At a time when concerns about cybersecurity and privacy are growing, among the most insecure websites are state education departments and most local school systems. That’s the high-level conclusion of a new study by the consultancy EdTech Strategies.
Russian cyberspies pursuing the secrets of military drones and other sensitive U.S. defense technology tricked key contract workers into exposing their email to theft, an Associated Press investigation has found. What ultimately may have been stolen is uncertain, but the hackers clearly exploited a national vulnerability in cybersecurity: poorly protected email and barely any direct notification to victims.
The defense secretary for a newly elected president is entering his third month in office when a chilling report crosses his desk warning of the catastrophic damage an enemy could visit on the U.S. with a cyberattack. Such an attack, the report warns, could cripple the U.S. economy. It could strike with no warning. It could be launched asymmetrically by an enemy that’s much weaker than the U.S. in traditional military might.
The Pentagon has long wrapped Diego Garcia in a veil of secrecy, barring media from the Indian Ocean island even as its base and airfield became a key node in America’s wars in the Middle East.
Last month, the Federal Trade Commission and the U.S. Department of Education held a workshop in Washington, DC. The topic was “Student Privacy and Ed Tech.” We at EFF have been trying to get the FTC to focus on the privacy risks of educational technology (or “ed tech”) for over two years, so we eagerly filed formal comments.
To make any real progress in advancing data privacy this year, we have to start doing something about Google and Facebook. Not doing so would be like trying to lose weight without changing your diet. Simply ineffective. The impact these two companies have on our privacy cannot be understated. You may know that hidden trackers lurk on most websites you visit, soaking up your personal information.
In a recent study, 10 percent of simulated phishing e-mails sent to users in education institutions were successful, triggering the recipient to click on a fraudulent link. That's according to the 2018 State of the Phish report from Wombat Security Technologies, in which researchers measured the average click rates on phishing tests across various industries.
The Homeland Security Department plans to update its system for automatically sharing cybersecurity threat information with companies, critical infrastructure providers and other federal agencies this coming summer or fall, a top official said Thursday.
In the three weeks since researchers revealed major flaws in virtually every computer processors, issuing patches has not gone smoothly. "It's been a bit of a disaster," said Ellison Anne Williams, founder and CEO of security firm Enveil. "The problem happens in the memory of the computer. Anytime you start messing with memory, things can go wrong very quickly. Some of the patches coming out do unexpected things. It takes a long time to see how things are going."
A University of Michigan (U-M) team has announced plans to develop an “unhackable” computer, funded by a new $3.6 million grant from the Defense Advanced Research Projects Agency (DARPA). The goal of the project, called MORPHEUS, is to design computers that avoid the vulnerabilities of most current microprocessors, such as the Spectre and Meltdown flaws announced last week.