Advertisement
Cybersecurity
Subscribe to Cybersecurity

The Lead

UAlbany to Host Data Breach Research Laboratory

November 26, 2014 8:35 am | News | Comments

The University at Albany School of Business has been selected to host a research laboratory designed to improve exploration into cyber security and incident response. Computer forensic leader, The ARC Group of New York (ARC), has donated software and services valued at more than a half million dollars to support this critical endeavor.

Hacking Down for the Holidays

November 26, 2014 8:19 am | News | Comments

The holiday sales season and the online crush that accompanies it might seem a natural field day...

Cybersecurity Myths

November 25, 2014 6:52 am | News | Comments

Despite the ongoing media commentary and “best practices” memos, consultant Adam Epstein...

Project Targets Automotive Vulnerabilities

November 25, 2014 5:32 am | by Justin Pritchard, Associated Press | News | Comments

White hat hackers have demonstrated that they could create the electronic equivalent of a...

View Sample

SUBSCRIBE TO FREE DFI News EMAIL NEWSLETTER

Competition Battles Fingerprint and Iris Spoofing

November 25, 2014 5:16 am | News | Comments

A competition that challenges academic and private institutions to present solutions to fingerprint or iris spoofing is set to hold its fourth edition, with organisers saying it will play a “crucial” role in evaluating the current state of the technology.  

Locked Shields is among the world’s preeminent cyberattack simulations. For two days, international teams of hackers and system admins play both sides of a war game, simultaneously attacking and defending critical infrastructure. The details are realistic

Government Vulnerable to Hackers

November 24, 2014 5:35 am | News | Comments

Even though there have been at least two dozen mass breaches of government computer systems since 2013, many federal agencies continue to have a lax culture and poor security provisions to repel the growing threat from hackers and cyberattacking states such as Russia, Iran and China, internal investigative reports show. 

Mixing upper and lower case letters, numbers and special characters doesn’t make passwords any harder for hackers to crack, only increasing the number of characters does, according to new research from Trustwave.

The Secret Life of Passwords

November 24, 2014 4:13 am | by Editor | Blogs | Comments

Yes, I understand why passwords are universally despised: the strains they put on our memory, the endless demand to update them, their sheer number. I hate them, too. But there is more to passwords than their annoyance. In our authorship of them, in the fact that we construct them so that we (and only we) will remember them, they take on secret lives.

Advertisement
GFI Software released the findings of an independent study into how workers use company provided computers and laptops for personal activities, and the direct impact that personal use can have on the organization.

Using Company Devices for Personal Activities Leads to Data Loss

November 21, 2014 11:55 am | News | Comments

GFI Software released the findings of an independent study into how workers use company provided computers and laptops for personal activities, and the direct impact that personal use can have on the organization.           

It’s not a newsflash that laptops’ webcams can be hacked, allowing remote eyes to peer out at unsuspecting users on the other end. But the news that hundreds of feeds from baby monitors, CCTV cameras and webcams from UK homes and businesses have been hack

Russians Spy on UK Baby Monitor, CCTV and Webcam Feeds

November 21, 2014 11:28 am | by Tara Seals, Infosecurity Magazine | News | Comments

It’s not a newsflash that laptops’ webcams can be hacked, allowing remote eyes to peer out at unsuspecting users on the other end. But the news that hundreds of feeds from baby monitors, CCTV cameras and webcams from UK homes and businesses have been hacked and uploaded onto a Russian website takes things to a whole new level of creepy.

China and "one or two" other countries are capable of mounting cyber attacks that would shut down the electric grid and other critical systems in parts of the United States, according to Adm. Michael Rogers, director of the National Security Agency and he

NSA Director Warns China Can Damage US Infrastructure

November 21, 2014 11:10 am | by Ken Dilanian, Associated Press | News | Comments

China and "one or two" other countries are capable of mounting cyber attacks that would shut down the electric grid and other critical systems in parts of the United States, according to Adm. Michael Rogers, director of the National Security Agency and head of U.S. Cyber Command.

It’s by no means complete yet, but the transition to a mobile IT environment in government is well established. Parallel with that, however, is the expectation that mobile communications will be able to deliver all that society expects in the way of seaml

5G Will Power Network of the Future

November 20, 2014 12:28 pm | by Brian Robinson, GCN | News | Comments

It’s by no means complete yet, but the transition to a mobile IT environment in government is well established. Parallel with that, however, is the expectation that mobile communications will be able to deliver all that society expects in the way of seamless audio, video streaming and fast transfer of multi-megabyte data files.  

