News

DoD IASP scholarship program that is available for most of you and can be access if you click here the due day is 5/11. Feel free to drop by or email Edward Chow if you have questions.

UCCS join UNAVCO conducting GPS security research

Letter from UNAVCO

UCCS PeakChaos team won the local Hackazon Capture The Flag competition sponsored by Delloit at the AFCEA Cyberspace Symposium at the Broadmoor, 2/8/2017.

Winners

NSF ISC workshop

On 11/11/2016, we held an NSF Integrated Security to CS Curriculum Workshop at UCCS Library Apse to share our project experience with the cyber security faculty members of Front Range Universities. See workshop web site at https://ciast.uccs.edu/nsf/isc

Cyber Exchange Meetups

Cyber Exchange Meetups are a program activity of The Cyber Resilience Institute (CRI). CRI, a nonprofit, is building a national network of community Cyber Resilience initiatives to help society respond to the National Call to Organize and Engage through partnering efforts that improve cybersecurity and infrastructure protection. In the year of 2014, UCCS hosted such an activity. -- http://cyber-res.org/CyberExchangeMeetups/MeetupAgenda_1.pdf

ISSA Local Chapter Conference

In 2014, the EAS college hosted the 3/27 conference organized by the local chapter of Information Systems Security Association (ISSA). Aaron Perkins and serval PeakChaos student club leaders were invited to give a 20 minute talk in the conference. -- http://www.fbcinc.com/e/cfd/

Northrop Grumman names campus a Core University Partner

In Jan 28,2014, UCCS joined an elite group of universities that partner with Northrop Grumman Corporation to create an improved pipeline for current and future engineering students and faculty research and development opportunities. -- http://communique.uccs.edu/?p=13769

US Congress postpones internet piracy bill,

"Caving to a massive campaign by Internet services and their millions of users, the US Congress has indefinitely postponed legislation to stop online piracy of movies and music costing US companies billions of dollars every year.

Critics said the bills would result in censorship and stifle Internet innovation.

The demise, at least for the time being, of the anti-piracy bills was a clear victory for Silicon Valley over Hollywood, which has campaigned for a tougher response to online piracy. The legislation also would cover the counterfeiting of drugs and car parts."-- http://www.stuff.co.nz/technology/6293964/US-Congress-postpones-internet-piracy-bill

Police in New Zealand raid a luxury mansion and arrest Megaupload founder Kim Dotcom as the US pushes ahead with its war on copyright piracy.

Is Google corrupt? Search me Google was thoroughly conned by SEO experts hired by JCPenney. Can we trust its search result rankings at all?

" Over the weekend, the New York Times published a long piece by David Segal describing in painful detail exactly how Google's search results have been totally pwned by JCPenney. Over the holiday shopping season, the retailer where my mother used to drag me to buy my Easter suits received an extraordinary bounty of Google love, ranked number one in searches for "dresses," "bedding," "area rugs," "furniture," "skinny jeans," and dozens of other terms (including, probably, "Easter suits"). ..." -- http://www.infoworld.com/t/search-engines/google-corrupt-search-me-428

2011: The year hacking goes mainstream Chinese hackers attack oil companies, criminals attack Nasdaq, and now Bank of America wants to hack WikiLeaks. These days, if you're not a hacker, you're probably being hacked, by Robert Cringley:

"It's been brewing for quite some time. According to McAfee, a team of Chinese hackers has been infiltrating computer networks for the world's largest oil and gas companies. Last week the Wall Street Journal reported that Nasdaq's network was penetrated (though not the Nasdaq market –- as far as we know). And the ongoing battle between Anonymous and the folks who are aiming to take it down is just heating up. "-- http://www.infoworld.com/t/hacking/2011-the-year-hacking-goes-mainstream-255

CYBERSECURITY PLAN DISAPPOINTS MANY
On Friday the Bush Administration released the final version of the National Strategy to Secure Cyberspace, which disappointed many in its variance from several widely circulated drafts. The document attempts to address the growing concern over threats to the nation's computer systems, threats that could result in "debilitating disruption to our nation's critical infrastructures, economy, or national security." Critics complained that the final version of the strategy document backs away from regulations and concrete steps to improve cybersecurity, opting instead for suggestions and softer recommendations. Allan Paller of the SANS Institute said the document is "a wonderful statement of the problem" but leaves out "some of the best ideas that people had." Sen. Charles E. Schumer (D-N.Y.) also faulted the final document, calling it "a vague set of broad principles that has no money backing it up." Washington Post, 15 February 2003 http://www.washingtonpost.com/wp-dyn/articles/A10274-2003Feb14.html

NSA Award UCCS Army Reserved Cyber P3i Grant for Developing Three Online Cybersecurity Certificates:

NSA in June 2016 awarded UCCS a $432K grant for porting the Network System Security Graduate Certificate and Engineering Secure Software Graduate Certificate, and developing a new Undergraduate Cybersecurity Certificate to be delivered on Coursera MOOC platform.

LINUX SECURITY AUDITING TO GET A BOOST
Sardonix Audit Portal, which aims to consolidate Linux security auditing, recently received funding from the U.S. government's Defense Advanced Research Project Agency (DARPA). Crispin Cowan, chief scientist at Linux firm WireX, co-founded the project. He said it will organize Linux developers to see which programs have and have not been audited for security holes, then secure them in a systematic fashion. Cowan will also try to develop a community where code reviewers are graded on how well they complete their tasks. The Linux community tried a similar project in 1998, but failed when the Linux Security Audit Project quickly lost its focus and became a discussion board for Linux security. Cowan said that under the DARPA agreement WireX will also provide software to the Linux community that will help enable Linux developers to write code protected against buffer overflow and domain-name server attacks. The Sardonix portal will also feature developer tools to make the auditing process more accurate and efficient. DARPA funded the portal, along with 11 other projects, as part of its $1.2 million effort to create a more secure OpenBSD. (Cnet, 6 February 2002)

REPORTS SHOW A LULL IN COMPUTER VIRUSES
Security experts report a sharp decrease in the number and severity of computer viruses compared to this time last year. Last year was notable for outbreaks of the Code Red, Nimda, and Sircam viruses. According to an official at F-Secure, a Finnish anti-virus company, Klez is the most significant concern of the year so far. Last year F-Secure issued nine "Level One" virus warnings, its most severe, and predicted that viruses would find their way to mobile devices including phones and pocket PCs. The prediction has not come true, and this year the company has not issued any "Level One" warnings. Other security firms report similar drops in virus activity. Explanations for the decline include better anti-virus tools, heightened user awareness of the need for protection, stiffer criminal sentences for hackers, and even a sense of patriotism. Reuters, 12 August 2002 http://www.siliconvalley.com/mld/siliconvalley/3848828.htm

"A Long, Hard Look at the Hackers"
Governments are taking the perceived threat of cyberterrorism very seriously, especially after the Sept. 11 attacks. The U.S.'s national strategy to secure cyberspace postulates a scenario in which terrorists use the Internet to remotely cripple ... http://www.acm.org/technews/articles/2002-4/1122f.html#item10

"Agencies Fail Cyber Test"
The House Government Reform subcommittee gave the federal government an overall failing grade for its computer security efforts, which were assessed in a study by the General Accounting Office (GAO). The GAO's study flunked 14 out of the 24 largest ... http://www.acm.org/technews/articles/2002-4/1122f.html#item11


Date Last Updated: 24 February 2017