Advertisement
Cybersecurity
Subscribe to Cybersecurity

The Lead

Researchers at Missouri University of Science and Technology are working to combat threats to cybersecurity by training the next generation of experts in the field. With a $3 million grant from the National Science Foundation, Missouri S&T’s computer scie

Missouri S&T Receives $3M from NSF to Train Cybersecurity Experts

September 19, 2014 8:24 am | by Peter Ehrhard, Missouri S&T | News | Comments

Researchers at Missouri University of Science and Technology are working to combat threats to cybersecurity by training the next generation of experts in the field. With a $3 million grant from the National Science Foundation, Missouri S&T’s computer science department will fund approximately 16 “Scholarship for Service” master of science and Ph.D. students, who will specialize in cybersecurity.

New Google Transparency Report Details Hike in Government User Data Requests

September 17, 2014 12:23 pm | by Lee Munson | Blogs | Comments

Governments around the world are demanding increasingly larger amounts of user data from Google...

Protecting Infrastructure with Smarter Cyber-Physical Systems

September 16, 2014 11:23 am | by Eric Brown, MIT | News | Comments

Security of IT networks is continually being improved to protect against malicious hackers...

Internet of Things Devices are Doomed

September 16, 2014 11:05 am | by Ericka Chickowski | Blogs | Comments

Security researchers are telling a story of Internet of Things (IoT) Doom, but it might...

View Sample

SUBSCRIBE TO FREE DFI News EMAIL NEWSLETTER

A small cybersecurity firm claimed this summer to have uncovered a scam by Russian Internet thieves to amass a mountain of stolen information from420,000 Web and FTP sites. Although a New York Times story lent credibility to the claims, some observers que

Crime Ring Revelation Exposes Cybersecurity Conflict of Interest

September 16, 2014 8:26 am | by Erik Schechter, Scientific American | News | Comments

A small cybersecurity firm claimed this summer to have uncovered a scam by Russian Internet thieves to amass a mountain of stolen information from 420,000 Web and FTP sites. Although a New York Times story lent credibility to the claims, some observers question whether the cybersecurity vendor’s big reveal was more of a publicity stunt than a public service. 

In light of one high profile "hack," is it fair to primarily blame Apple's current security setup? Is it really that easy to penetrate these defenses? In the name of security, we did a little testing using family members as guinea pigs. To demonstrate jus

How easy is it to mine Apple services, devices for data?

September 11, 2014 10:13 am | by Sean Gallagher, Ars Technica | News | Comments

In light of one high profile "hack," is it fair to primarily blame Apple's current security setup? Is it really that easy to penetrate these defenses? In the name of security, we did a little testing using family members as guinea pigs. To demonstrate just how much private information on an iPhone can be currently pulled from iCloud and other sources, we enlisted the help of a pair of software tools from Elcomsoft. 

Through the Department of Homeland Security’s Transition to Practice (TTP) program, cybersecurity technologies developed at Sandia National Laboratories — and at other federal labs — now stand a better chance of finding their way into the real world.

Cyber Testing Contributes to DHS Transition to Practice

September 11, 2014 8:17 am | by Sandia National Laboratories | News | Comments

Through the Department of Homeland Security’s Transition to Practice (TTP) program, cybersecurity technologies developed at Sandia National Laboratories — and at other federal labs — now stand a better chance of finding their way into the real world.

Advertisement
Device and data security will assume critical significance for companies adopting a bring you own device (BYOD) policy, especially with nearly 50 percent of companies having reported lost mobile handsets in the last year. According to IT services speciali

BYOD Policy Helps Avoid Major Security Breaches

September 3, 2014 11:57 am | by ITC Infotech | News | Comments

Device and data security will assume critical significance for companies adopting a bring you own device (BYOD) policy, especially with nearly 50 percent of companies having reported lost mobile handsets in the last year. According to IT services specialist ITC Infotech, lack of a stringent BYOD policy can lead to the risk of a major security breach.

When President Obama meets with other NATO leaders later this week, they are expected to ratify what seems, at first glance, a far-reaching change in the organization’s mission of collective defense: For the first time, a cyber attack on any of the 28 NAT

NATO Set to Pledge Joint Defense over Cyber Threats

September 3, 2014 11:22 am | by David Sanger, The New York Times | News | Comments

When President Obama meets with other NATO leaders later this week, they are expected to ratify what seems, at first glance, a far-reaching change in the organization’s mission of collective defense: For the first time, a cyber attack on any of the 28 NATO nations could be declared an attack on all of them, much like a ground invasion or an airborne bombing.

Hosted at the European Cybercrime Centre (EC3) at Europol, the Joint Cybercrime Action Taskforce (J-CAT), which is being piloted for six months, will coordinate international investigations with partners working side-by-side to take action against key cyb

Expert International Cybercrime Taskforce Tackles Online Crime

September 2, 2014 1:21 pm | by Help Net Security | News | Comments

Hosted at the European Cybercrime Centre (EC3) at Europol, the Joint Cybercrime Action Taskforce (J-CAT), which is being piloted for six months, will coordinate international investigations with partners working side-by-side to take action against key cybercrime threats and top targets, such as underground forums and malware, including banking Trojans.