Leading prosecutors in New York and London police plan to embed staff in each others’ offices, officials say, increasing transatlantic collaboration in an effort to combat cybercrime.

London Police and NYC Prosecutors to Swap Staff in Cybercrime Fight

November 20, 2014 12:08 pm | by Sam Frizell, Time | News | Comments

Leading prosecutors in New York and London police plan to embed staff in each others’ offices, officials say, increasing transatlantic collaboration in an effort to combat cyber crime.                   

Advertisement
Leading Democrats in both houses of Congress sent letters to 16 major banks and other financial firms requesting detailed information about recent data breaches and briefings from corporate data security officials.

House, Senate Democrats Seek Details on Data Breaches

November 19, 2014 9:57 am | by Reuters | News | Comments

Leading Democrats in both houses of Congress sent letters to 16 major banks and other financial firms requesting detailed information about recent data breaches and briefings from corporate data security officials.          

MIT has received $15 million in funding from the William and Flora Hewlett Foundation to establish an initiative aimed at laying the foundations for a smart, sustainable cybersecurity policy to deal with the growing cyber threats faced by governments, bus

Foundation Funds New Initiative on Cybersecurity Policy

November 19, 2014 8:41 am | by MIT | News | Comments

MIT has received $15 million in funding from the William and Flora Hewlett Foundation to establish an initiative aimed at laying the foundations for a smart, sustainable cybersecurity policy to deal with the growing cyber threats faced by governments, businesses, and individuals.

Time is not your friend when your information systems are under cyber attack, but sharing threat information before, during, and after an attack with a trusted group of peers can help. NIST has prepared a Guide to Cyber Threat Information Sharing that pro

NIST Wants to Help You Share

November 18, 2014 10:01 am | by NIST | News | Comments

Time is not your friend when your information systems are under cyber attack, but sharing threat information before, during, and after an attack with a trusted group of peers can help. NIST has prepared a Guide to Cyber Threat Information Sharing that provides organizations with the key practices they need to consider when planning, implementing and maintaining information sharing relationships.

For years the government has refused to talk about or even acknowledge its secret use of zero-day software vulnerabilities to hack into the computers of adversaries and criminal suspects. This year, however, the Obama administration finally acknowledged t

US Gov Insists It Doesn't Stockpile Zero-day Exploits

November 17, 2014 12:16 pm | by Kim Zetter, Wired | News | Comments

For years the government has refused to talk about or even acknowledge its secret use of zero-day software vulnerabilities to hack into the computers of adversaries and criminal suspects. This year, however, the Obama administration finally acknowledged that the NSA and law enforcement agencies sometimes keep information about software vulnerabilities secret so the government can exploit them for purposes of surveillance and sabotage.

Over half of senior IT and HR professionals would consider hiring former hackers in a bid to overcome crippling cybersecurity skills gaps and shortages, according to new research from consultancy KPMG.

Firms Would Hire Ex-cons as Cybersecurity Pros

November 17, 2014 11:28 am | by Phil Muncaster, Infosecurity Magazine | News | Comments

Over half of senior IT and HR professionals would consider hiring former hackers in a bid to overcome crippling cybersecurity skills gaps and shortages, according to new research from consultancy KPMG.             

Advertisement
The State Department has taken the unprecedented step of shutting down its entire unclassified email system as technicians repair possible damage from a suspected hacker attack.

State Dept Hacked, Email Shut Down

November 17, 2014 10:57 am | by Matthew Lee, Associated Press | News | Comments

The State Department has taken the unprecedented step of shutting down its entire unclassified email system as technicians repair possible damage from a suspected hacker attack. A senior department official said Sunday that "activity of concern" was detected in the system around the same time as a previously reported incident that targeted the White House computer network. 

Despite its reticence over everything Snowden, GCHQ has been awfully proud of its work with academia over the last year. Though it has always worked closely with universities, the Cheltenham-based spy agency has given its backing to various government ini

Cyber security: Do the experts need letters after their name?

November 17, 2014 10:47 am | by Tom Brewster | Blogs | Comments

Despite its reticence over everything Snowden, GCHQ has been awfully proud of its work with academia over the last year. Though it has always worked closely with universities, the Cheltenham-based spy agency has given its backing to various government initiatives designed to give a fillip to British cybersecurity wannabes and graduates.

The National Institute of Standards and Technology is readying guidance to help agencies evaluate commercial mobile applications that agency workers might use on government-issued devices or personal apps that access government networks.

