News

  • All
  • CCS News
  • Press Highlights

Trump’s Call for a Crackdown on Botnets Is a Long Shot

May 22, 2017

MIT-Tech-CCS-lighter

President Trump wants to crack down on botnets, the networks of hacked zombie computers that criminals or adversaries can use to carry out large-scale cyberattacks. Achieving this would surely disrupt the cybercriminal infrastructure, but it will also require that the administration overcome monumental technical and political hurdles. Zachary K. Goldman comments in the MIT Technology Review.

WannaCry Ransomware Attack Illustrates Need for Evolution in Cybersecurity Norms

May 22, 2017

TheHill_Featured

Individuals and institutions affected by the WannaCry ransomware attack face a Hobson’s choice—the malicious software (malware) encrypts a user’s documents while the decryption keys remain in the hands of the cybercriminals. Victims of the attack can either pay the hackers for the release of their files, feeding the profit motive that generates attacks like this in the first instance, or refuse to do so and permanently say goodbye to their computers, say Center for Cybersecurity co-founder Zachary Goldman and Professor Damon McCoy.

When a Hack Shuts Down a Hospital, Who’s to Blame?

May 15, 2017

LAT

… Justin Cappos, an assistant professor of computer systems and security at New York University [Tandon School of Engineering], suggested one quick fix for future security updates. Rather than telling users to update their systems for a “security patch,” Windows could offer a bleak warning: “Hackers can get into your computer right now, so please update so we can fix that.”

WannaCry Malware Exploited OS Weakness to Spread

May 15, 2017

Fox-5-CCS

The recent ransomware cyberattack has claimed an estimated 300,000 computers in 150 countries. Cyber security expert Justin Cappos is a professor at NYU’s Tandon School of Engineering. He described what the WannaCry malware is doing now and how it invades computers through a loophole in Microsoft Corp’s Windows operating system. He said the malware exploits a weakness in the operating system to spread from computer to computer.

Global Cyber Attack Cripples British Hospitals

May 12, 2017

A massive cyberattack galloped across international borders on 12 May 2017, crippling such vital organizations as Telefonica (a telecom company in Spain), Britain’s network of hospitals run by the National Health Service (NHS), and the Russian Interior Ministry. … The attack utilized a type of malware called ransomware. … Damon McCoy, an assistant professor of computer science at New York University [Tandon School of Engineering], explained “ransomware”…

Researchers Use Digitally Created Fingerprints to Unlock Smartphones

May 11, 2017

A team of researchers from the Tandon School of Engineering at the New York University has created a method of generating fake digital fingerprints capable of unlocking random smartphones. According to the research team, their method works with an accuracy of 26% to 65% of all tested phones, assuming a maximum number of five attempts per authentication, the standard that most phone-based fingerprint authentication systems give their users.

Nightly Business Report – May 9, 2017

May 9, 2017

CNBC-CCS

… There were some reports last week that Apple was having a bit of trouble with key feature in its next iPhone: the fingerprint reader. But there may be other problems with these sensors. New research found that the way smart phones read fingerprints could make them vulnerable to hackers. [interview with Nasir Memon at 14:23]

Phishing, Hacks And Better Online Security

May 4, 2017

… This hour On Point, the Google email attack, an how to protect yourself from online scams, plunder, identity theft. Guests: Justin Cappos, assistant professor in systems and security at the New York University Computer Science and Engineering Department [at 21:10].

NYU Sophomores Stumble Upon IT Hack

May 1, 2017

WSN-CCS

Two Tandon students from the Offensive Security, Incident Response and Internet Security Laboratory have discovered a vulnerability in the NYU Print Service that would allow black hats — individuals who use their extensive computer knowledge to breach internet security — to take full control of any computer, as long as it is connected to the same Wi-Fi service as the printer, according to one of the two students.

You Really Should Read an App’s Service Terms (Video)

April 25, 2017

Fox-5-CCS

When you install an app on your phone, do you read the terms of service agreement? Probably not…”If you’re using a service that’s a free service, then the reason why it’s a free service is because you’re really the product,” Cappos said. “You’re being sold to marketers.”

How The Update Framework Improves Security of Software Updates

April 24, 2017

Updating software is one of the most important ways to keep users and organizations secure. But how can software be updated securely? That’s the challenge that The Update Framework (TUF) aims to solve. Justin Cappos, assistant professor at New York University [Tandon School of Engineering], detailed how TUF works and what’s coming to further improve the secure updating approach in a session at last week’s DockerCon 17 conference in Austin, Texas.

Fingerprints Fall Short When It Comes to Securing Smartphones

April 20, 2017

Consumers can be pretty lax about their online security. About 4% of the time, the password to unlock a smartphone is 1-2-3-4, says Nasir Memon, a professor of computer science and engineering at New York University Tandon School of Engineering. … A new study, however, conducted over the past year by the Tandon School of Engineering at NYU and Michigan State University College of Engineering, finds that fingerprints are more vulnerable than previously believed.

Crackdowns on Social Media Accounts Backfire by Driving up Demand

April 18, 2017

NBC-CCS

Facebook shut down as many as 30,000 fake accounts in the past week — but that’s unlikely to hurt the multi-million-dollar spam industry. … “If you go to the underground markets where they sell fake Facebook accounts, you can buy 1,000 of these for $300 to $400,” Damon McCoy, a New York University [Tandon School of Engineering] computer science professor specializing in cybercrime, told NBC News. “In terms of economics of replacing these 30,000 accounts, they took down something, but perhaps not as much as you might think.”

Former counterterrorism adviser: There are bound to be more cyberattacks

April 17, 2017

CNN

Russia’s successful incursion into the 2016 presidential election has opened a new, menacing phase in cyberwarfare and is a harbinger of attacks to come, says President Barack Obama’s former top counterterrorism adviser, Center for Cybersecurity Distinguished Senior Fellow Lisa O. Monaco.

The Axe Files with Lisa Monaco

April 17, 2017

Axe-Files-CCS

Lisa Monaco, the former homeland security adviser to President Obama, talks with David Axelrod about what she thinks are the greatest threats facing America today, why the Trump administration’s travel ban hurts our counterterrorism efforts, and why she believes Russia’s incursion into our election has opened a new phase in cyberwarfare.

Computer Scientists Are Developing A ‘Master’ Fingerprint That Could Unlock Your Phone

April 14, 2017

Fingerprint readers, like the TouchID on an iPhone, exist to make your device extra secure while keeping the process of unlocking it easy. Computer scientists at New York University and Michigan State are poised to turn that security benefit on its head. Like a master key that can open any lock, these researchers developed digital “master prints” that could emulate a variety of partial fingerprints enough to hypothetically hack into a device. … “The sensors are small and they don’t capture the full fingerprint,” says Nasir Memon, a computer scientist at NYU’s Tandon School of Engineering and one of the authors of the study.

Computer Scientists Are Developing a ‘Master’ Fingerprint That Could Unlock Your Phone

April 13, 2017

Popular_Sciance_Featured

Fingerprint readers, like the TouchID on an iPhone, exist to make your device extra secure while keeping the process of unlocking it easy. Computer scientists at New York University and Michigan State are poised to turn that security benefit on its head. … “The sensors are small and they don’t capture the full fingerprint,” says Nasir Memon, a computer scientist at NYU’s Tandon School of Engineering and one of the authors of the study.

Researchers Develop Master Fingerprints That Can Break Into Smartphones

April 13, 2017

Researchers at New York University and Michigan State University have recently found that the fingerprint sensor on your phone is not as safe as you think. ‘The team has developed a set of fake fingerprints that are digital composites of common features found in many people’s fingerprints,’ reports Digital Trends. ‘Through computer simulations, they were able to achieve matches 65 percent of the time, though they estimate the scheme would be less successful in real life, on an actual phone.’ … Nasir Memon, a computer science and engineering professor at New York University [Tandon School of Engineering], explained the value of the study to The New York Times.

Your Smartphone Fingerprint Security System May Not Be as Safe as You Think

April 12, 2017

…A team of researchers from New York University Tandon School of Engineering and Michigan State University College of Engineering have found that partial similarities between prints are common enough to fool biometric security systems … leading them to be much more vulnerable than previously thought.

Robots to the Rescue at the Kennedy Space Center

April 12, 2017

Tandon

It’s no small task to build a fully autonomous robot capable of mining raw materials from the surface of Mars, but that’s exactly what a team of NYU Tandon School of Engineering students is attempting to do. For the sixth consecutive year, a Tandon team will be taking part in the NASA Robotic Mining Competition.

That Fingerprint Sensor on Your Phone Is Not as Safe as You Think

April 10, 2017

NY_Times_Logo_Featured

New findings published Monday by researchers at New York University and Michigan State University suggest that smartphones can easily be fooled by fake fingerprints digitally composed of many common features found in human prints. In computer simulations, the researchers from the universities were able to develop a set of artificial “MasterPrints” that could match real prints similar to those used by phones as much as 65 percent of the time. … “It’s as if you have 30 passwords and the attacker only has to match one,” said Nasir Memon…

The President Test: Anderson Cooper 360

April 10, 2017

CNN

NYU Center for Cybersecurity Distinguished Senior Fellow Lisa O. Monaco discusses the national security and foreign policy challenges facing the White House on CNN.

So You Think You Can Secure Your Mobile Phone With a Fingerprint?

April 10, 2017

Tandon

NYU Tandon and Michigan State University Researchers Find That Similarities in Partial Fingerprints May be Sufficient to Trick Biometric Security Systems on Smartphones…Nasir Memon, a professor of computer science and engineering at NYU Tandon and the research team leader, explained that the MasterPrint concept bears some similarity to a hacker who attempts to crack a PIN-based system using a commonly adopted password such as 1234…

Lisa Monaco and CNN’s Jim Sciutto on National Security in the Trump Administration

April 6, 2017

IOP-CCS

NYU Center for Cybersecurity Distinguished Senior Fellow Lisa O. Monaco discusses the future of national security in the Trump administration with CNN’s Jim Sciutto. As President Obama’s former top counterterrorism and homeland security advisor, Monaco coordinated policy development and crisis response to terrorist attacks, cyberincidents, and public health emergencies and natural disasters.

Google Users Being Targeted With Google Doc Phishing Email

April 5, 2017

… Users are asked to click on a link to view a document, which provides the hackers access to the contents of their Google accounts, including email, contacts and online documents, according to security experts who reviewed the scheme. ‘This is a very serious situation for anybody who is infected because the victims have their accounts controlled by a malicious party,’ said Justin Cappos, a cyber security professor at NYU Tandon School of Engineering.

Did Obama Blow It on the Russian Hacking?

April 3, 2017

Politico-Mag-CCS

It’s a question that still rankles many a Clinton loyalist: Why didn’t the Obama administration do more to sound the alarm over Russia’s meddling in the 2016 presidential campaign? Few former officials have explained it, but in a new interview for The Global POLITICO, Lisa Monaco, President Obama’s top homeland security and counterterrorism adviser, describes a White House afraid of “doing the Russians’ work for them.”

The Global Politico with Lisa Monaco

April 3, 2017

Global-Politico-CCS

NYU Center for Cybersecurity Distinguished Senior Fellow Lisa O. Monaco appeared on The Global Politico, a weekly podcast about the world in the Trump era. In addition to her experiences with counterterrorism, she discussed how the Obama White House handled the Russian hacking of the 2016 elections–the first extensive comments by someone in the room at the Obama White House.

Lecture Will Explore the Dangers of Hardware Hackers in a World of Interconnected Devices

April 3, 2017

Tandon

The eighth event in a series of open lectures on cybersecurity and privacy at the New York University Tandon School of Engineering will convene in Downtown Brooklyn on Tuesday, April 25, 2017, with an exploration of the hardware security challenges posed by interconnected devices and cloud computing. Convergence of IoT, Cloud, Security: A Perfect Storm will feature Walden (Wally) C. Rhines, president and chief executive officer of Mentor Graphics.

Fox 5 Report: Selling Your Online Search History, featuring Prof. Justin Cappos (video)

March 30, 2017

Fox-5-CCS

Justin Cappos, Assistant Professor of computer science and engineering at NYU Tandon School of Engineering comments on a new bill that the House and Senate passed that rolls back privacy protection rules put in place by President Obama: “Now when you browse the web you are going to be tracked by the person you are paying to provide Internet access.”

Days After London Terror Attack, the UK Government Is Already Going After WhatsApp’s Encryption

March 29, 2017

Gizmodo-CCS

NYU Center for Cybersecurity co-founder Zachary K. Goldman comments on the encryption debate in light of the most recent attacks in London: While there is “an undeniable governmental need for these messages,” the question is really whether companies should be forced to build a product that allows the government to access data…Any action on this issue “has a trade-off associated with it,” Goldman said—if we want the government to be able to read these messages, it means dramatically undermining end-to-end encryption for everyone.

The (Research) Stars Shine Bright in Texas

March 24, 2017

Tandon

When Jeyavijayan (JV) Rajendran was a graduate student at the NYU Tandon School of Engineering, it was not unusual to see him mentioned on the school website. Working with Professor Ramesh Karri of Electrical and Computer Engineering, he helped cement Tandon’s reputation at the forefront of hardware security … Now a tenure-track assistant professor at the University of Texas Jonsson School of Engineering and Computer Science, in Dallas, Rajendran is still giving Tandon plenty of reason for pride. He was recently awarded a highly prestigious National Science Foundation (NSF) Faculty Early Career Development grant (better known as the CAREER Award).

Is Privacy Real? The CIA Is Jeopardizing America’s Digital Security, Experts Warn

March 24, 2017

WikiLeaks released the latest cache of confidential C.I.A. documents Thursday as part of an ongoing ‘Vault 7’ operation, exposing the U.S. government of its hacking and digital espionage capabilities. … The agency may have left millions open to the exact attacks it said it was trying to prevent, regardless of its intentions, by not reporting those flaws to major companies, Justin Cappos, a professor in the Computer Science and Engineering department at New York University [Tandon School of Engineering] and cyber security expert whose created digital privacy software, told IBT.

Will the Trump Administration Protect Hard-Won Progress with China on Cybersecurity? Featuring Robert Silvers

March 22, 2017

Lawfare-CCS

As Presidents Trump and Xi prepare for their first meeting next month at Mar-a-Lago, most early attention has centered on tension points involving Taiwan policy, the South China Sea, North Korea and trade. But another U.S.-China issue hangs in the balance: cybersecurity.

Tandon Team Develops Software to Combat Child Exploitation

March 20, 2017

WSN-CCS

A team of engineers at NYU Tandon, in partnership with Griffeye — a digital intelligence technology company — is developing a new software that will help law enforcement combat the increasingly prevalent issue of child exploitation.

Zachary Goldman on the US indictment of Russians allegedly behind Yahoo hack

March 17, 2017

NYU-Law-CCS

NYU Center for Cybersecurity co-founder Zachary K. Goldman discusses the significance and consequences of the recent indictment of the Russians behind the Yahoo hacks. “This indictment is part of a broader sustained effort on the part of the US government to deter Russia from committing cyberattacks by prosecuting Russian cybercriminals, imposing sanctions, and taking other measures like expelling Russian diplomats and spies,” Goldman argues.

3D Printing Has an Urgent Need for Cybersecurity

March 17, 2017

… According to a new paper, “Manufacturing and Security Challenges in 3D Printing”, written by researchers at New York University’s Tandon School of Engineering … 3D printing carries cybersecurity vulnerabilities that can lead to potentially dangerous, undetectable defects as well as opening the door for counterfeit products. Nikhil Gupta, an associate professor of mechanical and aerospace engineering at NYU Tandon, and one of the co-authors of the paper, told Design News that the cybersecurity risks that come with AM are far more significant that common threats we hear about today.