 North Korea's cyberwarfare capabilities are on the rise despite being entrenched in ageing infrastructure and dampened by a lack of foreign technology, according to a report released by Hewlett-Packard researchers.

North Korea Cyber Warfare Capabilities Exposed

September 2, 2014 12:31 pm | by Charlie Osborne | Blogs | Comments

North Korea's cyberwarfare capabilities are on the rise despite being entrenched in ageing infrastructure and dampened by a lack of foreign technology, according to a report released by Hewlett-Packard researchers.          

As in any job, in cybersecurity it’s the paperwork that gets you. In a recent study, the Government Accountability Office found that agencies are doing an incomplete job in documenting their response to security incidents.

Agency Incident Response Rate

August 28, 2014 4:21 pm | by William Jackson, GCN | News | Comments

As in any job, in cybersecurity it’s the paperwork that gets you. In a recent study, the Government Accountability Office found that agencies are doing an incomplete job in documenting their response to security incidents.       

Advertisement
At no time in history has there been a greater need to hire security professionals to protect and defend infrastructures from an inexhaustible onslaught of organized crime, industrial espionage, and nation-state attacks.

Cybersecurity Hiring Crisis: Rockstars, Anger and the Billion Dollar Problem

August 28, 2014 11:12 am | by Violet Blue | Blogs | Comments

At no time in history has there been a greater need to hire security professionals to protect and defend infrastructures from an inexhaustible onslaught of organized crime, industrial espionage, and nation-state attacks.         

Black Hat USA 2014 recently welcomed more than 9,000 of the most renowned security experts. Tucked away from the glamour of the vendor booths giving away t-shirts and the large presentation rooms filled with rockstar sessions, was the Arsenal — a place wh

Synergy of Hackers and Tools at the Black Hat Arsenal

August 27, 2014 10:50 am | by Mirko Zorz, Help Net Security | News | Comments

Black Hat USA 2014 recently welcomed more than 9,000 of the most renowned security experts. Tucked away from the glamour of the vendor booths giving away t-shirts and the large presentation rooms filled with rockstar sessions, was the Arsenal — a place where developers were able to present their security tools and grow their community.

According to newly published documents, the National Security Agency has built a “Google-like” search interface for its vast database of metadata, and the agency shares it with dozens of other American intelligence agencies. The new documents are part of

NSA Increases Interagency Cooperation with Own Search Engine

August 26, 2014 11:00 am | by Cyrus Farivar. Ars Technica | News | Comments

According to newly published documents, the National Security Agency has built a “Google-like” search interface for its vast database of metadata, and the agency shares it with dozens of other American intelligence agencies. The new documents are part of the Snowden leaks and were first published on by The Intercept.

Even before the academic semester starts, students from across the globe have begun registering for the largest set of student cybersecurity competitions in the world: the NYU Polytechnic School of Engineering Cyber Security Awareness Week (CSAW).

NYU Launches Largest Cybersecurity Student Contests

August 26, 2014 10:04 am | by NYU Polytechnic School of Engineering | News | Comments

Even before the academic semester starts, students from across the globe have begun registering for the largest set of student cybersecurity competitions in the world: the NYU Polytechnic School of Engineering Cyber Security Awareness Week (CSAW).

Six months ago, NIST released version 1.0 of its voluntary Framework for Improving Critical Infrastructure Cybersecurity. The framework was developed with industry in a collaborative and open process over the course of a year, as directed by President Oba

NIST Seeks Info on User Experiences with Cybersecurity Framework

August 26, 2014 9:54 am | by NIST | News | Comments

Six months ago, NIST released version 1.0 of its voluntary Framework for Improving Critical Infrastructure Cybersecurity. The framework was developed with industry in a collaborative and open process over the course of a year, as directed by President Obama in Executive Order 13636. NIST is now seeking public feedback on the framework.

Advertisement
There is a severe shortage of information security professionals, and leading industry experts say it's only getting worse. Word among attendees at Black Hat USA 2014 conference was that there are more jobs in cybersecurity than people to fill them.

Cybersecurity's Hiring Crisis: A Troubling Trajectory

August 25, 2014 11:05 am | by Violet Blue | Blogs | Comments

There is a severe shortage of information security professionals, and leading industry experts say it's only getting worse. Word among attendees at Black Hat USA 2014 conference was that there are more jobs in cybersecurity than people to fill them.

A team of researchers have identified a weakness believed to exist in Android, Windows and iOS mobile operating systems that could be used to obtain personal information from unsuspecting users. They demonstrated the hack in an Android phone.

Mobile OS Weakness Allows Apps to Steal Personal Information

August 25, 2014 9:47 am | by Sean Nealon, Univ. of California - Riverside | News | Comments

A team of researchers have identified a weakness believed to exist in Android, Windows and iOS mobile operating systems that could be used to obtain personal information from unsuspecting users. They demonstrated the hack in an Android phone.  

