"T-Mobile App Glitch Let Users See Other People's Account Info"

T-Mobile customers reported being able to see the account and billing information of others after logging into the company's official mobile app. According to user reports, the exposed information included consumers' names, phone numbers, addresses, account balances, and credit card information, such as expiration dates and the last four digits. While a large number of reports began appearing on Reddit and Twitter on September 20, some T-Mobile customers claimed to have experienced this for the last two weeks.

Submitted by Gregory Rigby on Thu, 09/21/2023 - 11:45

"Cyber Group 'Gold Melody' Selling Compromised Access to Ransomware Attackers"

A financially motivated threat actor has been identified as an Initial Access Broker (IAB) who sells access to compromised organizations to other adversaries to perform follow-on attacks. The SecureWorks Counter Threat Unit (CTU) has named the group Gold Melody, which also goes by the names Prophet Spider and UNC961. According to the cybersecurity company, this financially motivated group has been active since at least 2017, exploiting vulnerabilities in unpatched Internet-facing servers to compromise organizations.

Submitted by Gregory Rigby on Thu, 09/21/2023 - 11:42

Second News Item

This is another news item.

Submitted by Matthew Warner on Thu, 03/17/2022 - 09:08

Tennessee Valley Authority Connected Communities

TVA has been working to research best practices, better understand challenges in the Valley and build a roadmap for the future. They organized a diverse group of partners to identify connected community opportunities, leading to three initial focus areas for our efforts and funding. TVA will expand their partnership network to include community implementation partners and subject matter experts.

Read more >

Submitted by Amy Karns on Fri, 12/17/2021 - 14:34

International Workshop Agreement (IWA)

Read more about International Workshop Agreement (IWA)

Hosted by the Standardization Administration of the People’s Republic of China (SAC), the workshop will be held virtually, on March 14-16, 2022, and June 22-24, 2022. The two sessions will be complemented by additional online correspondence and one or more web workshops. The registration deadline is February 8, 2022.

Civic Innovation Challenge

Read more about Civic Innovation Challenge

The Civic Innovation Challenge is a multi-agency, federal government research and action competition that aims to fund ready-to-implement, research-based pilot projects that have the potential for scalable, sustainable, and transferable impact on community-identified priorities.

NSF's Smart & Connected Communities Effort

The National Science Foundation (NSF) has long been a leader in advancing the fundamental science and engineering research and education that will revolutionize our Nation's cities and communities for the 21st century. NSF investments create the scientific and engineering foundations for smart cities and communities and help to enhance economic vitality, safety, security, health and wellbeing, and overall quality of life.

Submitted by Amy Karns on Thu, 12/16/2021 - 15:03

International Workshop on Science of Smart City Operations and Platforms Engineering (SCOPE)

Read more about International Workshop on Science of Smart City Operations and Platforms Engineering (SCOPE)

This workshop series explores provisions in existing and planned smart city deployments and addresses the challenges critical to integrating humans, physical components and computers in cyber-physical systems at smart city scale.

2022 S&CC PI Meeting

Read more about 2022 S&CC PI Meeting

NSF's Smart & Connected Communities effort aims to advance understanding of our cities and communities to improve their functioning and quality of life within them through innovations in computing, engineering, information and physical sciences, social, and learning sciences.

Resilient Control of Cyber-Physical Systems with Distributed Learning

Lead PI:

Sayan Mitra

Co-Pi:

Geir Dullerud

Abstract

Investigators: Sayan Mitra, Geir Dullerud, and Sanjay Shakkotai

Researchers: Pulkit Katdare and Negin Musavi

Critical cyber and cyber-physical systems (CPS) are beginning to use predictive AI models. These models help to expand, customize, and optimize the capabilities of the systems, but are also vulnerable to a new and imminent class of attacks. This project will develop foundations and methodologies to make such systems resilient. Our focus is on control systems that utilize large-scale, crowd-sourced data collection to train predictive AI models, which are then used to control and optimize the system’s performance. Consider the examples of congestion-aware traffic routing and autonomous vehicles; to design controllers for such systems, large amounts of user data are being collected to train AI models that predict network congestion dynamics and human driving behaviors, respectively, and these models are used to guide the overall closed-loop control system.

Although our current understanding of AI models is very limited, they are already known to have serious vulnerabilities. For example, so-called “adversarial examples” can be generated algorithmically for defeating neural network models while appearing indistinguishable to human senses [73]. This can cause an autonomous vehicle to crash, facial recognition to fail, and illegal content to bypass filters, and the attacks may be impossible to detect. A second type of vulnerability arises when the adversary provides malicious training samples that may spoil the fidelity of the learned model. A third vulnerability is the potential violation of the privacy of individuals (e.g., drivers) who provide the training data. More generally, the space of vulnerabilities and their impact on the overall control system are not well-understood. This project will address this new and challenging landscape, and develop the mathematical foundations for reasoning about such systems and attacks. These foundations will then be the basis for automatically synthesizing monitoring and control algorithms needed for resilience. The project aligns with the SoS community’s goal of creating resilient cyber-physical systems, and the approaches developed here will contribute towards development of a new compositional reasoning framework for CPS that combines traditional controls with AI models.

Our approach will take a broad view in developing a mathematical framework while simultaneously creating algorithms and tools that will be tested on benchmarks and real data. The theoretical aspects of the project will draw on the team’s expertise in learning theory, formal methods, and robust control. The resulting resilient monitoring, detection, and control synthesis approaches will be tested on data, scenarios, and models from the CommonRoad project, Udacity, and OpenPilot.

Sayan Mitra

Sayan Mitra is a Professor, Associate Head of Graduate Affairs, and John Bardeen Faculty Scholar of ECE at UIUC. His research is on safe autonomy. His research group develops theory, algorithms, and tools for control synthesis and verification. Some of these have been patented and are being commercialized. Several former PhD students are now professors: Taylor Johnson (Vanderbilt), Parasara Sridhar Duggirala (NC Chapel Hill), and Chuchu Fan (MIT). Sayan received his PhD from MIT with Nancy Lynch. His textbook on verification of cyber-physical systems was published by MIT press in 2021. The group's work has been recognized with NSF CAREER Award, AFOSR Young Investigator Research Program Award, ACM SRC gold prize, IEEE-HKN C. Holmes MacDonald Outstanding Teaching Award (2013), Siebel Fellowship, and several best paper awards.

Performance Period: 01/01/2018 - 01/01/2018

Institution: University of Illinois at Urbana-ChampaignThe University of Texas at Austin

Sponsor: National Security Agency

Subscribe to