Cyber–physical power systems resilience: Definition, threats, and assessment

Saudi Arabia is currently experiencing rapid technological, social, and economic transformation associated with its ongoing digitalization efforts. Protecting individuals’ valuable data is therefore essential for ensuring safe digital progress. Cyberattacks, particularly those based on social engineering, are often shaped by local context and culture in order to exploit trust. This emphasizes the need for culturally aware cybersecurity research, particularly in highly collectivist societies like the Saudis, where ongoing changes require evidence-based guidance to ensure safe and effective progress. Understanding the behaviors, perceptions, and concerns of individuals, as well as sources of cybersecurity advice is essential. This study involved in-depth face-to-face interviews with 33 Saudis and analyzed 12 real-life phishing experiences using a narrative inquiry approach. Participants showed various levels of security vigilance; most recognized common threats like viruses but lacked understanding of more advanced practices such as multi-factor authentication. We found that some risky behaviors were common, such as sharing passwords; participants expressed frustration and difficulty remembering passwords; the decision to share was often driven by convenience and priorities. From the narrative, we identified cultural factors such as avoiding reporting incidents, possibly due to shame, social pressure, or a lack of trust, which must be considered when designing effective, localized cybersecurity strategies.

Diarrhea caused by enterotoxigenic Escherichia coli (ETEC) is a common threat to humans and animals. Clinical ETEC strains display host tropism, usually driven by adherence and toxin-host interactions in the gut. Other virulence factors, metal acquisition mechanisms, and immune evasion strategies may also influence host specificity. Using publicly available genomes, we performed a pangenomic and functional comparison of 77 human- and swine-derived ETEC strains. Sequence types ST10 and ST4 found in both hosts, suggesting potential cross-host transmission. Phylogenetic analyses showed clustering mainly by ST, regardless of host or geography. Additionally, most functional domains were shared between hosts; however, human-derived strains carried exclusive domains related to adhesion, transposition, and toxins, whereas swine-derived strains harbored domains linked to stress response and metal binding. Notably, the PF09075 domain from the STb enterotoxin occurred only in swine-derived strains, despite previous reports in humans. Comparative analyses of STa (PF02048) and STb revealed no structural or functional homology but confirmed the swine-specific association of STb and greater sequence STa variability in human-derived strains. These findings indicate that sequence and functional differences in these enterotoxins contribute to ETEC host tropism, while ST patterns reveal possible epidemiological links between human and swine infections.

The rapid growth of web-based applications has made secure authentication a critical requirement to protect user data from cyber threats such as Structured Query Language injection (SQLi) attacks. With the increasing reliance on digital platforms, ensuring data integrity, confidentiality, and controlled access has become essential. A major challenge arises from weak authentication implementations where improper input handling allows attackers to manipulate SQL queries and gain unauthorized access. In traditional systems, authentication is often implemented using dynamic query construction with minimal input validation, prioritizing functionality over security. Such systems fail to recognize malicious input patSterns and remain highly vulnerable to injection attacks. The limitations of these systems include unsafe query construction, weak validation techniques, lack of effective attack detection mechanisms, and insufficient focus on secure design principles, leading to risks such as data breaches and compromised system integrity. These issues highlight the need for a more secure and reliable authentication approach that balances protection with usability. To address these challenges, the proposed system introduces a Django-based application integrated with a MySQL (Structured Query Language-based relational database management system) backend, consisting of two modules: a vulnerable login module to demonstrate SQLi risks and a secured login module that applies input validation and detects suspicious patterns in user inputs. This dual-module design enables clear comparison between insecure and secure approaches. The significance of this research lies in enhancing awareness of web application security, promoting secure coding practices, improving authentication reliability, and providing a practical foundation for developing systems resistant to common cyber threats.

Burn injuries are a common pediatric health threat with depth assessment relying heavily on subjective visual inspection. While objective techniques like laser Doppler imaging exist, their cost and portability limitations restrict use. We propose SAM-DR to address the challenge of scarce annotated burn data by repurposing pre-trained models with minimal fine-tuning. By replacing SAM's segmentation head with dense linear regression, our method not only identifies burn locations but also perceives burn depth through continuous depth prediction. Using 294 smartphone images from 94 patients annotated by 9 clinicians, we conducted a pixel-level comparison of human disagreement. SAM-DR achieved a 0.96 Dice score in wound segmentation, establishing state-of-the-art performance, and the use of interactive thresholding enabled segmentation of different burn depths comparable to human experts, suitable for assisted annotation. We developed an interactive tool based on SAM-DR that supports both clinical diagnosis and data annotation, offering a non-contact solution for burn assessment and dataset creation.

Religious mass gatherings (MGs) such as Hajj, Umrah, Arba'een, and Kumbh Mela attract tens to hundreds of millions of participants annually, posing unique challenges for infectious disease control, surveillance, and health system preparedness. We conducted a structured comparative analysis of these four MGs, evaluating attendance scale, participant demographics, governance structures, epidemiological risks, and public health response strategies. Data were synthesized from international public health reports, peer-reviewed literature, and national MG health policies. Hajj attracts 1.8-3 million pilgrims annually from >180 countries, while Umrah draws ~30 million yearly with similar global diversity. Arba'een hosts 20-22 million participants mainly from Iraq, Iran, and neighboring nations. Kumbh Mela peaks at tens of millions overall, exceeding 50 million on high days, predominantly Indian nationals plus international visitors. Common threats across these mass gatherings include respiratory pathogens, water- and food-borne illnesses, and vaccine-preventable diseases, amplified by crowding and diverse origins. Successful public health responses emphasize pre-event vaccination (e.g., meningococcal ACWY for Saudi MGs), real-time surveillance systems, and multisectoral coordination among stakeholders. Comparable yet distinct, these MGs require tailored risk-based frameworks emphasizing leadership, surveillance, prevention, and surge capacity. Our analysis proposes a unified model to strengthen global MG policies and practices, enhancing health security for future events.

Small businesses constitute a significant share of the global economy, yet they remain particularly vulnerable to cyberattacks because of limited financial resources, insufficient technical expertise, and reliance on basic digital infrastructure. Conventional cybersecurity systems are typically designed for large enterprises and require costly technologies and specialized personnel, making them impractical for many small organizations. This study examines the cybersecurity risks faced by small businesses and proposes a cost-effective security framework that incorporates artificial intelligence–based threat detection and automated response mechanisms. The research reviews common cyber threats affecting small firms, including phishing attacks, ransomware incidents, malware infiltration, and unauthorized network access. A layered cybersecurity architecture is developed to provide continuous network monitoring, anomaly detection, and rapid threat mitigation using machine learning techniques integrated with affordable cloud security services. The proposed framework is designed to minimize infrastructure costs while maintaining reliable threat detection capabilities. Several machine learning models are evaluated for their ability to detect malicious activities within small business networks, and their performance is assessed using metrics such as detection accuracy, false positive rate, response latency, and operational cost. Comparative analysis is conducted between traditional rule-based security systems and the proposed AI-assisted security approach. The results indicate that machine learning–based threat detection significantly improves the identification of abnormal network behavior and emerging cyber threats while reducing operational complexity. Automated security responses further strengthen the defensive posture of small organizations by enabling faster containment of suspicious activities. The study demonstrates that properly implemented AI-driven cybersecurity solutions can provide practical and affordable protection for small businesses without requiring extensive technical infrastructure. The findings offer guidance for small organizations seeking scalable cybersecurity strategies that balance security effectiveness with financial constraints.

Phishing email attacks have become one of the most common and dangerous cyber threats, targeting individuals and organizations to steal sensitive information such as login credentials, financial data, and personal details. This project focuses on the development of an intelligent phishing email detection and security analytics system using machine learning techniques. The proposed system analyzes email content, metadata, and embedded features such as URLs, attachments, and sender information to distinguish between legitimate and malicious emails. Various preprocessing methods are applied to clean and structure the data, followed by feature extraction to improve model accuracy. Machine learning algorithms such as classification models and clustering techniques are utilized to identify hidden patterns and detect suspicious activities effectively. The system also provides security analytics by generating insights, trends, and reports on phishing attempts, helping users understand evolving attack strategies. The implementation aims to achieve high accuracy, reduce false positives, and provide real-time detection capabilities. Overall, this project enhances cybersecurity measures by offering a reliable and scalable solution to combat phishing attacks and protect users from potential data breaches.

Security in Europe is a multidimensional and dynamic field of political and operational action, especially in recent years, as the continent faces multifaceted challenges: terrorism, organized crime, refugee and migration flows, cyber threats (Smith, 2023) and geopolitical tensions. In this context, three key institutions play a crucial role: Europol, Frontex (now European Border and Coast Guard Agency-EBCGA) and NATO (NATO, 2022), (Lanoszka, 2022), (Walt, 2020). Europol (European Police Office) is an important institution of the European Union (EU) in the fight against organized crime (Korontzis, 2013, c) and terrorism. It focuses on the collection, analysis and exchange of information between Member States (MS), facilitating cross-border investigations. Although it has no executive powers, it functions as a hub for cooperation between national authorities, strengthening the collective capacity to respond to criminal networks. EBCGA has been significantly upgraded in recent years, acquiring a strengthened operational role. It is involved in the surveillance and management of the EU's external borders, especially in times of migration crisis. It supports MS with joint operations, technical assistance and personnel. However, its action has provoked reactions, as issues of transparency, accountability and respect for human rights are raised. NATO, although not an EU institution, remains the cornerstone of European collective defense. The Russian invasion of Ukraine in 2022 reminded us of the Alliance's crucial role in deterrence and security in the wider region. At the same time, EU-NATO cooperation is being strengthened to address common threats, such as hybrid warfare, disinformation and cyberattacks. In conclusion, security in Europe requires multi-level cooperation, strengthening institutions and adapting to new forms of threats (Biscop, 2021). The challenge lies in finding a balance between effective protection and the safeguarding of fundamental rights and values. The purpose of this brief study is to highlight common points and possibilities for cooperation between these bodies so that security in Europe is strengthened (Sloan, 2019). At the same time, problems will also emerge in such a development, especially after the election of D. Trump in the 2024 elections (Rosen, 2014), (Daalder, Goldgeier, 2021), (Sloan, 2020).

The research focused on studying multiple aspects of phishing attack vulnerability and the corresponding knowledge about phishing by examining how psychological and social and environmental elements affect people in their phishing attack susceptibility. We analyzed data from 1,200 participants through a quantitative approach which involved a standardized questionnaire to evaluate their phishing attack susceptibility and their knowledge of phishing threats across different demographic segments. The data revealed that people between 18 and 25 years old became the most vulnerable age group to phishing attacks because their susceptibility rate reached 45% which exceeded the 30% rate found in older age groups (p 0.01). The test results showed that participants who had limited cybersecurity knowledge obtained phishing detection scores which were 15% lower than those who had better cybersecurity understanding (p 0.05).People who have restricted social connections network will click malicious links at a rate which is 40% higher than other users according to the analysis. The research showed that users who accessed their devices through mobile phones were 25% more likely to fall for phishing attacks than those who used their desktop computers for device access. Educational content requires customization because research findings show mobile platforms and population groups face different obstacles which need to be addressed. The research findings show that cybersecurity training programs which provide complete coverage should combine community-based training with language-based programs to enhance security knowledge. Scientists must keep their research on phishing methods because these attacks keep evolving while educators need to develop adaptable educational approaches which defend students from these common security threats. Research findings show how human factors interact with information security systems to develop improved protection methods which defend against phishing attacks.

Humanity is currently confronted with numerous common threats such as pandemics, environmental pollution, and economic crises. Will these common threats affect the public’s attitudes towards their country? Three studies ( N = 955) explored the impact of common threats on patriotism. Results showed that only under conditions of high perceived resource scarcity does a common threat promote patriotism. In contrast, under conditions of low perceived resource scarcity, a common threat did not significantly influence patriotism. The role of socioeconomic status was also examined. The results indicated that under conditions of high perceived resource scarcity, individuals of low socioeconomic status, compared with those of high socioeconomic status, exhibited stronger patriotism when facing common threats. This finding provides a reference for uniting hearts and minds as well as for the effective crisis response of the state.

ABSTRACT The article accounts for the paradiplomatic interactions between the Democratic Union Party (PYD) in Syria and the Kurdistan Democratic Party (KDP) in Iraq and the broader political context that shaped their relations. Paradiplomacy refers to sub‐state or semi‐independent actors' foreign policy conduct in the international arena. Both parties engaged in international relations independent of their central governments and utilized proto‐diplomacy to secure external legitimacy and support, advancing Kurdish interests in line with their quest for independence. The Syrian conflict enabled the rise of a de facto autonomous Kurdish territorial entity in Northern Syria (Rojava), thereby creating a new situation in the Kurdish movement by challenging the KDP's political and cultural leadership on pan‐Kurdish issues established in the 2000s. By 2013, the PYD had gained prominence in Rojava, representing a considerably differing ideological and political agenda on the Kurdish question from the KDP. The contest between these actors intensified since the Iraqi Kurdish leadership could not significantly influence the Northern Syrian political sphere. The article illustrates how the KDP and PYD, despite their rivalry, occasionally cooperate against common external threats such as the Islamic State, even as they competed for political and military dominance within the broader Kurdish nationalist movement.

