacks, but the car-hacking threat is still real and could get increasingly serious in the future when driverless vehicles begin talking to each other. … Justin Cappos, a computer science professor at New York University’s Tandon School of Engineering, said one of the more promising ways to stay ahead of hackers is through regular over-the-air software updates to fix vulnerabilities as soon as they become known.

NYU Tandon offers affordable cybersecurity master’s degree with backing from NYC

January 11, 2018

With everything from Russian hackers to credit card fraud becoming very much a 21st century problem, a door of opportunity has just opened for New York City students hoping to get into one of the hottest fields on the planet. New York University Tandon School of Engineering in Downtown Brooklyn is partnering with the city to launch an affordable online cybersecurity master’s degree program.

NYU Tandon and NYC Cyber command launch a new cybersecurity Master’s Program

January 11, 2018

New York City is now home to a cybersecurity master’s degree program, launched as a joint effort between New York University (NYU) Tandon School of Engineering and New York City Cyber Command. This program, dubbed the New York Cyber Fellows, is an online initiative created in conjunction with leading employers within New York City, aiming to alleviate an acute shortage of highly-trained cybersecurity professionals that has become an increasingly relevant problem for both the jurisdiction and the rest of the nation.

NYU Launches Cybersecurity Master’s Program to Help Fill Skills Gap

January 10, 2018

Cybersecurity threats are a serious issue, but the field is lacking experts who can prevent or handle such hacks. … One estimate predicts that the world will see a global shortage of 1.8 million cybersecurity experts by 2022.To help fill this skills gap, New York University’s Tandon School of Engineering has launched the New York Cyber Fellows, an online master’s program for cybersecurity education that costs $15,000 — the least, the school said, of any cybersecurity master’s program in New York City.

The Worst Healthcare Cybersecurity Breaches of 2017

December 29, 2017

In 2017, a spate of high-profile attacks brought the healthcare industry’s need to strengthen its cybersecurity into sharp focus. Ransomware, like WannaCry and NotPetya, has wreaked havoc in small hospitals and biopharma giants alike, and the vulnerabilities appear widespread and acute, experts said. … “If you were hit by WannaCry, you were really doing something very wrong,” said Justin Cappos, PhD, associate professor of systems and security at [the NYU Tandon School of Engineering] Computer Science and Engineering Department.

2018: The Year Of Blockchain For Ad Industry?

December 29, 2017

Blockchain technology emerged in the advertising industry as a sort of phenomenon in 2017. Companies like IBM and Microsoft are betting big on the technology that seems to be pumping new life into some of the more established players and retailers, such as Oracle and Walmart. .. In July 2017, Google researchers reported that Chainalysis, UC San Diego, and the NYU Tandon School of Engineering used blockchain to track $15 million in ransomware.

3D Printing Industry Review Of The Year May 2017

December 27, 2017

A month of celebration – in May we held the first ever annual 3D Printing Industry Awards and hosted a gala dinner of esteemed guests including Siemens, 3D Systems, Ultimaker, Zortrax, Desktop Metal, Shining 3D, Markforged, Zortrax, Sinterit, HP, Dassault Systèmes, DWS, Autodesk, Polymaker and UCL. … And a team at the New York University Tandon School of Engineering, published a paper of interest to high-risk manufacturing describing a method on adding deliberate mistakes to .stl files as a means of security.

CCS and C2SMART Center Post-Doc Opportunity

December 20, 2017

The C2SMART Center and the NYU Center for Cybersecurity (cyber.nyu.edu) are jointly seeking to hire a Post-doctoral fellow to conduct state-of-the art research on emerging transportation cybersecurity problems.
With the emergence of connected and autonomous vehicles as well as the increasing levels of automation of all transportation systems, there is a growing recognition of cybersecurity threats to all of the transportation system components including vehicles, users, and cyber and physical infrastructures. This candidate will work closely with faculty and students in:

  • Researching and identifying cybersecurity issues faced in automated implementations of transportation systems
  • Developing multi-disciplinary solutions targeted at intrusion detection and vulnerable transportation infrastructure
  • Preparing and designing protocols designed to ensure automated systems and platforms are adequately identifying and preparing for cybersecurity threats
  • Leading outreach efforts for increasing agency awareness of transportation cybersecurity
Applications should be submitted at: https://apply.interfolio.com/48019

NYU Tandon Becomes a Center of Influence in the World of Hardware Security

December 6, 2017

Tandon

Since 2002, when NYU Tandon Professor of Electrical and Computer Engineering Ramesh Karri and his students generated the first research on attack-resilient chip architecture, the school has been at the forefront of this vital field, demonstrating before anyone else that integrated circuits’ test and debug ports could be used by hackers; delivering the first set of invited Institute of Electrical and Electronics Engineers (IEEE) tutorials in hardware security in the U.S., Europe, and Latin America; and presenting the first research paper on split manufacturing, a means of thwarting counterfeiting by an untrusted foundry by dividing a chip’s blueprint into several components and distributing each to a different fabricator; among other such accomplishments.

Let’s Talk About the Latest Godawful Cybersecurity Plan

December 4, 2017

By 2020, some major companies will shovel billions of dollars into developing more comprehensive forms of security according to the International Data Corporation, and policy-makers are following closely, proposing new legislation and regulations to accompany them. One of the latest is the newly repurposed Active Cyber Defense Certainty (ACDC) Act, also called the hack-back bill. … [where] Victims are encouraged to literally “hack back” against their aggressors. … it makes many experts uneasy. … Justin Cappos, a computer science professor and director of the Secure Systems Lab at New York University [Tandon School of Engineering said,] “In some cases this may be an appropriate response to actions, but in this case I think it’s misguided.”… “I think that this might be taking that idea to a very dangerous place.”

Random Light Patterns – A Novel Cyber Security Solution?

November 30, 2017

Researchers at New York University Tandon School of Engineering have developed a new class of unclonable cybersecurity security primitives using the high level of structural randomness in 2D MoS2. … In a paper published in the journal ACS Nano (‘Physically Unclonable Cryptographic Primitives by Chemical Vapor Deposition of Layered MoS2), Davood Shahrjerdi and his NYU Tandon team offer the first proof of complete spatial randomness in atomically thin MoS2.

A Timely Talk About Cyber Threats to Our Democracy

November 30, 2017

Tandon

On November 16, as many Americans prepared for Thanksgiving, Ed Amoroso — former chief security officer of AT&T Services, advisor to four presidential administrations, CEO of global security firm TAG Cyber LLC, and NYU Tandon Distinguished Research Professor — gave a rapt audience a good reason to be thankful: that there are brilliant, experienced, and visionary cybersecurity experts exploring recent cyber-threats to our electoral system and ways to mitigate those risks in the future.

HERE buys OTA specialist ATS

November 29, 2017

… ATS’s OTA Plus v3 product is secured by Uptane, a security system for OTA developed by New York University Tandon School of Engineering (NYU), the University of Michigan Transportation Research Institute (UMTRI), and the Southwest Research Institute (SWRI) under a programme supported by the US Department of Homeland Security. The ATS acquisition will be developed as a support for HERE’s mapping business, as an independent product offering and for new applications such as drones.

Researchers Discover Big Cryptographic Potential in Nanomaterial

November 29, 2017

The next generation of electronic hardware security may be at hand as researchers at New York University Tandon School of Engineering introduce a new class of unclonable cybersecurity security primitives made of a low-cost nanomaterial with the highest possible level of structural randomness. Randomness is highly desirable for constructing the security primitives that encrypt and thereby secure computer hardware and data physically, rather than by programming.

Nanotech Anti-Hacker Developed to Challenge Any Hacker Now

November 29, 2017

Researchers at the New York University Tandon School of Engineering have developed a new class of low-cost nanomaterial which could protect computer hardware and data physically from hackers. … Davood Shahrjerdi, Assistant Professor at Tandon who led the research said, “At monolayer thickness, this material has the optical properties of a semiconductor that emits light, but at multilayer, the properties change, and the material no longer emits light

Victims of ‘Home Takeover’ Scam Locked Out of House

November 26, 2017

WP_Featured

A Delaware man says he’s the victim of a so-called “home takeover” scam. … Alexander Pratt lived in a Wilmington house for 10 months with his fiancee and son before being locked out. … Pratt said the man he thought was the landlord and to whom he paid rent disappeared. The real property owners said they had no idea anyone was living in the house. Pratt said he rented the house from a man who posted an ad on Craigslist. … Such scams are not new. And researchers at New York University’s Tandon School of Engineering found that Craigslist often fails to identify scam rental listings.

