Category: reports

Auto Added by WPeMatico

Security Risks of AI

Posted on By infossl
artificial intelligence, cybersecurity, machine learning, reports, risks, Security technology, Uncategorized

Stanford and Georgetown have a new report on the security risks of AI—particularly adversarial machine learning—based on a workshop they held on the topic. Jim Dempsey, one of the workshop organizers, wrote a blog post on the report: As a first step, our report recommends the inclusion of AI security concerns within the cybersecurity programs … Read More “Security Risks of AI” »

Cyberwar Lessons from the War in Ukraine

Posted on By infossl
cyberattack, cyberwar, defense, infrastructure, reports, russia, Security technology, ukraine, Uncategorized

The Aspen Institute has published a good analysis of the successes, failures, and absences of cyberattacks as part of the current war in Ukraine: “The Cyber Defense Assistance Imperative ­ Lessons from Ukraine.” Its conclusion: Cyber defense assistance in Ukraine is working. The Ukrainian government and Ukrainian critical infrastructure organizations have better defended themselves and … Read More “Cyberwar Lessons from the War in Ukraine” »

NSA on Supply Chain Security

Posted on By infossl
infrastructure, nsa, operational security, reports, Security technology, supply chain, Uncategorized

The NSA (together with CISA) has published a long report on supply-chain security: “Securing the Software Supply Chain: Recommended Practices Guide for Suppliers.“: Prevention is often seen as the responsibility of the software developer, as they are required to securely develop and deliver code, verify third party components, and harden the build environment. But the … Read More “NSA on Supply Chain Security” »

New Report on IoT Security

Posted on By infossl
cybersecurity, Internet of Things, reports, security engineering, Security technology, Uncategorized

The Atlantic Council has published a report on securing the Internet of Things: “Security in the Billions: Toward a Multinational Strategy to Better Secure the IoT Ecosystem.” The report examines the regulatory approaches taken by four countries—the US, the UK, Australia, and Singapore—to secure home, medical, and networking/telecommunications devices. The report recommends that regulators should … Read More “New Report on IoT Security” »

New UFEI Rootkit

Posted on By infossl
implants, kaspersky, malware, reports, rootkits, Security technology, Uncategorized

Kaspersky is reporting on a new UFEI rootkit that survives reinstalling the operating system and replacing the hard drive. From an article: The firmware compromises the UEFI, the low-level and highly opaque chain of firmware required to boot up nearly every modern computer. As the software that bridges a PC’s device firmware with its operating … Read More “New UFEI Rootkit” »

Security Vulnerabilities in Honda’s Keyless Entry System

Posted on By infossl
cars, keys, locks, reports, Security technology, Uncategorized

Honda vehicles from 2021 to 2022 are vulnerable to this attack: On Thursday, a security researcher who goes by Kevin2600 published a technical report and videos on a vulnerability that he claims allows anyone armed with a simple hardware device to steal the code to unlock Honda vehicles. Kevin2600, who works for cybersecurity firm Star-V … Read More “Security Vulnerabilities in Honda’s Keyless Entry System” »

Ubiquitous Surveillance by ICE

Posted on By infossl
privacy, reports, Security technology, surveillance, Uncategorized

Report by Georgetown’s Center on Privacy and Technology published a comprehensive report on the surprising amount of mass surveillance conducted by Immigration and Customs Enforcement (ICE). Our two-year investigation, including hundreds of Freedom of Information Act requests and a comprehensive review of ICE’s contracting and procurement records, reveals that ICE now operates as a domestic … Read More “Ubiquitous Surveillance by ICE” »

ICE Is a Domestic Surveillance Agency

Posted on By infossl
national security policy, privacy, reports, secrecy, Security technology, surveillance, Uncategorized

Georgetown has a new report on the highly secretive bulk surveillance activities of ICE in the US: When you think about government surveillance in the United States, you likely think of the National Security Agency or the FBI. You might even think of a powerful police agency, such as the New York Police Department. But … Read More “ICE Is a Domestic Surveillance Agency” »

Microsoft Issues Report of Russian Cyberattacks against Ukraine

Posted on By infossl
cyberattack, cyberespionage, cyberwar, espionage, reports, russia, Security technology, ukraine, Uncategorized

Microsoft has a comprehensive report on the dozens of cyberattacks — and even more espionage operations — Russia has conducted against Ukraine as part of this war: At least six Russian Advanced Persistent Threat (APT) actors and other unattributed threats, have conducted destructive attacks, espionage operations, or both, while Russian military forces attack the country … Read More “Microsoft Issues Report of Russian Cyberattacks against Ukraine” »

NASA’s Insider Threat Program

Posted on By infossl
insiders, national security policy, reports, Security technology, Uncategorized

The Office of Inspector General has audited NASA’s insider threat program: While NASA has a fully operational insider threat program for its classified systems, the vast majority of the Agency’s information technology (IT) systems — including many containing high-value assets or critical infrastructure — are unclassified and are therefore not covered by its current insider … Read More “NASA’s Insider Threat Program” »