STEMapalooza
Join us at the 11th annual STEMapalooza! Enjoy interactive activities while discovering new topics within science, technology, engineering, and math.
Every year, STEMapalooza brings the world of innovators to life, featuring workshops, exhibits, panel presentations with women in STEM, hands-on activities, giveaways and more!
Registration deadline is April 9, 2023 at 11:59 pm.
BSides Tampa X 2023
BSides Tampa is an Information Technology Security Conference sponsored by the Tampa Bay Chapter of (ISC)². They are a 100% volunteer-organized event, put on by and for the community. The purpose of BSides Tampa is to provide an open platform for Information Security industry professionals and enthusiasts to collaborate, exchange ideas, and develop
long-standing relationships with others in the community.
Crypto Café at Florida Atlantic University
Join the FAU Department of Mathematics for Crypto Café – a lecture series on topics in mathematics and computer science related to Cryptography and information security.
Upcoming Presentations
Succinct Vector, Polynomial, and Functional Commitments from Lattices
March 27, 2023, 11:00 am
Speaker: David J. Wu (The University of Texas at Austin)
Abstract: TBA
Fast Practical Lattice Reduction through Iterated Compression
April 24, 2023, 11:00 a.m.
Speaker: Ryan Keegan (University of California, San Diego).
Keegan Ryan is a 4th year PhD student advised by Prof. Nadia Heninger at the University of California, San Diego. His research interests include practical cryptanalysis of real-world systems, particularly problems involving lattice reduction.
Abstract: We introduce a new lattice basis reduction algorithm with approximation guarantees analogous to the LLL algorithm and practical performance that far exceeds the current state of the art. We achieve these results by iteratively applying precision management techniques within a recursive algorithm structure and show the stability of this approach. We analyze the asymptotic behavior of our algorithm, and show that the heuristic running time is O(nω(C+n)1+ε) for lattices of dimension n, ω∈ (2,3] bounding the cost of size reduction, matrix multiplication, and QR factorization, and C bounding the log of the condition number of the input basis B. This yields a running time of O(nω(p + n)1+ε) for precision p=O(log|B|max) in common applications. Our algorithm is fully practical, and we have published our implementation. We experimentally validate our heuristic, give extensive benchmarks against numerous classes of cryptographic lattices, and show that our algorithm significantly outperforms existing implementations.
An Introduction to Suricata: Cyber Threat Hunters Open Source Network Monitoring Tool
Suricata is a high performance, open source network analysis and threat detection software used by many private and public organizations, and embedded in major vendor solutions, to protect enterprise assets.
Presenters:
- Kelley Misata, Ph.D. – Outgoing President and Executive Director, Open Information Security Foundation
-
Juliana Fajardini – Software Developer, Open Information Security Foundation
Risky Business – A Free Risk Compliance Webinar
Join Cybersecuity Manager for the City of Lakeland Tim Emmons on Tuesday, 2/28 at 6:00 EST for a FREE risk compliance webinar!
This webinar welcomes students and attendees of all-ages who wish to do a deep dive into risk compliance and some risky business.
USF 2023 Cyber Summer Camps Open for Registration
Registration for the 2023 University of South Florida cyber summer camps is now open!
If you’re looking for a fun and educational way to keep your K-12 student occupied this summer, check out the list of USF cyber camps available for elementary, middle, and high schoolers. These camps will provide a variety of immersive, hands-on activities to help students gain cyber skills and learn about the potential of a career in cybersecurity.
Phishing Attacks – Helpful Ways to Identify and Avoid Them
Phishing is one of the most common types of cyberattacks that can seriously impact both individuals and organizations. These kinds of attacks can take place almost anywhere online; text, websites, and social media, but are most commonly seen in the form of email.
The SlashNext State of Phishing Report for 2022, released in October, found that there was a 61% increase in the rate of phishing attacks in just the first 6 months of the year compared to last year’s data. Not only have the rates of phishing attacks increased, there was a 50% increase in attacks on mobile devices, with scams and credential theft at the top of the list of payloads.