When APTs (Advanced Persistent Threats) are discovered, network security operations professionals are instantly under pressure to explain and resolve the problems swiftly. Without a robust understanding of the context, network traffic and content, SecOps

Know Your Advanced Persistent Threats' Unknowns

August 22, 2014 10:26 am | by Information Buzz Security | News | Comments

When APTs (Advanced Persistent Threats) are discovered, network security operations professionals are instantly under pressure to explain and resolve the problems swiftly. Without a robust understanding of the context, network traffic and content, SecOps professionals are often left to rely on informed guesses and not verifiable facts.

How are ex-military and ex-hackers different? For starters, security guys with a military background are more likely to have a “traditional career.” This typically includes a degree from a four-year university, a series of jobs with certifications, and fo

Hacker or Military? Best of Both in Cyber Security

August 22, 2014 9:06 am | by John Dickson | Blogs | Comments

How are ex-military and ex-hackers different? For starters, security guys with a military background are more likely to have a “traditional career.” This typically includes a degree from a four-year university, a series of jobs with certifications, and formal recognition that one would expect from a military person.

Computer security researchers TU Darmstadt/CASED in Germany and North Carolina State University in USA have developed a modification to the core Android operating system that allows developers and users to plug in new security enhancements. The new Androi

Researchers Develop Framework to Facilitate New Android Security Modules

August 21, 2014 10:41 am | by CASED | News | Comments

Computer security researchers from TU Darmstadt/CASED in Germany and North Carolina State University in USA have developed a modification to the core Android operating system that allows developers and users to plug in new security enhancements. The new Android Security Modules (ASM) framework aims to eliminate the bottleneck that prevents developers and users from taking advantage of new security tools.

The significant information breaches of today are executed by people infiltrating the organization, and attackers are doing this by assuming identities or abusing insider privileges.

Today's Biggest Security Gap? Identity

August 20, 2014 10:47 am | by Travis Greene, Security Week | News | Comments

The significant information breaches of today are executed by people infiltrating the organization, and attackers are doing this by assuming identities or abusing insider privileges.                       

Agencies Stalk the Insider Threat

August 20, 2014 10:25 am | by William Jackson, GCN | News | Comments

With cyber war comes the threat of new forms of espionage, as well as sabotage conducted within both the information systems and control systems that form the interface between the physical and cyber worlds. Security, both physical and cyber, traditionally has been outward facing. But espionage and sabotage often are the domains of the trusted insider, the agent operating from within.

If you have an account and were asked to put a price on a monthly service fee, how much money would you pay to be inspired, to keep up with news events, or to stay in touch with family, friends and colleagues? You're paying for it now, of course, though n

How will you pay for the internet of the future?

August 19, 2014 10:58 am | by Lisa Vaas | Blogs | Comments

If you have an account and were asked to put a price on a monthly service fee, how much money would you pay to be inspired, to keep up with news events, or to stay in touch with family, friends and colleagues? You're paying for it now, of course, though not with money.

Discussions of what government should do about the state of poor cyber defenses tend to focus on some kind of change in the law to raise regulations and/or lower liabilities. That is well and good, but government should also think about building a new org

A CDC for Cyber Crime

August 19, 2014 10:23 am | by Peter Singer, Wired | News | Comments

Discussions of what government should do about the state of poor cyber defenses tend to focus on some kind of change in the law to raise regulations and/or lower liabilities. That is well and good, but government should also think about building a new organization for the cyber age. And it can do so by taking inspiration from one of the most successful agencies created in the past.

Mathematical Obfuscation against Hackers is Focus of New Cybersecurity Center

August 15, 2014 11:21 am | by Jeremy Hsu, IEEE Spectrum | News | Comments

Turning computer code into a kind of math puzzle may hold the key to protecting software from hackers. A consortium of universities developing the idea, called mathematical obfuscation, recently received a $5 million grant from the U.S. government as part of a broader cybersecurity initiative.

Thousands of Computers Open to Eavesdropping and Hijacking

Thousands of Computers Open to Eavesdropping and Hijacking

August 15, 2014 10:51 am | by Lisa Vaas | Blogs | Comments

There's a gaping hole in thousands of unsuspecting people's computers that lets any random internet passerby not only look over their shoulder but reach through to take over their systems. The hole is caused by a remote access tool: specifically, unsecured use of a product known as Virtual Network Computing (VNC).

Mixing upper and lower case letters, numbers and special characters doesn’t make passwords any harder for hackers to crack, only increasing the number of characters does, according to new research from Trustwave.

Longer Passwords are Harder to Crack

August 15, 2014 10:36 am | by Phil Muncaster, Infosecurity Magazine | News | Comments

Mixing upper and lower case letters, numbers and special characters doesn’t make passwords any harder for hackers to crack, only increasing the number of characters does, according to new research from Trustwave.           

X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading