Never use the same password for all your accounts. If you can’t remember them all, try a password manager, says Justin Cappos, a professor at New York University’s engineering school…“You’re much less likely to have problems using one of these than if you write all your passwords down on sticky notes you may or may...
Author: Emerald Knox (Emerald Knox)
Post
Cyber– Physical Systems Security and Privacy
Guest Editors: Michail Maniatakos, Ramesh Karri and Alvaro A. Cardenas During the past decade, several catch-phrases have been used to emphasize the increasing importance of cyber–physical systems (CPS) in our everyday life: Internet-of-Things, Internet-of-Everything, Smart-Cities, Smart-X, Intelligent-X, etc. All such systems, in their core, consist of networked computing (cyber) devices continuously interacting with the physical...
Post
SafetyNets: Verifiable Execution of Deep Neural Networks on an Untrusted Cloud
Zahra Ghodsi, Tianyu Gu and Siddharth Garg Inference using deep neural networks is often outsourced to the cloud since it is a computationally demanding task. However, this raises a fundamental issue of trust. How can a client be sure that the cloud has performed inference correctly? A lazy cloud provider might use a simpler but less...
Post
Throughput maximization of large-scale secondary networks over licensed and unlicensed spectra
Manjesh K. Hanawal, Yezekael Hayel and Quanyan Zhu. Throughput of a mobile ad hoc network (MANET) operating on an unlicensed spectrum can increase if nodes can also transmit on a (shared) licensed spectrum. However, the transmissions on the licensed spectrum has to be limited to avoid degradation of quality of service (QoS) to primary users (PUs). We...
Post
Further Update on the Threat Situation Surrounding the Petya Cyber Attack
… The original Petya ransomware that popped up last year encrypted hundreds of file types, and the new code makes some interesting choices in what it encrypts. Justin Cappos, assistant professor of security, operating systems and networks at the New York University Tandon School of Engineering, was interviewed by The Register…
Post
Everything you need to know about the Petya, er, NotPetya nasty trashing PCs worldwide
… The original Petya ransomware that popped up last year encrypted hundreds of file types, and the new code makes some interesting choices in what it encrypts.… ‘It’s very odd,’ Justin Cappos, assistant professor of security, operating systems and networks at the New York University Tandon School of Engineering told The Register.
Post
Pay Up or Lose Everything: What Madison Avenue Should Know About The WPP Ransom Hack
… The ransomware ground businesses to a halt for at least a day. … ‘A lot of ransomware does not do this, does not let the hackers in in the meantime, but there’s no absolute,’ said Justin Cappos, professor in the computer science and engineering department at the NYU Tandon School of Engineering
Post
The Global Ransomware Attack Weaponized Software Updates
Ransomware attacks were nothing new, but this one had a secret weapon, a sophisticated software exploit known as EternalBlue, published by the Shadow Brokers in April and believed to have been developed by the NSA. … NYU [Tandon School of Engineering] security researcher Justin Cappos, who works on securing patching procedures as part of The...
Post
Booted: An Analysis of a Payment Intervention on a DDoS-for-Hire Service
Ryan Brunt, Prakhar Pandey and Damon McCoy. Distributed Denial of Service (DDoS) attacks have become a growing threat that, to a large extent, have become commoditized by DDoS-for-hire, or “booter”, services. In this case study, we analyze leaked fine-grain “ground truth” data from a larger booter service, VDoS, which earned over $597,000 over two years...
Post
IoT-enabled Distributed Cyber-attacks on Transmission and Distribution Grids.
Yury Dvorkin and Siddharth Garg The Internet of things (IoT) will make it possible to interconnect and simultaneously control distributed electrical loads. Various technical and regulatory concerns have been raised that IoT-operated loads are being deployed without appropriately considering and systematically addressing potential cyber-security challenges. Hence, one can envision a hypothetical scenario when an ensemble...