A recent study by cybersecurity researchers at NYU Tandon finds that a significant amount of the code generated by Github CoPilot programming assistant is, at best, buggy, and at worst, potentially vulnerable to attack. The researchers drew their conclusion after creating 89 potential scenarios and having CoPilot output 1,692 programs. When these programs were reviewed,...
Author: Lois Anne DeLong (Lois Anne DeLong)
Post
Facebook Disables Ad Observatory; Academicians and Journalists Fire Back
Since September 15 of 2020, the Ad Observatory has been an effective resource for journalists and academicians seeking information about the placement and targeting of ads on social media. In doing so, the project increased transparency about what messages are being used, who is funding each ad, and how much is being spent to disseminate...
Post
Cappos: To end ransomware attacks, stop paying ransom
Ransomware attacks are on the rise and a primary reason why is that such attacks are profitable. Therefore, to stop the crime, make sure it doesn’t pay. In a July 9 article in Yahoo Finance, NYU associate professor Justin Cappos notes that, “if no one had ever paid ransom for ransomware…then it would have faded...
Post
DM webinar looks at threats to supply chain security
Recent cyber attacks, such as SolarWinds, highlight the vulnerability of industrial supply chains. Given the high visibility of these attacks, it’s not surprising that a four-part webinar series on cybersecurity challenges in 3D manufacturing would include a look at how to deal with this issue. The July 1 event featured Dr. Satish Bukkapatnam of Texas...
Post
To close the cybersecurity talent gap, open new entry paths
How will we find the workforce needed to fill the currently more than 3 million unfilled cybersecurity jobs globally? Dr. Nasir Memon suggests the key is to open the profession to a wider cross-section of individuals. At a June 10 SecureWorld event on meeting the increasing demand for trained cybersecurity professionals, the co-founder of NYU’s...
Post
Cappos talks cyber protection for cars and companies in NYU “Braniacs” Segment
Justin Cappos, an NYU associate professor of computer science and engineering, was featured in a segment of NYUs Braniacs. Cappos highlighted two of his secure projects: Uptane, which protects the computing units in car, and in-toto that secures software supply chains for companies. You can watch the brief segments here. The Cappos interview begins at...
Post
Hack3D Summer Challenge kicks off CSAW Season
While the annual CSAW competition is still several months away, a new competition called the Hack 3D Summer Challenge, served as a calling card for the main event. The summer session, which focused on growing security concerns in the field of additive manufacturing, invited student to “test the security limits in additive manufacturing and to...
Post
Cybersecurity strategy for vehicles marks a pair of firsts
Onboard computing units in cars are a desirable target for hackers. Defensive strategies are out there, but many automotive manufacturers and suppliers are not equipped to choose between them. To make the differences between available options clearer, the Uptane project recently announced the availability of two new educational resources. On June 12, Uptane, a secure...
Post
Cappos points out real risks of third-party apps on iPhones
Though the bottom line of his company may have been the motivating force behind Apple CEO Tim Cook’s testimony in court on May 21, his voiced concerns about the risks of allowing third-party applications on the iPhone are not unfounded. Testifying in an antitrust suit brought against Apple by game developer Epic Games, Cook described...
Post
Introducing the 2021 CCS Ph.D.s
Five doctoral candidates affiliated with the NYU Center for Cybersecurity were officially declared graduates at Commencement Services on May 19. Let’s congratulate the Center’s newly minted doctors as they head off to positions in both industry and academia. Periwinkle Doerfler (Advisor: Dr. Damon McCoy) Ph.D., Computer Science Periwinkle successfully defended her dissertation on “’Adversarial ‘Intended’ Usage...