Lifeboat Foundation

Software bugs are a tale as old as time — which, in the case of programming, means about 75 years. In 1947, programmer Grace Murray Hopper was working on a Mark II Computer at Harvard University when she noticed a moth that was stuck in the relay, preventing the computer program from running. It was the first “bug”, and countless others have followed since then.

In the history of programming, bugs have ranged from harmless to absolutely catastrophic. In 1986 and 1987, several patients were killed after a Therac-25 radiation therapy device malfunctioned due to an error by an inexperienced programmer, and a software bug might have also triggered one of the largest non-nuclear explosions in history, at a Soviet trans-Siberian gas pipeline.

While events such as this are rare, it’s safe to say that software bugs can do a lot of damage and waste a lot of time (and resources). According to recent analysis, the average programmer produces 70 bugs per 1,000 lines of code, with each bug demanding 30 times more time to fix than it took to write the code in the first place. In the US alone, an estimated $113 billion is spent identifying and fixing code bugs…

The world is one step closer to having a totally secure internet and an answer to the growing threat of cyber-attacks, thanks to a team of international scientists who have created a unique prototype that could transform how we communicate online.

The invention led by the University of Bristol, revealed today in the journal Science Advances, has the potential to serve millions of users, is understood to be the largest-ever quantum network of its kind, and could be used to secure people’s online communication, particularly in these internet-led times accelerated by the COVID-19 pandemic.

With thousands of students using the internet to attend class remotely, cybersecurity experts are raising concerns about children becoming targets for hackers. Many Central New York school districts, like the Central Square Central School District, sent laptops home with students. Central Square uses a software called GoGuardian that flags unsafe or inappropriate online material. Superintendent Thomas Colabufo says parents are happy to know that the security feature is in place.

Our researcher describes how malware is disabling popular security plugins on compromised WordPress websites to conceal malicious behavior and evade detection.

The promise of artificial intelligence for cybersecurity is that it will free security professionals at government agencies from menial tasks and allow them to focus on threat hunting and higher-level work. Another benefit that might get lost in the shuffle, but is no less important, is that automation in cybersecurity can actually lead to enhanced security for agencies.

Five governments are testing that proposition. Last month, the states of Arizona, Louisiana, Massachusetts and Texas, along with Maricopa County, Ariz., announced a partnership with the Multi-State Information Sharing and Analysis Center and the Johns Hopkins Applied Physics Laboratory (APL) to pilot a cybersecurity automation program.

The agencies will be using security orchestration, automation and response (SOAR) tools, which “enable organizations to collect security-threat data through multiple sources and perform triage response actions significantly faster than with manual processes,” according to a Johns Hopkins press release. The hope is that it will enable the agencies to “quickly and broadly share information — in near real time — and leverage automation to prevent or respond to cyberattacks,” the release states.

Public-private partnerships have been central to the development of cybersecurity over the past decade, through the sharing of threat information between commercial organizations and historically secretive government agencies. The opportunity now exists for a new era of public-private partnership, for a new realm of information sharing.

Cyberattacks continue to be reported as a key business risk. In the recent World Economic Forum’s Regional Risks for Doing Business 2019 report, survey respondents in six of the world’s 10-largest economies identified cyberattacks as their number one risk.

Continue reading “How to build a modern public-private cybersecurity partnership” »

As cybercrime is becoming more lucrative and more automated, we’re going to have to depend on automated defenses on the other side.

This is an article from 2014, but it’s interesting — especially for why phishing emails are so lame. Money quote:

‘The answer is that the implausibility is a useful tool for the scammers. An entirely believable email would get millions of people falling for the bait – most of whom would catch on later when the scammers started requesting private banking details. This way, the fraudsters can avoid wasting their time on no-hopers, knowing that any replies they do receive are … See More.

Maybe your bank wants you to update your password; maybe a new Facebook friend wants to show you a funny web page. Maybe a Nigerian lawyer wants to pass on a legacy from a long-lost relative.

Continue reading “The psychology of phishing: why do we fall for terrible email scams?” »

New research shows how the next generation of ultra-secure communication could be possible with existing infrastructure.