Masquerade and replay attacks on avatars pose critical threats to user privacy and trust in the emerging metaverse. Existing blockchain or decentralized identity (DID) approaches provide auditability but still struggle with unlinkability and lightweight implementation. This paper introduces a privacy-preserving avatar authentication scheme that anchors each user’s identity to a first-image commitment, derived from visual features and a random nonce through a fuzzy extractor (FE). Under the Real-or-Random (ROR) model, we formally prove that the protocol mitigates a range of common threats and simultaneously provides mutual authentication, forward secrecy, and user anonymity. The practicality of the proposed scheme is demonstrated through a head-mounted device–to–server prototype. The average session cost is approximately 21.08 ms, representing a 79.38%–89.58% improvement in computational efficiency over several state-of-the-art blockchain-assisted metaverse authentication schemes. Meanwhile, the corrected communication overhead is around 1.3 Kbits, yielding an 8.89%–43.83% reduction compared with existing counterparts. These results indicate that first-image commitments, combined with blockchain auditability, offer an efficient and privacy-preserving foundation for trustworthy avatar interactions in immersive environments, paving the way toward secure and user-centric metaverse ecosystems.

Phishing is a common cyber security threat in which attackers attempt to deceive users into disclosing personal information such as passwords, credit card numbers, and other sensitive data. With the rapid advancement of technology, phishing techniques have become increasingly sophisticated and harder to detect using traditional methods. Therefore, it is essential to develop detection techniques capable of identifying phishing websites with high accuracy. This study aims to optimize phishing detection performance by integrating variable correlation analysis for feature selection and applying imbalanced learning techniques to address data imbalance. The research stages include Data Collection, Data Preprocessing, and Data Exploration, which involve correlation analysis, removal of low-correlation features, and data visualization. In the Model Building and Training phase, the dataset is split into features and labels, followed by training and the application of data balancing techniques, ending with Model Evaluation. The evaluated algorithms include Logistic Regression, Naive Bayes, K-Nearest Neighbors (KNN), Support Vector Machine (SVM), Multi-Layer Perceptron, Decision Tree, Random Forest, Gradient Boosting, and CatBoost. The results show that the KNN algorithm delivers the best performance, achieving an accuracy of 91.25% and optimal scores in Precision (0.906943), Recall (0.927858), and F1-Score (0.922141), along with the lowest Hamming Loss at 0.0875. In contrast, the SVM algorithm recorded the lowest performance among the tested models. The implementation of this method is expected to contribute to the development of more reliable and accurate phishing detection systems in the future.

Phishing websites are one of the most common cyber threats, designed to trick users into revealing sensitive information such as usernames, passwords, and banking details. Traditional phishing detection methods like blacklists and rule-based systems are often ineffective against newly created and sophisticated phishing websites. To overcome these limitations, this project proposes a machine learning-based phishing website detection system that automatically classifies websites as legitimate or phishing. The system extracts important URL-based and domain-based features such as URL length, presence of special characters, SSL certificate status, and domain age. Machine learning algorithms including Decision Tree, Random Forest, Logistic Regression, and Support Vector Machine are trained and evaluated using real-world datasets. The trained model is integrated with a browser-based interface to provide real-time detection and user alerts. Experimental results show that the proposed system achieves high accuracy and effectively detects phishing websites, thereby enhancing user safety and reducing the risk of online fraud.

Families in high-density urban settings often experience elevated conflict, yet the role of nearby outdoor spaces in shaping these dynamics is underexplored. We examined whether frequent visits to approachable outdoor spaces—defined as within a 5-minute walk and perceived safe from common threats—buffer the link between household crowding and family conflict. Survey data were collected from 142 married women with children living in higher-income apartments in the Mumbai Metropolitan Region, India. Participants reported household density, perceived proximity and safety of urban outdoor spaces, perceived frequency of visits, and perceived family conflict, along with household composition and psychological distress. Zero-order correlations showed perceived approachability, but not frequency of visits, was associated with conflict. Moderated regression analyses indicated more frequent visits only to highly approachable (versus less approachable) outdoor spaces were linked with lower conflict. Findings underscore that usability—particularly proximity and safety—matters when evaluating outdoor environments as supports for families in dense cities.

Aim: This study examines the role of Privileged Access Management (PAM) in protecting high-risk accounts that possess administrative, service, and root-level access within enterprise IT environments. Methods: The research employs a secondary qualitative analysis of existing literature, industry reports, regulatory guidance, and documented cybersecurity incidents. It evaluates common threat patterns targeting privileged accounts. This includes credential theft, session hijacking, insider misuse, privilege escalation, and lateral movement. The study further examines core PAM security mechanisms such as credential vaulting, session monitoring, behavioral analytics, and just-in-time (JIT) access provisioning. Real-world breach cases from the financial services and critical infrastructure sectors are reviewed to contextualize risks and control failures. Emerging risks in hybrid cloud architectures and DevOps pipelines are also assessed, particularly regarding the proliferation of secrets and expanded attack surfaces. Results: The analysis confirms that privileged accounts remain primary targets in sophisticated cyberattacks due to their elevated system authority and broad access scope. Weak credential management, excessive standing privileges, and inadequate monitoring significantly increase exposure to compromise. Effective PAM implementations rely on centralized credential vaulting, continuous session oversight, adaptive behavioral monitoring, and time-bound privilege allocation to minimize attack windows. Also, hybrid cloud environments and automated DevOps workflows introduce additional complexity, as machine identities, API keys, and embedded secrets multiply potential attack vectors. Organizations lacking mature PAM governance models face elevated risks of credential abuse and undetected privilege escalation. Breach case analyses demonstrate that inadequate privileged access controls often contribute directly to large-scale operational and financial damage. Conclusion: Privileged Access Management is a foundational cybersecurity control for reducing enterprise attack surfaces and mitigating high-impact breaches. Recommendation: Organizations should adopt comprehensive PAM frameworks that integrate credential vaulting, session monitoring, behavioral analytics, and just-in-time access controls within a unified governance model.

Organisms face numerous biotic and abiotic threats. Behavioural responses to these threats impact individual fitness and often affect population, community and ecosystem outcomes. Although animals face diverse threats, most studies on behavioural responses to danger have focused on responses to either predators or humans. Relatively few have tested for consistent individual differences (CIDs) in response to other common threats (e.g. pathogens, chemical stressors, fire). If behavioural responses to different threats are correlated (i.e. if individuals exhibit fear generalization), this could connect disparate sources of mortality otherwise treated as separate. Despite its potential significance, no studies to date have examined fear generalization in ecological contexts. Here, we assayed behavioural responses of wolf spiders (Schizocosa maxima) to cues associated with predation, fire and pesticide. We provide the first study to quantify CIDs in response to smoke and one of few to document CIDs in response to pesticide. We then document among-individual correlations in behavioural responses to these threats; i.e. fear generalization. We found evidence for across-threat correlations in both the magnitude of response and the type of response (e.g. flee or freeze). These novel results have important implications for the ecological consequences of animal behaviour in the Anthropocene.

The article considers the problem of ensuring information security in credit and financial institutions using a firewall. It is noted that existing methods and means of protection cannot sufficiently counter the constantly evolving cyber threats, and therefore many studies in the field of information security are aimed at finding new methods that can improve the effectiveness of the measures applied. The article analyzes the most common information security threats, provides statistics on incidents related to the use of malware, which remains the main tool of intruders. Also, an analysis of the main problems of ensuring information security is provided using the example of a typical model of remote banking services (RBS). It is noted that the effective operation of the firewall, which is used to protect information in the RBS system, is possible only if a complete, correct and consistent set of rules is specified. The purpose of this article is to develop a method for formal verification of the rules of operation of a firewall to ensure information security in credit and financial institutions. An example of the transition from a verbal description of a set of rules to formal logic and software implementation of code in Python using the Z3 library is given. Recommendations for the application of the developed method in credit and financial institutions are provided. It is concluded that in credit and financial institutions with complex network information systems and numerous security rules, a formal description of these rules must be included during the development stage to enable automated consistency testing using SMT solvers. The developed method addresses this challenge.

Phishing attacks represent one of the most common and damaging cyber threats, with techniques continuously evolving to become more sophisticated and harder to detect. One of the latest evasion methods of concern is the use of Zero-Width Characters (ZWC)—invisible Unicode Characters inserted into URLs to deceive traditional detection systems and human visual perception. This research aims to develop and evaluate an effective and reliable machine learning model to detect phishing URLs that have been obfuscated using ZWC. The eXtreme Gradient Boosting (XGBoost) algorithm was chosen for its proven superiority in handling complex data and its performance optimization capabilities. This study utilized a public dataset from Kaggle consisting of 11,430 URL samples, which was then modified through a feature engineering process. Specifically, 50% of the phishing URLs were injected with one of five types of ZWC (ZWSP, ZWNJ, ZWJ, RLM, LRM), and a dedicated binary feature was created to flag the presence of these Characters. Initial training revealed signs of minor overfitting. Consequently, a hyperparameter tuning process was conducted by adjusting the max_depth and min_child_weight parameters to create a more robust model. The final model was evaluated on 20% of the test data and demonstrated exceptionally high performance, achieving an Accuracy of 97.24%, Precision of 97.03%, Recall of 97.37%, and an AUC score of 0.9972. The high Recall value is particularly crucial, proving the model's reliability in minimizing the risk of missed threats. This research successfully proves that an XGBoost-based approach with targeted feature engineering can be an effective solution against advanced phishing attacks.