Experts Warn: Terrorists ‘Could Kill Millions’ by Remotely Hacking People’s Cars

November 25, 2017

Cyberterrorists have the potential to put millions of lives at risk by hacking the sophisticated cars on 21st Century roadways, one expert has warned. The caution comes amid a host of technological advances pervading the automotive industry. … “If there was a war or escalation with a country with strong cybercapability, I would be very afraid of hacking of vehicles,” said Justin Cappos, a computer scientist at New York University [Tandon School of Engineering]. “Many of our enemies are nuclear powers but any nation with the ability to launch a cyberstrike could kill millions of civilians by hacking cars. It’s daunting.”

Cyber criminals working for enemy states could ‘kill millions’ by remotely hacking cars, warns expert

November 20, 2017

Terrorist hackers working for enemy states could turn cars into killing machines, a security expert has warned. Any car built after 2005 is an ‘open door’ to hackers and could be remotely controlled to obliterate ‘millions of civilians’, a researcher has found. The warning was made by Justin Cappos. … Dr Cappos says this vulnerability should be treated as an ‘urgent’ national security issue, writes The Times. ‘If there was a war or escalation with a country with strong cybercapability, I would be very afraid of hacking of vehicles.’

Hackers could take control of cars and kill millions, ministers warned

November 20, 2017

Modern cars are an “open door” to hackers, inviting hostile states to use Britain’s roads as a weapon against citizens, ministers have been warned. Deaths are inevitable within five years if carmakers do not fix vulnerabilities in technology, one of the world’s experts in vehicle software has said. Justin Cappos said that any car built since 2005 could be controlled remotely by hackers with some cars built as long ago as the year 2000 also at risk. Hackers could already be causing accidents without the authorities realising it because no one was looking for the evidence.

Boards Should Think of Cyber a Bit More Like Bank Robberies, Former AT&T Security Chief Says

November 17, 2017

Corporate boards should think about cybersecurity risk as banks think about bank robbery: a relatively common risk that must be managed. “Just like bank robbery, you can’t say get rid of (cyber risk) and make it never happen,” said Ed Amoroso, former chief security officer at AT&T Inc.

A Quantitative Analysis of Doxing: Who Gets Doxed, and How Can We Detect Doxing Automatically?

November 14, 2017

A group of NYU [Tandon School of Engineering] and University of Illinois at Chicago computer scientists have presented a paper at the 2017 ACM Internet Measurement Conference in London presenting their findings in a large-scale study of online doxings, with statistics on who gets doxed (the largest cohort being American, male, gamers, and in their early 20s), why they get doxed (‘revenge’ and ‘justice’) and whether software can detect doxing automatically, so that human moderators can take down doxing posts quickly.

Cyber Defense Tool Limitations and What Our Leaders Should Be Doing About Them

November 13, 2017

With:

Judith Germano, Senior Fellow at the NYU Center for Cybersecurity and NYU Center on Law & Security and Founder, GermanoLaw LLC

Timothy Ryan, Principal, Assurance Services, Fraud Investigation & Dispute Services, Ernst & Young LLP

Matthew Waxman, Liviu Librescu Professor of Law and the faculty chair of the National Security Law Program at Columbia Law School

Why people ruin others’ lives by exposing all their data online

November 13, 2017

… All these people were doxed – that is, someone published their personal information against their will, in a public forum intended for dissemination and abuse, instigating a torrent of attacks from strangers. … But despite many individual cases catching the public eye, up until now there has been very little research examining the scale of the problem and who is involved. A new study from the University of Illinois at Chicago and New York University changes that.

Weaponizing 3-D printers: Cyberattacks could turn battlefield tech into threats

November 13, 2017

Flaws [in military equipment] could be introduced in the 3-D printing software by a cyberattack if the printers aren’t equipped with proper cybersecurity, said Nikhil Gupta, New York University associate professor of mechanical and aerospace engineering and an affiliate faculty at the NYU Center for Cyber Security. The possibility of a bug altering a 3-D file, whether intentionally or unintentionally, to the point of making the end product unusable is a real threat.