With all of this in mind, it is perhaps more important than ever to stay vigilant against phishing attacks. Read on to learn more about this type of attack and helpful ways to identify and avoid them.
What is phishing and how does it work?
Phishing is a type of social engineering attack, or an attack that involves psychological manipulation, to steal your personal information or install malicious software on your devices. To accomplish this, cybercriminals will disguise themselves as a legitimate source, such as a well-known company or financial institution, to deliver realistic messages and trick you into giving up your personal information.
Cybercriminals behind these attacks will go to great lengths to make their scams appear legitimate, using the logos and branding of trustworthy sources to disguise themselves. Not only will they create emails under the source’s branding, but they will often create spoofed websites, which are fake websites designed to look legitimate, to accompany them.
The goal of these emails is often to get you to click on a link and enter your personal credentials into the fake website that it leads to. Once that happens, your information will be sent to the attacker behind the scam.
How can I identify a phishing email?
Although it can sometimes be difficult, there are several ways that you can identify a phishing email.
According to fightcybercrime.org, the best ways to identify a phishing email include:
- Check the sender’s email address. If it is not from a legitimate company, do not open it.
- Check the URL by hovering over the link.
- If you are on a desktop computer or laptop, hover over the link with your mouse. You will find the full address of the link either near the link itself or somewhere on the edges of your browser window, depending on what web browser you are using.
- If you are using your smartphone or tablet, hold your finger down on the link until a window pops up showing the full address of the link. Tap away from the window to close the preview.
- Be aware of a sense of urgency or threats. For example, phrases such as “you must act now” or “your account will be closed” may be indicators of a phishing attempt.
- Be cautious of messages that ask for personal information such as your social security number, bank account information, or credit card number.
- Check for grammatical errors or misspellings.
- If you are unsure about the message, don’t hesitate to contact the company directly to inquire about it. Don’t use the contact information provided in the email or text message. Look up the company’s contact information on their website or elsewhere.
What can I do if I click on the link or provide my personal information?
If you clicked on a phishing email link or provided your information, first take a deep breath and know that it can happen to anyone.
- Go to the legitimate website, reset the password on your compromised account and enable two-factor authentication right away. If you are using that password for other accounts, change those too.
- Forward the suspected phishing email to reportphishing@apwg.org, where the Anti-Phishing Working Group will collect, analyze and share information to prevent future fraud.
- Mark it as spam.
- Run a full system scan using antivirus software to check if your device was infected when you clicked the link. If you find viruses, follow these steps on your device. If you still can’t remove the virus, contact a reputable computer repair shop in your area.
Tips & Tricks to Identify a Phishing Email
- Check the sender’s email address. If it is not from a legitimate company, do not open it.
- Check the URL by hovering over the link.
- If you are on a desktop computer or laptop, hover over the link with your mouse. You will find the full address of the link either near the link itself or somewhere on the edges of your browser window, depending on what web browser you are using.
- If you are using your smartphone or tablet, hold your finger down on the link until a window pops up showing the full address of the link. Tap away from the window to close the preview.
- Be aware of a sense of urgency or threats. For example, phrases such as “you must act now” or “your account will be closed” may be indicators of a phishing attempt.
- Be cautious of messages that ask for personal information such as your social security number, bank account information, or credit card number.
- Check for grammatical errors or misspellings.
- If you are unsure about the message, don’t hesitate to contact the company directly to inquire about it. Don’t use the contact information provided in the email or text message. Look up the company’s contact information on their website or elsewhere.
As we continue into 2023, it’s guaranteed that cybercriminals will continue to launch more and more phishing campaigns with the hopes of stealing personal information from unsuspecting victims. Remember to always be cautious online and when in doubt, always do your research!
Information retrieved from fightcybercrime.org. For more details on phishing attacks, visit: https://fightcybercrime.org/scams/hacked-devices-accounts/phishing/