Last Updated on 22 June 2023 by Daniel Rajendran Murthy, Rochester Institute of Technology The Research Brief is a short take about interesting academic work. The big idea When a person is notified of a data breach involving their personal information, if they react with a feeling of fear – as opposed to anger –… Continue reading Fear trumps anger when it comes to data breaches – angry customers vent, but fearful customers don’t come back
Cross-site scripting (XSS) is a type of web security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users. The main idea behind XSS is that an attacker finds a way to inject unauthorized scripts or code into a trusted website or web application, which is then executed by the… Continue reading What is Cross-Site Scripting (XSS), and How to Prevent
Last Updated on 23 May 2023 by Daniel SSL (Secure Sockets Layer) is a cryptographic protocol that provides secure communication over the internet. It has been succeeded by Transport Layer Security (TLS), which is the more commonly used term today. Here are some reasons why SSL/TLS is considered more secure: Encryption: SSL/TLS uses encryption to… Continue reading Why is SSL More Secure?
Last Updated on 15 May 2023 by Daniel Hervé Debar, Télécom SudParis – Institut Mines-Télécom What is a password? A password is a secret linked to an identity. It associates two elements, something we own (a bank card, badge, telephone, fingerprint) and what we know (password or code). Passwords are widely used for computers, telephones… Continue reading Passwords: security, vulnerability, constraints
Last Updated on 14 May 2023 by Daniel Tim Stevens, King’s College London We all know personal devices can be hacked, but a whole country’s security could be at risk too. With the rise of the so-called Internet of Things (IoT), and against the backdrop of cyberwarfare, digital surveillance and digital subversion, the risk to… Continue reading Internet of Things: when objects threaten national security
Richard Forno, University of Maryland, Baltimore County Editor’s note: This article contains plot spoilers. Society’s understanding of technology and cybersecurity often is based on simple stereotypes and sensational portrayals in the entertainment media. I’ve written about how certain scenarios are entertaining but misleading. Think of black-clad teenage hackers prowling megacities challenging corporate villains. Or think… Continue reading Lessons from ‘Star Trek: Picard’ – a cybersecurity expert explains how a sci-fi series illuminates today’s threats
Greg Skulmoski, Bond University Like most people I check my emails in the morning, wading through a combination of work requests, spam and news alerts peppering my inbox. But yesterday brought something different and deeply disturbing. I noticed an alert from the American Cybersecurity and Infrastructure Security Agency (CISA) about some very devious malware that… Continue reading It’s being called Russia’s most sophisticated cyber espionage tool. What is Snake, and why is it so dangerous?
Last Updated on 11 May 2023 by Daniel Mohammad S. Jalali, MIT Sloan School of Management Like any large company, a modern hospital has hundreds – even thousands – of workers using countless computers, smartphones and other electronic devices that are vulnerable to security breaches, data thefts and ransomware attacks. But hospitals are unlike other… Continue reading Defending hospitals against life-threatening cyberattacks
Last Updated on 11 May 2023 by Daniel Jason R.C. Nurse, University of Kent Cybercriminals have just been given yet another route to get malicious software (malware) onto your personal mobile devices. The hugely popular video game Fortnite has become one of the first major apps to bypass official app stores and encourage users to… Continue reading Fortnite is setting a dangerous security trend