Inaugural Award for Cybersecurity Journalism Honors Wired’s Andy Greenberg for Reporting Russia’s Hack of the Ukraine Grid

November 10, 2017

Tandon

WIRED magazine’s July 2017 cover story, Lights Out: How An Entire Nation Became Russia’s Test Lab for Cyberwar, won the inaugural NYU Cyber Security Awareness Week (CSAW) Cyber Journalism Award. Its author, Andy Greenberg, accepted the award. … Ramesh Karri, NYU Tandon professor of electrical and computer engineering, and Charles Seife, professor at the NYU Arthur L. Carter Journalism Institute, conceived the CSAW Cyber Journalism Award.

There’s Now an Academic Study on the Dark Art of Doxing

November 9, 2017

Technical.ly_Featured

Plenty of people want to get famous online, but most people don’t. Researchers at the NYU Tandon School of Engineering and the University of Illinois at Chicago released a report Tuesday on the very modern-day phenomenon of doxing, or revealing someone’s personal information online. The report, “Fifteen Minutes of Unwanted Fame,” analyzed 1.7 million text files, mostly on the sites pastebin.com, 4chan.org and 8ch.net, where nearly all doxing is done.

Linux Foundation Taps Researcher’s Security Framework as Standard for the Cloud

November 8, 2017

Tandon

The Linux Foundation recently recognized The Update Framework (TUF), which is overseen by a research team at NYU Tandon School of Engineering, as a key security system. … The Foundation tapped TUF as one of two new projects hosted by its Cloud Native Computing Foundation (CNCF). The other is Notary — the most prominent implementation of TUF. Developed by NYU Tandon researchers from CCS and the Secure Systems Lab.

Why They Dox: First Large-scale Study Reveals Top Motivations and Targets for This Form of Cyber Bullying

November 7, 2017

Tandon

Researchers at the New York University Tandon School of Engineering and the University of Illinois at Chicago (UIC) have published the first large-scale study of a low-tech, high-harm form of online harassment known as doxing. … “This study adds significantly to our understanding of this deeply damaging form of online abuse,” said Damon McCoy, an assistant professor of computer science and engineering at NYU Tandon.

U.S.-Led Cybersecurity Contest Gets More Global

November 7, 2017

The next generation of cybersecurity experts is vying for top honors at an annual global contest created by New York University [Tandon School of Engineering]. Ben-Gurion University of the Negev in Israel and the Grenoble Institute of Technology in France are the latest to join in the world’s biggest student-run cybersecurity event, called Cyber Security Awareness Week, or CSAW. Finals of the competition will be held at sites around the world the second week of November.

All About Bugs (of the Animal and Computer Varieties) (Podcast)

November 2, 2017

Musical crickets, crop-saving wasps — and why you should pre-bug your software. Professor Brendan Dolan-Gavitt explains to Stephen Dubner, noted author and host of the NPR program Freakonomics why he puts bugs in programs to make them more secure. [interview at 12:10]

Tracking Hackers with NLP and Machine Learning

November 2, 2017

…Cybercrime researchers and law enforcement need to broadly understand the scale and scope of the activity on these underground markets, but it takes a long time for human analysts to peruse entire forums. To expedite this process, a multi-university team of researchers including Damon McCoy, Assistant Professor of Computer Science and Engineering at NYU [Tandon School of Engineering], has developed new natural language processing tools that can be trained on forum-specific data to categorize posts and determine what products are being bought and sold for what prices.

It’s Time to Address Cybersecurity Education, Say Policymakers

November 2, 2017

… Many institutions have already ramped up their cybersecurity education frameworks, such as NYU Tandon School of Engineering’s Center for Cybersecurity, which began offering classes in the subject in 1999. Founder and professor, Nasir Memon, told Education Dive that the program provides the necessary hands-on approach to get students the training and expertise needed to get into the field. … “People [need] to get this type of experience. This will give them that training that’s not easy to give in a classroom.”