Researchers Race To Develop Software To Prevent Car Hacking (audio – featuring Prof. Justin Cappos at 1:19)

March 17, 2017

Modern cars have between 50 and 100 electronic control units, or computers, to run everything from the overhead dome light to the automatic transmission. Many of the computers are networked together but made by different vendors, which makes them easier to hack. Now, researchers backed by the Department of Homeland Security are looking for ways to protect cars from hacking.

New Forensic Tool Could Add Filter to Child Porn Scans

March 16, 2017

The staggering amount of data involved in searching for child pornography is a serious hurdle in hunting down pedophile rings. … A new set of filters improving the ability to comb through terabytes of data and hundreds of thousands of hours of video is now under development by computer scientists at New York University. The machine-learning techniques focus on picking out nudity—and identifying the physical features of children, said Nasir Memon, the NYU [Tandon] professor of computer science and engineering leading the work.

New Forensics Tools Will Speed the Identification and Rescue of Children Pictured in Child Sexual Exploitation Material

March 16, 2017

Researchers at the New York University Tandon School of Engineering and the digital intelligence tech company Griffeye have begun building a sophisticated suite of tools to be provided pro bono to law enforcement officials seeking to identify children in child sexual exploitation material (sometimes referred to as child pornography) and rescuing victims. … Professor of Computer Science and Engineering Nasir Memon leads the software development along with Griffeye Director Johann Hofmann.

NYU Tandon Paper on Cyber Risks of 3D Printing is Springer’s Most-Read Engineering Research of 2016

March 15, 2017

The publishing company Springer has more than 245 engineering journals in its portfolio … when editors took stock of the works that had been the most cited, downloaded, and shared in 2016, it was an article from JOM, The Journal of the Minerals, Metals & Materials Society that stood out at number one in the category of Engineering. That article, “Manufacturing and Security Challenges in 3D Printing,” was written by a team of [NYU] Tandon researchers [including] Nikhil Gupta, noted materials expert and an associate professor of mechanical engineering; lead author Steven Eric Zeltmann, a graduate student in mechanical engineering; and Ramesh Karri, professor of electrical and computer engineering.

Law Enforcement Agencies to Receive Free Access to NYU Developed Solution Combating Child Exploitation

March 14, 2017

Researchers at the New York University Tandon School of Engineering and the digital intelligence tech company Griffeye have begun building a sophisticated suite of tools to be provided pro bono to law enforcement officials seeking to identify children in child sexual exploitation material (sometimes referred to as child pornography) and rescuing victims….Professor of Computer Science and Engineering Nasir Memon leads the software development along with Griffeye Director Johann Hofmann.

Podcast: What to expect from Trump on cybersecurity

March 13, 2017

CS-Monitor-CCS

Distinguished Senior Fellow Lisa O. Monaco is featured on the Cybersecurity Podcast from Passcode, commenting on the future of cybersecurity in the new Presidential administration.

The 42 Words You Can Never Say in Emails to the D.C. Government

March 10, 2017

WP_Featured

The District’s email system, it turns out, has a lot more verboten words than that: 42. A test email from The Post with one of the offending terms to a dc.gov email address brought a bounceback notice. … Justin Cappos, an assistant professor of systems and security at New York University [Tandon School of Engineering], said the District’s approach to spam “isn’t surprising.” The only problem: Bounceback messages might help spammers.

Fox 5 Report: WikiLeaks Revelation of CIA Documents and Personal Device Vulnerabilities, Featuring Professor Justin Cappos (at 3.14)

March 9, 2017

Fox-5-CCS

Justin Cappos speaks with Ernie Anastos, news anchor for Fox 5 News about CIA documents revealed by WikiLeaks, and vulnerabilities of consumer devices. “It’s concerning to me that there is this big warehouse of information on weaknesses that were not disclosed to the vendors of these products, that is now available to hackers and people anywhere,” said Cappos.

WikiLeaks to Help Shield Tech Firms From CIA’s Hacking Tools, Featuring Professor Justin Cappos (video)

March 9, 2017

This could be the largest breach of U.S. intelligence in recent history: thousands of documents posted by WikiLeaks that it claims were stolen from the CIA revealing the agency’s playbook for hacking.

WikiLeaks Says it Will Work with Tech Firms to Defeat CIA Hacking

March 9, 2017

LAT

WikiLeaks will work with technology companies to help defend them against the CIA’s hacking tools, WikiLeaks founder Julian Assange said. … Justin Cappos, a computer security professor in New York University’s Tandon School of Engineering, said any group that had this information first — whether it was WikiLeaks or a government agency — should have worked to disclose it to tech companies before making it public. “Now we’re in a position where a bunch of companies are scrambling to put in fixes because now their users are at risk,” he said.

CCS Announces Call for New Class of NYU Cyber Scholars and The Inaugural Latham & Watkins Award in Technology and Law

March 8, 2017

The NYU Center for Cybersecurity, a collaboration among NYU School of Law, the NYU Tandon School of Engineering, and other NYU schools, is soliciting applications for two interdisciplinary scholarship programs for students passionate about cybersecurity.

Students will aparticipate in weekly cohort meetings with students focusing on cybersecurity from other NYU schools and engage in a substantial research project or construction of a technical tool. The programs are designed so that lawyers may better understand the technological aspects of information security, and the privacy and civil liberties concerns that surround the field. Law students selected for the programs will be obligated to enroll in technical cybersecurity courses at NYU Tandon School of Engineering that are consistent with their academic program. The programs are designed so that lawyers, social scientists, engineers, and business executives may better understand the technological aspects of information security, and the privacy and civil liberties concerns that surround the field.

Students will enter the programs in Fall 2017 and will earn a partial scholarship for each year that they are a part of the program (students will be admitted for one year, potentially renewable for one additional year).

The NYU Cyber Scholarship had its inaugural cohort last year. Students who are selected for this prestigious scholarship program will join a cohort of peers from across the University, including the Tandon School of Engineering, the Steinhardt School of Culture, Education, and Human Development, the Courant Institute of Mathematical Sciences, and other schools as they develop an interdisciplinary understanding of cybersecurity issues that integrates technical and non-technical disciplines. The Cyber Scholars program is designed to train a new generation of cybersecurity professionals who will enter either the public or private sectors.

The Latham & Watkins Award in Technology and Law is a new program that will welcome its inaugural student scholar this year. This scholarship seeks to train a new generation of technology lawyers who are not only equipped to analyze the most complex technology law and policy issues, but also students who have mastered the technical understandings of the discipline. The student selected for this award must demonstrate a passion for technology and cybersecurity law and an interest in the interdisciplinary aspects of the subject.

Application Requirements: Applicants must submit a resume, transcript, and cover letter to CCS@nyu.edu by 5:30 p.m. on Monday, March 27, 2017 with “Cybersecurity Scholarship Application” in the subject line. Eligible students must be in their first or second year of law school or in their first year of a masters or PhD program that is a minimum of two years in duration. Law students who apply will be automatically considered for both scholarships.

If you have questions, please contact CCS@nyu.edu.

Fox 5 Report: WikiLeaks Publishes 1000s of CIA Cyber-Espionage Documents, Featuring Professor Justin Cappos (video)

March 7, 2017

Fox-5-CCS

WikiLeaks has published thousands of documents that it says come from the CIA’s Center for Cyber Intelligence, a dramatic release that appears to give an eye-opening look at the intimate details of the agency’s cyberespionage effort.

Zachary K. Goldman discusses United States v. Jay Michaud and cyber vulnerabilities

March 6, 2017

Gizmodo-CCS

In Gizmodo, Zachary K. Goldman comments on the latest developments in United States v. Jay Michaud. “This doesn’t mean that the FBI’s investigation was unjust or unjustified…It’s the exact opposite. The FBI is placing paramount importance on preserving the ability to use this technique in the future.”

Donald Trump’s allegations: how wiretap warrants work

March 6, 2017

FT-CCS

NYU Center for Cybersecurity Distinguished Fellow Raj De comments on the process behind a FISA warrant, which has been drawn into the spotlight after Donald Trump’s charge that his presidential campaign was illegally wiretapped.

Renters and Sellers Beware of Scammers

March 3, 2017

If you are trying to sell your home, don’t be surprised if someone comes knocking at your door and asks if it’s for rent… That’s because scammers are stealing house for sale listings and putting them up on Craigslist as rentals. (Article based on research by Professor Damon McCoy)

Vice President Mike Pence used an AOL email account as governor – and was hacked

March 3, 2017

Vice President Mike Pence used a private email account that was later compromised while serving as governor of Indiana, his office confirmed on Thursday…”The fact that these emails are stored in a private AOL account is crazy to me,” Justin Cappos, a computer security professor at New York University’s Tandon School of Engineering, told Indy Star. “This account was used to handle these messages that are so sensitive they can’t be turned over in a records request.”

“The Cybersecurity Dilemma” by Ben Buchanan

March 2, 2017

The Center for Cybersecurity was pleased to host Ben Buchanan, the author of “The Cybersecurity Dilemma: Hacking, Trust, and Fear Between Nations” on March 2 for an in-depth discussion of his new book. “The Cybersecurity Dilemma” illuminates some of the strategic dynamics shaping the international relations of cybersecurity.  He focuses on how cyber capabilities among Russia, China, the United States, and others can stabilize or destabilize a precarious global order.We thank Ben for coming and previewing his book’s compelling argument.

Mike Pence Used His AOL Email For Official Business as Indiana’s Governor—And It Got Hacked

March 2, 2017

Vice President Mike Pence routinely used a private email address to conduct political affairs as governor of Indiana, according to the Indianapolis Star….“It’s one thing to have an AOL account and use it to send birthday cards to grandkids,’ said Justin Cappos, a computer security professor at New York University’s Tandon School of Engineering. ‘But it’s another thing to use it to send and receive messages that are sensitive and could negatively impact people if that information is public.”

The World’s Biggest Cyber Security Games Expand to Europe

March 1, 2017

Tandon

The world’s largest student-run set of cyber security games, founded 14 years ago by the New York University Tandon School of Engineering, will expand this year to Europe, where it will be hosted by Grenoble INP – Esisar. Based in Valence, France, Esisar is one of six engineering schools of the Grenoble Institute of Technology (Grenoble INP, located in Grenoble).

The latest hot start-ups to emerge from Israel’s cybersecurity war machine

February 28, 2017

CNBC-CCS

Senior Fellow Judi Germano discusses one of the most active and successful markets for cybersecurity startups: Israel.

Innovative Events and Training Reshape Cybersecurity Education

February 24, 2017

When Nasir Memon, a computer science and engineering professor at New York University, was first starting his cybersecurity program, he wanted to offer more hands-on experiences for his students. “I always thought cybersecurity was not a topic you talk about, but where you learn by doing things,” says Memon. So he organized a cybersecurity awareness event that involved a team competition — with the goal of solving security problems.

Pod Save the World with Lisa Monaco

February 22, 2017

Pod-CCS

Distinguished Senior Fellow Lisa Monaco, President Obama’s former Homeland Security and Chief Counterterrorism Advisor, talks with Tommy Vietor about terrorism, encryption, cybersecurity, the Boston bombings, Trump’s dysfunctional national security team and more.

NYU’s New Joint Degree in STEM and Law

February 21, 2017

Despite NYU’s reputation for its decentralized school structure, the university is quickly mastering the art of inter-school collaboration. The Tandon School of Engineering and NYU Law announced that they are working together on a new master’s program in Cybersecurity Risk and Strategy, focussing on an interdisciplinary education that prepares students to address cybersecurity challenges.

What Can We Do About Donald Trump’s Unsecured Smartphone?

February 21, 2017

Gizmodo-CCS

Zachary K. Goldman discusses the ongoing cybersecurity implications of Donald Trump use of an unsecured smartphone, and why this challenge is so difficult to ameliorate.

Trump Team Sounding Out Tech Firms Ahead of Delayed Cyber Order

February 18, 2017

Bloomberg-politics-CCS

Distinguished Senior Fellow Lisa O. Monaco comments on Trump’s cybersecurity strategy and the potential for continuation from the Obama administration.

Springer’s Most-Read Engineering Paper of 2016? Research on 3D Printing’s Security Flaws

February 17, 2017

Technical.ly_Featured

A research paper on the security vulnerabilities of 3D printing rose to be the most-read engineering paper of 2016 at Springer Publishing, one of the country’s major publishing houses, NYU Tandon announced last week. … The paper, Manufacturing and Security Challenges in 3D Printing, was written by Tandon researchers Nikhil Gupta, Steven Eric Zeltmann, Ramesh Karri, and others.

Obama officials: There’s hope for cybersecurity under Trump

February 17, 2017

CS-Monitor-CCS

“Although Mr. Trump hasn’t offered policy specifics, some former Obama administration officials said a draft executive order on cybersecurity, which has circulated in Washington, could offer welcome improvements on the technology front. In fact, according to former White House Homeland Security Adviser Lisa Monaco, much of what the Trump administration has floated appears to borrow directly from the Obama playbook on cybersecurity.”

Automotive cyber security: Keeping hackers out of cars

February 17, 2017

… “Attacks will get easier and more profitable unless we take steps now to make to make it harder,” Justin Cappos tells me as he explains a new cyber security program called Uptane, designed to identify and kill vehicle software bugs before the bad guys can exploit them. Cappos is an assistant professor of systems and security at New York University’s Tandon School of Engineering.

Distinguished Fellow Randal Milch to speak on Designing the Future of Cybersecurity

February 16, 2017

On March 17, 2017, Center for Cybersecurity Distinguished Fellow Randal S. Milch will be speaking “Cybersecurity: The Leadership Imperative,” held by The Conference Board. He will discuss the best approaches in governance and risk mitigation to position companies to confront challenges and act on opportunities on cybersecurity.

For more information and to register for this event, click here.

 

New Threats Require New Responses: NYU Announces an MS in Cybersecurity Risk and Strategy Program for Executives

February 14, 2017

Tandon

New York University is announcing the establishment of an MS in Cybersecurity Risk and Strategy Program for executives (MS CRS). Offered jointly by NYU School of Law and NYU Tandon School of Engineering, the one-year program will not simply confer a new degree, but a new category of degree — one built around the interdisciplinary training and perspective needed to address a new category of threat.

A New Master’s Degree for a New Kind of Professional

February 14, 2017

Tandon

…NYU Tandon School of Engineering and the NYU School of Law have teamed up to offer a new master’s degree program built around the interdisciplinary training and perspective needed to address the new threats facing increasingly tech-reliant companies.

NYU’s law and engineering schools announce new MS in Cybersecurity Risk and Strategy Program for executives

February 14, 2017

NYU School of Law and NYU Tandon School of Engineering have announced the establishment of a Master of Science in Cybersecurity Risk and Strategy Program for executives (MS CRS). Offered jointly by the two schools, the one-year program will not simply confer a new degree, but a new category of degree—one built around the interdisciplinary training and perspective needed to address a new category of threat. Read more.

A Visit From Microsoft CEO Satya Nadella

February 10, 2017

Tandon

… Before addressing the students, Nadella met with Tandon’s dean, Katepalli Sreenivasan; Stern’s dean, Peter Blair Henry; Mrs. Tandon; and a select group of professors (Justin Cappos, Rumi Chunara, Luke DuBois, Siddharth Garg, and Vittoria Flamini from the [Tandon] School of Engineering…

Wanted: White hat hackers to break new automotive software updater code

February 9, 2017

TechRepublic_Featured

… “Although widespread attacks are still difficult and expensive, they lie within the capabilities of nation-state cyber warriors, and it is time to begin securing the infrastructure, particularly as automotive electronics increase,” states Professor Justin Cappos of NYU’s Tandon School of Engineering.

NYU Tandon Paper on Cyber Risks of 3D Printing is Springer’s Most-Read Engineering Research of 2016

February 7, 2017

Tandon

That article, “Manufacturing and Security Challenges in 3D Printing,” was written by a team of Tandon researchers…Ramesh Karri, professor of electrical and computer engineering; Michail Maniatakos, professor of electrical and computer engineering at NYU Abu Dhabi…

Proportional response to cyber attacks by foreign governments remains an unclear challenge

February 6, 2017

PRI-CCS

Zachary K. Goldman discusses why it’s challenging to decide what an appropriate response would look like to a sophisticated cyber attack by a foreign government, and the future of cyber strategy.

FBI Official: Feds Can’t Compete With Top Tech Companies for Cybersecurity Analysts

February 2, 2017

NYLJ-CCS

The United States has a shortage of cybersecurity analysts qualified to prevent cyberattacks that is contributing to the vulnerability of the nation’s computer networks, an FBI official said Wednesday…Professor Nasir Memon of the New York University Tandon School of Engineering said a good cybersecurity analyst needs to know not just the technology, but also human behavior.

Zachary K. Goldman to speak on Regulation Rollback? Realities and Implications of Unraveling Regulations

January 31, 2017

RANE-CCS

On February 16, Zachary K. Goldman will speak on the future of regulation governing cybersecurity in the private sector under the new Presidential administration. See more details and register at https://app.ranenetwork.com/events/.

A Future Car May Be Protected From Hacking By Software Developed in San Antonio (audio)

January 26, 2017

Someone looking to hack into your car probably isn’t trying to steal from your bank account…but the results could be far more damaging. … ‘If you can exploit an update system, it is like the golden entryway,’ says NYU Professor of Engineering Justin Cappos. Mott, Cappos and their research teams, which includes NYU’s Tandon School of Engineering, the University of Michigan and SwRI, are asking white hat –or ethical — hackers to tear their anti-hacking protection apart and find vulnerabilities.

Randal Milch to Join NYTECH Panel on Data Security

January 23, 2017

“Data Security: Protecting Your Customers and Your Company In Dangerous Times”

Date: Tuesday, January 24th

Time: 6:00 PM

Location: 1375 Broadway, 23rd Floor

 

 

Automotive ECU Updates: Keeping the Hackers Out

January 23, 2017

We’ve already seen software hacks in vehicles, as Junko Yoshida reported in Auto Security Demands All-Over Answer. Recognizing the problem, a group of researchers, students, and developers from New York University, the University of Michigan, and the Southwest Research Institute have developed a software architecture designed to combat intrusions during ECU firmware updates.

Legal Code: In new seminar, law and engineering students solve cybersecurity challenges requiring both legal and technical know-how

January 23, 2017

NYU-Law-CCS

In response to this changing security landscape, the Law School, in collaboration with NYU Tandon School of Engineering and other NYU schools and departments, launched a pioneered interdisciplinary research institute, the NYU Center for Cybersecurity (CCS). One of the first institutes of its kind at an academic institution, CCS allows NYU Law scholars to conduct cybersecurity research with computer scientists.

Of Presidents, Policies, and Tech

January 20, 2017

a16z-CCS

How to think about tech policy and top-of-mind issues for the tech industry, given a new president? From what agencies matter for different tech domains — e.g., autonomous cars, drones, fintech, healthcare — to recent staffing moves, the a16z Policy and Regulatory Affairs team shares their views in this episode of the podcast.

Automotive Software Developers Call on Hackers to Find its Flaws

January 20, 2017

A consortium of US researchers has announced the development of a universal, free, and open-source framework to protect wireless software updates in vehicles. The team issued a challenge to security experts everywhere to try to find vulnerabilities before it is adopted by the automotive industry.

White hackers to seek errors in open-source cybersecurity framework for cars

January 19, 2017

Researchers from NYU Tandon, the University of Michigan Transport Research Institute (UMTRI), and the Southwest Research Institute (SwRI) have launched a challenge to all white hackers and security experts: find vulnerabilities before implementation of Uptane, the most recent open source cybersecurity framework for the automotive industry.

NYU Tandon Prof Unveils Homeland Security-Funded Framework for Software Security in Cars

January 19, 2017

Technical.ly_Featured

…Cappos, along with collaborators from the University of Michigan Transportation Research Institute and the Southwest Research Institute, created a software security update framework for automobiles called Uptane, unveiled last week to reporters at an event at NYU Tandon.

Uptane Will Protect Your Connected Car From Hackers

January 19, 2017

Forbes-CCS

New York University’s Tandon School of Engineering, the Southwest Research Institute, and the University of Michigan Transport Research Institute are working on a more modern, secure method for sending updates to vehicles. They call it Uptane, and they say that it “counters a comprehensive array of security attacks’ and that can even cope with being partially compromised.

FacebookLive Demo of Uptane with Prof. Justin Cappos

January 18, 2017

New technology is making cars more connected than ever – and more hack-able. NYU Tandon Professor Justin Cappos does a live demo of the framework his team has developed to help prevent such security attacks.

White hat hackers called to poke holes in open source connected car security platform

January 18, 2017

SC_Magazine_Logo_Featured

The New York University Tandon School of Engineering, University of Michigan Transportation Research Institute and the Southwest Research Institute developed a cybersecurity framework called Uptane, for the automotive industry to protect wireless software updates in connected vehicles.

Are software updates key to stopping criminal car hacks?

January 18, 2017

Unlike many cybersecurity experts, Justin Cappos doesn’t lay awake at night worrying about data breaches. Instead, as today’s automobiles roll off assembly lines with dozens of embedded computers on board, the New York University computer science professor worries that malicious hackers may become more adept at remotely hijacking cars as they speed down the road….

Call Issued to White Hat Hackers: Find the Flaws in New Automotive Software Updater

January 18, 2017

Tandon

A consortium of researchers today announced the development of a universal, free, and open-source framework to protect wireless software updates in vehicles. The team issued a challenge to security experts everywhere to try to find vulnerabilities before it is adopted by the automotive industry.

Open source cybersecurity framework for the automotive industry

January 18, 2017

A consortium of researchers announced the development of a universal, free, and open source framework to protect wireless software updates in vehicles. The team issued a challenge to security experts everywhere to try to find vulnerabilities before it is adopted by the automotive industry.

WhatsApp’s privacy woes show how messaging app tries to balance security and ease of use

January 13, 2017

LATimes_Featured

WhatsApp has become popular worldwide thanks to its powerful encryption technology. But making this type of secure messaging approachable and user-friendly can pose some [privacy] problems.… Justin Cappos, a professor in New York University’s [NYU Tandon School of Engineering] computer science and engineering department, said the issue boils down to a user interface problem…

How Did the Russian Hacks Happen? (audio)

January 9, 2017

Bob Mitchell from WWL AM 870/FM 105.3 talks to Justin Cappos, Assistant Professor in the Computer Science and Engineering Department at NYU, about the Russian hacks (Interview at 1:40).

Business Briefs: SAP India Embraces ‘1BLives’ Initiative

January 6, 2017

Following a successful international cooperation that attracted more than 15,000 students, faculty, professionals and supporters to the world’s largest student-run cybersecurity games, the New York University Tandon School of Engineering and IIT Kanpur have signed a seven-year agreement to deepen their exchange in information security research and academic…

Inside Cyber Security Awareness Week

January 6, 2017

Shortly after Election Day, before the interference of Russian hackers became front-page news, a group of thirty-one high-school students gathered at N.Y.U.’s Tandon School of Engineering, in Brooklyn, for Cyber Security Awareness Week. Their mission: to solve a murder mystery involving a fictional Presidential race by analyzing digital “evidence” of security breaches.

How Scared Should I Be of the Internet of Things?

January 4, 2017

…The proliferation of smart appliances may have drawbacks…According to Justin Cappos, computer scientist at New York University’s Tandon School of Engineering, potentially hackable IOT devices are an untamed frontier.

The 2017 Outlook for U.S.-Russian ties

January 2, 2017

tbs-efm-CCS

Zachary K. Goldman comments on the future of bilateral U.S.-Russian relations in the aftermath of sanctions levied as a result of cyberattacks in the U.S.

Trump praises Putin over US sanctions – a move that puts him at odds with GOP

December 30, 2016

Guardian-CCS

Zachary K. Goldman comments on the sanctions levied as a result of the US intelligence consensus that Russia ordered cyber-attacks on Democratic party targets as a way to influence the 2016 election in his favor.

Obama administration is close to announcing measures to punish Russia for election interference

December 27, 2016

WP_Featured

Zachary K. Goldman comments on the upcoming series of measures to punish Russia for its interference in the 2016 presidential election, including economic sanctions and diplomatic censure, according to U.S. officials.

The World’s Best Security Engineers are Working on Flappy Bird

December 27, 2016

… At a hacking competition at New York University [Tandon School of Engineering] this year, one could find a lot of students who would agree with that sentiment. One of the annual competitive formats during NYU’s Cyber Security Awareness Week is known as “Capture the Flag,” or CTF, and it attracts the kinds of students who could help fill the computer security talent gap.

NYU students win award for solution to safeguard electronic voting machines

December 15, 2016

When electronic voting machines came into use in the early 1990s, they made voting cheaper, easier, and more accessible to the electorate, but few programmers gave thought to the issue of cybersecurity…New York University students Kevin Kirby, Anthony Masi, and Fernando Maymi took home first place in the challenge with their system, Votebook, which is secure, scalable, and consistent with current voter behavior and expectations of privacy.

Is This Blockchain Voting System By NYU Devs the Solution to Russia Election Meddling?

December 12, 2016

Hacked-CCS

New York University students Kevin Kirby, Anthony Masi, and Fernando Maymi [Masi and Maymi are cybersecurity graduate students at NYU Tandon School of Engineering] won first place in the contest with Votebook, a “secure, scalable and consistent with current voter behavior and expectations of privacy.”

NYU Cybersecurity Students Devise a New Way to Safeguard Electronic Voting Systems

December 9, 2016

Tandon

In September 2016 the internationally recognized computer protection firm Kaspersky Lab, in partnership with The Economist, mounted a challenge inviting teams from universities around the world to design a system for digital voting that addressed such issues as ensuring privacy and validating contested results.

New York University students Kevin Kirby, Anthony Masi, and Fernando Maymi took home first place in the challenge with their system, Votebook, which is secure, scalable, and consistent with current voter behavior and expectations of privacy.