NIST Drafts Guide for Checking Apps Used at Work

November 14, 2014 10:29 am | by Stephanie Kanowitz, GCN | News | Comments

The National Institute of Standards and Technology is readying guidance to help agencies evaluate commercial mobile applications that agency workers might use on government-issued devices or personal apps that access government networks.   

The Justice Department is collecting data from thousands of cellphones through high-tech gear deployed on airplanes that mimics communications towers, The Wall Street Journal has reported.

Planes Gather Cellphone Data to Find Criminals

November 14, 2014 10:11 am | by Associated Press | News | Comments

The Justice Department is collecting data from thousands of cellphones through high-tech gear deployed on airplanes that mimics communications towers, The Wall Street Journal has reported.               

To all outward appearances, Endgame Inc. looks like the typical young tech startup. It is anything but. Endgame is one of the leading players in the global cyber arms business. Among other things, it compiles and sells zero day information to governments

The Mercenaries

November 13, 2014 11:25 am | by Shane Harris | Blogs | Comments

To all outward appearances, Endgame Inc. looks like the typical young tech startup. It is anything but. Endgame is one of the leading players in the global cyber arms business. Among other things, it compiles and sells zero day information to governments and corporations.

The U.S. agency that operates the National Weather Service said on Wednesday four of its websites were hacked in recent weeks, becoming the latest federal agency to fall victim to a cyber attack.

US Weather Agency Reports Cyber Attacks on Four Websites

November 13, 2014 8:24 am | by Reuters | News | Comments

The U.S. agency that operates the National Weather Service said on Wednesday four of its websites were hacked in recent weeks, becoming the latest federal agency to fall victim to a cyber attack.               

Security is a combination of protection, detection, and response. It's taken the industry a long time to get to this point, though. The 1990s was the era of protection. Our industry was full of products that would protect your computers and network. By 20

The Future of Incident Response

November 12, 2014 9:19 am | by Bruce Schneier | Blogs | Comments

Security is a combination of protection, detection, and response. It's taken the industry a long time to get to this point, though. The 1990s was the era of protection. Our industry was full of products that would protect your computers and network. By 2000, we realized that detection needed to be formalized as well, and the industry was full of detection products and services. This decade is one of response.

Ground zero in the nation's fight against cyber crime hides in plain sight, in a nondescript suburban office building with no government seals or signs.

US Cyber Response Comes from Suburban Office Parks

November 11, 2014 9:58 am | by Martha Mendoza, Associated Press | News | Comments

Ground zero in the nation's fight against cyber crime hides in plain sight, in a nondescript suburban office building with no government seals or signs.                           

A detailed analysis by cybersecurity experts from the University of Maryland found that website administrators nationwide tasked with patching security holes exploited by the Heartbleed bug may not have done enough.

Researchers Discover Lapses in Heartbleed Bug Fix

November 10, 2014 10:03 am | by University of Maryland | News | Comments

A detailed analysis by cybersecurity experts from the University of Maryland found that website administrators nationwide tasked with patching security holes exploited by the Heartbleed bug may not have done enough.          

Routine, unsanctioned file sharing among employees has put organizations at risk equal to or greater than the dangers posed by direct data theft, according to research.

Whose file sharing tools are leaking data?

November 6, 2014 12:11 pm | by GCN | News | Comments

Routine, unsanctioned file sharing among employees has put organizations at risk equal to or greater than the dangers posed by direct data theft, according to research.                       

Many companies offer "secure messaging" products — but how can users know if these systems actually secure? The Electronic Frontier Foundation has released its Secure Messaging Scorecard, evaluating dozens of messaging technologies on a range of security

Which Messaging Technologies are Truly Safe and Secure?

November 5, 2014 9:34 am | by EFF | News | Comments

Many companies offer "secure messaging" products — but how can users know if these systems actually secure? The Electronic Frontier Foundation has released its Secure Messaging Scorecard, evaluating dozens of messaging technologies on a range of security best practices.

Wired and Forbes reported recently that the two largest cellphone carriers in the United States, Verizon and AT&T, are adding the tracking number to their subscribers' Internet activity, even when users opt out.

Somebody's Already Using Verizon's ID to Track Users

November 4, 2014 10:43 am | by Julia Angwin and Jeff Larson, ProPublica | News | Comments

Wired and Forbes reported recently that the two largest cellphone carriers in the United States, Verizon and AT&T, are adding the tracking number to their subscribers' Internet activity, even when users opt out.     

X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading