Advertisement
Cybersecurity
Subscribe to Cybersecurity

The Lead

Justice Department Expands Fight Against Cybercrime

October 22, 2014 11:08 am | News | Comments

The Justice Department is expanding its National Security division to take on threats to the country from state-sponsored economic espionage and cybercrime, assistant attorney general for national security John Carlin said Tuesday.

Cost of Cybercrime on the Rise

October 21, 2014 6:57 am | News | Comments

According to the 2014 Cost of Cyber Crime Study, the average annualized cost of cybercrime...

Connected Cars Tough Fight with Cyber Crime

October 15, 2014 12:23 pm | by Jai Vijayan, Information Week | News | Comments

The sophisticated electronic components that are making modern cars safer, greener, and...

Hackers Manipulated as Advanced Threat Response

October 15, 2014 11:09 am | by Eric Chabrow, Gov Info Security | News | Comments

In an interview with ISMG, Garet Moravec, an independent security consultant, offers a...

View Sample

SUBSCRIBE TO FREE DFI News EMAIL NEWSLETTER

It's not just big businesses like JPMorgan Chase, Target and Home Depot that get hacked. Small companies suffer from intrusions into their computer systems, too.

Hacking a Big Danger for Small Businesses

October 14, 2014 10:34 am | by Joyce Rosenberg, Associated Press | News | Comments

It's not just big businesses like JPMorgan Chase, Target and Home Depot that get hacked. Small companies suffer from intrusions into their computer systems, too.                         

Another day, another breach, and more credit cards are on the open market. I’m not sure what the thieves are going to be doing with the credit cards at this point but let’s take a look at where we are going and take a moment to reflect on what we’re doing

Strategic Incident Response to Increase Information Security after Breaches

October 13, 2014 11:10 am | by Samuel Liles | Blogs | Comments

Another day, another breach, and more credit cards are on the open market. I’m not sure what the thieves are going to be doing with the credit cards at this point but let’s take a look at where we are going and take a moment to reflect on what we’re doing here in infosec land.

A little-known Department of Homeland Security program for providing liability protection to US firms in the wake of terrorist or other attacks could also provide shelter for firms facing legal action in the wake of a cyber attack.

DHS Anti-Terrorism Program Could Provide Cyberattack Liability Protection

October 9, 2014 12:29 pm | by Kelly Jackson Higgins | Blogs | Comments

A little-known Department of Homeland Security program for providing liability protection to US firms in the wake of terrorist or other attacks could also provide shelter for firms facing legal action in the wake of a cyber attack.     

Advertisement
If we have learned anything about payment technology over the past decade, it’s that there will always be a new technology or a new scheme that will be championed as a way to reduce the growing rise of payment card fraud.

Tokenization: 6 Reasons the Card Industry Should be Wary

October 8, 2014 9:58 am | by Pat Carroll | Blogs | Comments

If we have learned anything about payment technology over the past decade, it’s that there will always be a new technology or a new scheme that will be championed as a way to reduce the growing rise of payment card fraud.        

Former U.S. Homeland Security secretary Tom Ridge has launched a cyber crime insurance product in collaboration with syndicates operating at the Lloyd's of London insurance market, Ridge's new insurance firm says.

Former US Security Chief Launches Cybercrime Insurance

October 7, 2014 11:42 am | by Reuters | News | Comments

Former U.S. Homeland Security secretary Tom Ridge has launched a cyber crime insurance product in collaboration with syndicates operating at the Lloyd's of London insurance market, Ridge's new insurance firm says.           

The city has scuttled an outdoor media company's project slated to install in payphone booths thousands of transmitters that could track people's movements by sending signals to their smartphones.

New York Cancels Phone Booth Transmitter Program

October 7, 2014 10:28 am | by Jonathan Lemire, Associated Press | News | Comments

The city has scuttled an outdoor media company's project slated to install in payphone booths thousands of transmitters that could track people's movements by sending signals to their smartphones. Titan, which sells ad space in more than 5,000 phone kiosks, had received approval from the city to place the transmitters, known as beacons, in the booths, and 500 had already been installed around Manhattan.

Cybersecurity breaches such as those at Target, Home Depot, and JPMorgan Chase are expensive and embarrassing. While attacks may come from outside hackers, the FBI recently issued a warning that internal hacking from current and former employees poses the

Underpaid Employees are a Cybersecurity Risk

October 6, 2014 11:29 am | by Allison Schrager, Bloomberg Businessweek | News | Comments

Cybersecurity breaches such as those at Target, Home Depot, and JPMorgan Chase are expensive and embarrassing. While attacks may come from outside hackers, the FBI recently issued a warning that internal hacking from current and former employees poses the biggest threat — and is on the rise. 

The National Institute of Standards and Technology (NIST) has published its NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 3.0, a document that reflects advances in smart grid technologies and developments from NIST’s collab

NIST Releases Final Version of Smart Grid Framework, Update 3.0

October 2, 2014 9:25 am | by NIST | News | Comments

The National Institute of Standards and Technology (NIST) has published its NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 3.0, a document that reflects advances in smart grid technologies and developments from NIST’s collaborative work with industry stakeholders. Revisions to its guidelines for smart grid cybersecurity are available as well.

Advertisement
Days after GM announced the appointment of a chief security officer, automotive cybersecurity has gotten another boost with a $4 million Series A funding shot for car-focused Argus Cyber Security.

Investors Drive into Car Cybersecurity

September 30, 2014 10:06 am | by Tara Seals, Infosecurity Magazine | News | Comments

Days after GM announced the appointment of a chief security officer, automotive cybersecurity has gotten another boost with a $4 million Series A funding shot for car-focused Argus Cyber Security.               

Organized Crime Opting for Hidden Internet Service Industry

September 29, 2014 9:51 am | by Europol | News | Comments

The 2014 iOCTA (Internet Organised Crime Threat Assessment), published by Europol's European Cybercrime Centre (EC3), describes an increased commercialization of cyber crime. A service-based criminal industry is developing, in which specialists in the virtual underground economy develop products and services for use by other criminals. 

NIST Awards Contract to MITRE to Support Cybersecurity Center of Excellence

September 25, 2014 8:16 am | by NIST | News | Comments

The U.S. Commerce Department’s National Institute of Standards and Technology has awarded a contract to operate its first Federally Funded Research and Development Center, which will support the National Cybersecurity Center of Excellence.   

In a big step for securing critical information systems, such as medical records in clinical settings, Dartmouth College researchers have created a new approach to computer security that authenticates users continuously while they are using a terminal and

ZEBRA Bracelet Strengthens Computer Security

September 23, 2014 10:40 am | by Dartmouth College | News | Comments

In a big step for securing critical information systems, such as medical records in clinical settings, researchers have created a new approach to computer security that authenticates users continuously while they are using a terminal and automatically logs them out when they leave or when someone else steps in to use their terminal.

After a security incident is detected tremendous resources are spent in the forensic investigation trying to figure out what exactly happened and what data, if any, was compromised. If the forensic investigation doesn’t yield definitive results fairly qui

Avoid Wasting Time During a Breach Investigation

September 23, 2014 10:08 am | by Rekha Shenoy, Tripwire | News | Comments

After a security incident is detected tremendous resources are spent in the forensic investigation trying to figure out what exactly happened and what data, if any, was compromised. If the forensic investigation doesn’t yield definitive results fairly quickly the organization is left with no choice but to assume the worst.

Advertisement

Book Excerpt: Checklist: Building a Penetration Testing Lab

September 23, 2014 6:06 am | by Bruce Middleton | CRC Press/Taylor & Francis Group LLC | Articles | Comments

This checklist can help you to build a penetration testing lab. To successfully set up your lab will require attention to detail, redundancy, and a littel bit of paranoia.                   

It has been a brutal season for data breaches, from the wholesale theft of customer records numbering in the billions to the exposure of naughty celebrity pictures. More significant to agencies is the case that cost US Investigations Services (USIS) a con

Passwords vs. Biometrics

September 22, 2014 10:56 am | by William Jackson | Blogs | Comments

It has been a brutal season for data breaches, from the wholesale theft of customer records numbering in the billions to the exposure of naughty celebrity pictures. More significant to agencies is the case that cost US Investigations Services (USIS) a contract to perform government background checks.  

 The risks were clear to computer experts inside Home Depot: The home improvement chain, they warned for years, might be easy prey for hackers.

Former Cybersecurity Staff Say Home Depot Left Data Vulnerable

September 22, 2014 10:46 am | by Julie Creswell and Nicole Perlroth, The New York Times | News | Comments

The risks were clear to computer experts inside Home Depot: The home improvement chain, they warned for years, might be easy prey for hackers.                               

Researchers at Missouri University of Science and Technology are working to combat threats to cybersecurity by training the next generation of experts in the field. With a $3 million grant from the National Science Foundation, Missouri S&T’s computer scie

Missouri S&T Receives $3M from NSF to Train Cybersecurity Experts

September 19, 2014 8:24 am | by Peter Ehrhard, Missouri S&T | News | Comments

Researchers at Missouri University of Science and Technology are working to combat threats to cybersecurity by training the next generation of experts in the field. With a $3 million grant from the National Science Foundation, Missouri S&T’s computer science department will fund approximately 16 “Scholarship for Service” master of science and Ph.D. students, who will specialize in cybersecurity.

