Thanks to researchers at the University of Missouri, neurodivergent individuals who want to learn about cybersecurity can soon trade in their pencil and paper for a pair of virtual reality (VR) goggles and a good time.

USucceed, a VR platform that looks to prepare neurodivergent learners for a career in cybersecurity through a gamified experience, is in early stages of development. The platform, which has received roughly $850,000 in funding from the National Science Foundation, is currently being developed for Meta Quest headsets and will be released as open-source software.

So, what is it anyways? University of Missouri’s Noah Glaser and Prasad Calyam, who have been working on the platform for the past 10 months, told IT Brew that users who play USucceed will be tasked with solving escape room-like challenges that increase in complexity around cybersecurity concepts in a “futuristic space lab” setting.

“If you’ve seen an episode of Black Mirror, you have this scene with a bunch of arrays of servers,” Glaser said. “It’s kind of like that, but without the spooky undertone.”

Read the rest here.—BM

What could make a mass password reset even tougher than it already is? Another mass reset months later, when everybody’s password expires at the same time (just like that old container of raspberries you bought last month for your smoothies-for-breakfast regimen).

IT pros who spoke with IT Brew recommended practices to stagger new-password requests, that way the stress gets sprinkled around the calendar rather than placed in one heap of help desk tickets.

“All those incidents are going to fall right on the same day and overwhelm the help desk,” Andrew Topp, director in the enterprise technology and experience practice at West Monroe, told IT Brew, describing one possible scenario.

Just a few years ago, Topp led the digital services company’s incident recovery teams, where he helped orgs “put Humpty Dumpty back together again” following a ransomware attack or cyber incident. Essential to those efforts, he said: resetting passwords.

Read more here.—BH

Roughly one in three Americans had their personal information exposed online after one of the country’s premier background check companies left a database exposed.

The breach was first revealed in a Cybernews research report on Sept. 23. According to the findings, public records tracker MC2 Data left a database containing 2.2 TB of data open to the internet without password protection, exposing 106,316,633 records of at least 100 million individuals. A further 2,319,873 users looking for background checks services also had their information leaked.

Check yourself. Aras Nazarovas, junior security researcher at Cybernews, said that the information exposed in the breach could have potentially negative ramifications beyond identity theft and the like. The Lithuania-based expert warned in the report that the information might “spark conflicts in some communities and organizations” and noted that background check data has often been used by cyber criminals to gather information on targets.

“While background check services keep trying to prevent such cases, they haven’t been able to stop such use of their services completely,” Nazarovas said. “A leak is a goldmine for cyber criminals as it eases access and reduces risk for them, allowing them to misuse these detailed reports more effectively.”

Keep reading here.—EH

Cybersecurity is more than firewalls and encryption—it’s about finding the perfect balance between cutting-edge technology, smart policy, and the teams behind it all. On Oct. 31, join us in New York (or via livestream) for a half-day deep dive into quantum computing, AI, and cloud security. Hear from experts like George Barnes (former deputy director of the NSA) and Mark Stockley, host of The AI Fix, as they share how to navigate the evolving threat landscape. Grab your ticket now!