Upcoming Events and Additional Information
The Center for Public Safety and Cybersecurity Education (CPSCE) is committed to providing access to timely and relevant information for industry professionals, as well as the communities we serve. In addition to hosting a variety of special events throughout the year, the Center also maintains a list of well-regarded public safety and cybersecurity resources.
Contact Us
Learn more about how Franklin can develop tailored training solutions for your organization.
Upcoming Events
Click below to view the 2024 National Centers of Academic Excellence calendar of events.
News Feeds
Get the latest cyber security news and insight from industry leaders.
Schneier on Security
AI and the 2024 US Elections
October 3, 2024 - 5:55pm
Bruce Schneier
For years now, AI has undermined the public’s ability to trust what it sees, hears, and reads. The Republican National Committee released a provocative ad offering an “AI-generated look into the country’s possible future if Joe Biden is re-elected,” showing apocalyptic, machine-made images of ruined cityscapes and chaos at the border. Fake robocalls purporting to be from Biden urged New Hampshire residents not to vote in the 2024 primary election. This summer, the Department of Justice cracked down on a Russian bot farm that was using AI to impersonate Americans on social media, and OpenAI disrupted an ...
Weird Zimbra Vulnerability
October 2, 2024 - 9:27pm
Bruce Schneier
Hackers can execute commands on a remote computer by sending malformed emails to a Zimbra mail server. It’s critical, but difficult to exploit.
In an email sent Wednesday afternoon, Proofpoint researcher Greg Lesnewich seemed to largely concur that the attacks weren’t likely to lead to mass infections that could install ransomware or espionage malware. The researcher provided the following details:
- While the exploitation attempts we have observed were indiscriminate in targeting, we haven’t seen a large volume of exploitation attempts
- Based on what we have researched and observed, exploitation of this vulnerability is very easy, but we do not have any information about how reliable the exploitation is ...
California AI Safety Bill Vetoed
October 1, 2024 - 10:08pm
Bruce Schneier
Governor Newsom has vetoed the state’s AI safety bill.
I have mixed feelings about the bill. There’s a lot to like about it, and I want governments to regulate in this space. But, for now, it’s all EU.
(Related, the Council of Europe treaty on AI is ready for signature. It’ll be legally binding when signed, and it’s a big deal.)
Hacking ChatGPT by Planting False Memories into Its Data
September 27, 2024 - 12:20pm
Bruce Schneier
This vulnerability hacks a feature that allows ChatGPT to have long-term memory, where it uses information from past conversations to inform future conversations with that same user. A researcher found that he could use that feature to plant “false memories” into that context window that could subvert the model.
A month later, the researcher submitted a new disclosure statement. This time, he included a PoC that caused the ChatGPT app for macOS to send a verbatim copy of all user input and ChatGPT output to a server of his choice. All a target needed to do was instruct the LLM to view a web link that hosted a malicious image. From then on, all input and output to and from ChatGPT was sent to the attacker’s website...
NIST Recommends Some Common-Sense Password Rules
September 27, 2024 - 10:03am
Bruce Schneier
NIST’s second draft of its “SP 800-63-4“—its digital identify guidelines—finally contains some really good rules about passwords:
The following requirements apply to passwords:
- lVerifiers and CSPs SHALL require passwords to be a minimum of eight characters in length and SHOULD require passwords to be a minimum of 15 characters in length.
- Verifiers and CSPs SHOULD permit a maximum password length of at least 64 characters.
- Verifiers and CSPs SHOULD accept all printing ASCII [RFC20] characters and the space character in passwords.
- Verifiers and CSPs SHOULD accept Unicode [ISO/ISC 10646] characters in passwords. Each Unicode code point SHALL be counted as a signgle character when evaluating password length. ...
Krebson Security
A Single Cloud Compromise Can Feed an Army of AI Sex Bots
October 3, 2024 - 9:05am
BrianKrebs
Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researchers say these illicit chat bots, which use custom jailbreaks to bypass content filtering, often veer into darker role-playing scenarios, including child sexual exploitation and rape.
Crooked Cops, Stolen Laptops & the Ghost of UGNazi
September 30, 2024 - 5:33pm
BrianKrebs
A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, a new indictment charges. KrebsOnSecurity has learned that many of the man's alleged targets were members of UGNazi, a hacker group behind multiple high-profile breaches and cyberattacks back in 2012.
U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex
September 26, 2024 - 10:54am
BrianKrebs
The United States today unveiled sanctions and indictments against the alleged proprietor of Joker's Stash, a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The government also indicted a top Russian cybercriminal known as Taleon, whose cryptocurrency exchange Cryptex has evolved into one of Russia's most active money laundering networks.
Timeshare Owner? The Mexican Drug Cartels Want You
September 25, 2024 - 12:26pm
BrianKrebs
The FBI is warning timeshare owners to be wary of a prevalent telemarketing scam involving a violent Mexican drug cartel that tries to trick elderly people into believing someone wants to buy their property. This is the story of a couple who recently lost more than $50,000 to an ongoing timeshare scam that spans at least two dozen phony escrow, title and realty firms.
This Windows PowerShell Phish Has Scary Potential
September 19, 2024 - 3:39pm
BrianKrebs
Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. While it's unlikely that many programmers fell for this scam, it's notable because less targeted versions of it are likely to be far more successful against the average Windows user.
Security Resources
- Infosecurity Mag
- Security Magazine
- National Cyberwatch Center
- Security Weekly
- National Security Agency and Central Security Service
- The Department of Homeland Security
- Federal Bureau of Investigation
- InfraGard Partnership for Protection
- TaoSecurity Blog
- Threatpost
- Open Software Security Community
- Ohio Homeland Security
- Dark Reading
- Ohio Attorney General Cybersecurity
- Ohio Attorney General
- State of Ohio Office of the Inspector General
- Ohio Department of Commerce
- Ohio Fire Chief's Association and Ohio Fire and Emergency Services Foundation
- Liquidmatrix Bot
- Columbus Collaboratory
- WOSU Public Media NovaLabs
Internal Security Resources
Franklin University resources provided to enhance personal and organizational security.
Request Free Information
Learn more about how Franklin can develop an educational partnership tailored to your organization.
Get in touch with us today!
Franklin University
201 S Grant Ave.
Columbus, OH 43215
Local: (614) 797-4700
Toll Free: (877) 341-6300
admissions@honornm.com
Copyright 2024 Franklin University
Franklin University is accredited by the Higher Learning Commission (hlcommission.org/800.621.7440) and authorized by the Ohio Department of Higher Education.
Franklin University is committed to being an inclusive community free from all forms of discrimination and harassment.