Governments around the world are demanding increasingly larger amounts of user data from Google, according to the company’s latest Transparency Report.

New Google Transparency Report Details Hike in Government User Data Requests

September 17, 2014 12:23 pm | by Lee Munson | Blogs | Comments

Governments around the world are demanding increasingly larger amounts of user data from Google, according to the company’s latest Transparency Report.                            

Security of IT networks is continually being improved to protect against   malicious hackers. Yet when IT networks interface with infrastructures such   as water and electric systems to provide monitoring and control capabilities,   they often introduce n

Protecting Infrastructure with Smarter Cyber-Physical Systems

September 16, 2014 11:23 am | by Eric Brown, MIT | News | Comments

Security of IT networks is continually being improved to protect against malicious hackers. Yet when IT networks interface with infrastructures such as water and electric systems to provide monitoring and control capabilities, they often introduce new vulnerabilities that increase the risks of service disruptions.

Security researchers are telling a story of Internet of Things (IoT) Doom, but it might not be exactly the doom you expect: Last week at 44Con in London, a researcher showed off a hack of a vulnerability in a Canon Pixma printer that made it possible to r

Internet of Things Devices are Doomed

September 16, 2014 11:05 am | by Ericka Chickowski | Blogs | Comments

Security researchers are telling a story of Internet of Things (IoT) Doom, but it might not be exactly the doom you expect: Last week at 44Con in London, a researcher showed off a hack of a vulnerability in a Canon Pixma printer that made it possible to remotely modify the printer's firmware so that its LED indicator screen could run the classic first-person-shooter game, Doom.

A small cybersecurity firm claimed this summer to have uncovered a scam by Russian Internet thieves to amass a mountain of stolen information from420,000 Web and FTP sites. Although a New York Times story lent credibility to the claims, some observers que

Crime Ring Revelation Exposes Cybersecurity Conflict of Interest

September 16, 2014 8:26 am | by Erik Schechter, Scientific American | News | Comments

A small cybersecurity firm claimed this summer to have uncovered a scam by Russian Internet thieves to amass a mountain of stolen information from 420,000 Web and FTP sites. Although a New York Times story lent credibility to the claims, some observers question whether the cybersecurity vendor’s big reveal was more of a publicity stunt than a public service. 

In light of one high profile "hack," is it fair to primarily blame Apple's current security setup? Is it really that easy to penetrate these defenses? In the name of security, we did a little testing using family members as guinea pigs. To demonstrate jus

How easy is it to mine Apple services, devices for data?

September 11, 2014 10:13 am | by Sean Gallagher, Ars Technica | News | Comments

In light of one high profile "hack," is it fair to primarily blame Apple's current security setup? Is it really that easy to penetrate these defenses? In the name of security, we did a little testing using family members as guinea pigs. To demonstrate just how much private information on an iPhone can be currently pulled from iCloud and other sources, we enlisted the help of a pair of software tools from Elcomsoft. 

Through the Department of Homeland Security’s Transition to Practice (TTP) program, cybersecurity technologies developed at Sandia National Laboratories — and at other federal labs — now stand a better chance of finding their way into the real world.

Cyber Testing Contributes to DHS Transition to Practice

September 11, 2014 8:17 am | by Sandia National Laboratories | News | Comments

Through the Department of Homeland Security’s Transition to Practice (TTP) program, cybersecurity technologies developed at Sandia National Laboratories — and at other federal labs — now stand a better chance of finding their way into the real world.

Device and data security will assume critical significance for companies adopting a bring you own device (BYOD) policy, especially with nearly 50 percent of companies having reported lost mobile handsets in the last year. According to IT services speciali

BYOD Policy Helps Avoid Major Security Breaches

September 3, 2014 11:57 am | by ITC Infotech | News | Comments

Device and data security will assume critical significance for companies adopting a bring you own device (BYOD) policy, especially with nearly 50 percent of companies having reported lost mobile handsets in the last year. According to IT services specialist ITC Infotech, lack of a stringent BYOD policy can lead to the risk of a major security breach.

When President Obama meets with other NATO leaders later this week, they are expected to ratify what seems, at first glance, a far-reaching change in the organization’s mission of collective defense: For the first time, a cyber attack on any of the 28 NAT

NATO Set to Pledge Joint Defense over Cyber Threats

September 3, 2014 11:22 am | by David Sanger, The New York Times | News | Comments

When President Obama meets with other NATO leaders later this week, they are expected to ratify what seems, at first glance, a far-reaching change in the organization’s mission of collective defense: For the first time, a cyber attack on any of the 28 NATO nations could be declared an attack on all of them, much like a ground invasion or an airborne bombing.

X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading