Advertisement
Cybersecurity
Subscribe to Cybersecurity

The Lead

When APTs (Advanced Persistent Threats) are discovered, network security operations professionals are instantly under pressure to explain and resolve the problems swiftly. Without a robust understanding of the context, network traffic and content, SecOps

Know Your Advanced Persistent Threats' Unknowns

August 22, 2014 10:26 am | by Information Buzz Security | News | Comments

When APTs (Advanced Persistent Threats) are discovered, network security operations professionals are instantly under pressure to explain and resolve the problems swiftly. Without a robust understanding of the context, network traffic and content, SecOps professionals are often left to rely on informed guesses and not verifiable facts.

Hacker or Military? Best of Both in Cyber Security

August 22, 2014 9:06 am | by John Dickson | Blogs | Comments

How are ex-military and ex-hackers different? For starters, security guys with a military...

Researchers Develop Framework to Facilitate New Android Security Modules

August 21, 2014 10:41 am | by CASED | News | Comments

Computer security researchers from TU Darmstadt/CASED in Germany and North Carolina State...

Today's Biggest Security Gap? Identity

August 20, 2014 10:47 am | by Travis Greene, Security Week | News | Comments

The significant information breaches of today are executed by people infiltrating the...

View Sample

SUBSCRIBE TO FREE DFI News EMAIL NEWSLETTER

Agencies Stalk the Insider Threat

August 20, 2014 10:25 am | by William Jackson, GCN | News | Comments

With cyber war comes the threat of new forms of espionage, as well as sabotage conducted within both the information systems and control systems that form the interface between the physical and cyber worlds. Security, both physical and cyber, traditionally has been outward facing. But espionage and sabotage often are the domains of the trusted insider, the agent operating from within.

If you have an account and were asked to put a price on a monthly service fee, how much money would you pay to be inspired, to keep up with news events, or to stay in touch with family, friends and colleagues? You're paying for it now, of course, though n

How will you pay for the internet of the future?

August 19, 2014 10:58 am | by Lisa Vaas | Blogs | Comments

If you have an account and were asked to put a price on a monthly service fee, how much money would you pay to be inspired, to keep up with news events, or to stay in touch with family, friends and colleagues? You're paying for it now, of course, though not with money.

Discussions of what government should do about the state of poor cyber defenses tend to focus on some kind of change in the law to raise regulations and/or lower liabilities. That is well and good, but government should also think about building a new org

A CDC for Cyber Crime

August 19, 2014 10:23 am | by Peter Singer, Wired | News | Comments

Discussions of what government should do about the state of poor cyber defenses tend to focus on some kind of change in the law to raise regulations and/or lower liabilities. That is well and good, but government should also think about building a new organization for the cyber age. And it can do so by taking inspiration from one of the most successful agencies created in the past.

Advertisement

Mathematical Obfuscation against Hackers is Focus of New Cybersecurity Center

August 15, 2014 11:21 am | by Jeremy Hsu, IEEE Spectrum | News | Comments

Turning computer code into a kind of math puzzle may hold the key to protecting software from hackers. A consortium of universities developing the idea, called mathematical obfuscation, recently received a $5 million grant from the U.S. government as part of a broader cybersecurity initiative.

Thousands of Computers Open to Eavesdropping and Hijacking

Thousands of Computers Open to Eavesdropping and Hijacking

August 15, 2014 10:51 am | by Lisa Vaas | Blogs | Comments

There's a gaping hole in thousands of unsuspecting people's computers that lets any random internet passerby not only look over their shoulder but reach through to take over their systems. The hole is caused by a remote access tool: specifically, unsecured use of a product known as Virtual Network Computing (VNC).

Mixing upper and lower case letters, numbers and special characters doesn’t make passwords any harder for hackers to crack, only increasing the number of characters does, according to new research from Trustwave.

Longer Passwords are Harder to Crack

August 15, 2014 10:36 am | by Phil Muncaster, Infosecurity Magazine | News | Comments

Mixing upper and lower case letters, numbers and special characters doesn’t make passwords any harder for hackers to crack, only increasing the number of characters does, according to new research from Trustwave.           

The hottest topic in the insurance world today is cyber risk insurance, or coverage for the response to and fallout from cyber crime and breaches. Although high–profile breaches have led to skyrocketing interest in cyber insurance, they have also highligh

Lack of Incident Response Holding Back Cyber Insurance Market

August 14, 2014 12:21 pm | by Craig Carpenter, Property Casualty 360 | News | Comments

The hottest topic in the insurance world today is cyber risk insurance, or coverage for the response to and fallout from cyber crime and breaches. Although high–profile breaches have led to skyrocketing interest in cyber insurance, they have also highlighted a glaring weakness in insurance companies’ ability to price — and therefore offer — such coverage: the lack of incident resolution expertise.

Edward Snowden has made us painfully aware of the government’s sweeping surveillance programs over the last year. But a new program, currently being developed at the NSA, suggests that surveillance may fuel the government’s cyberdefense capabilities, too.

The NSA MonsterMind Bot Could Wage Cyber War Autonomously

August 14, 2014 10:55 am | by Kim Zetter, Wired | News | Comments

Edward Snowden has made us painfully aware of the government’s sweeping surveillance programs over the last year. But a new program, currently being developed at the NSA, suggests that surveillance may fuel the government’s cyberdefense capabilities, too.

Advertisement
Virtual environments are a tool that security researchers and security software use to automatically analyze and detect malware. But according to Symantec research, virtual machines (VMs) are becoming more common in enterprise operational environments—so

Malware No Longer Avoids Virtual Machines

August 14, 2014 10:00 am | by Tara Seals, Infosecurity Magazine | News | Comments

Virtual environments are a tool that security researchers and security software use to automatically analyze and detect malware. But according to Symantec research, virtual machines (VMs) are becoming more common in enterprise operational environments — so malware authors are learning to write their code to attack that infrastructure more effectively while avoiding detection.

Black Hat USA 2014 hosted over 9,000 attendees in Las Vegas last week and featured 110 highly informative briefings. Don't fret if you missed it: Some of BHUSA's best talks have now been uploaded to YouTube.

BadUSB, Keynote Controversy: Black Hat USA 2014 Videos Now Online

August 14, 2014 9:48 am | by Violet Blue | Blogs | Comments

Black Hat USA 2014 hosted over 9,000 attendees in Las Vegas last week and featured 110 highly informative briefings. Don't fret if you missed it: Some of BHUSA's best talks have now been uploaded to YouTube.            

Computer forensic and cybersecurity tools are getting smarter and easier to use by the week, but I'd like to offer a contrarian view and tell you that it's not necessarily a good thing. Better tools — or rather, better tool marketing—can lull you into a f

The Myth of the 'Find All Evidence' Button

August 12, 2014 10:12 am | by John I., LinkedIn | News | Comments

Computer forensic and cybersecurity tools are getting smarter and easier to use by the week, but I'd like to offer a contrarian view and tell you that it's not necessarily a good thing. Better tools — or rather, better tool marketing — can lull you into a false sense of security.

Efforts to pressure the automobile industry into better locking down cyber security in automated features of modern cars has intensified as a collective of security researchers sent the CEOs at major auto firms an open letter calling for them to adopt a n

Automakers Openly Challenged to Bake in Security

August 11, 2014 10:38 am | by Kelly Jackson Higgins | Blogs | Comments

Efforts to pressure the automobile industry into better locking down cyber security in automated features of modern cars has intensified as a collective of security researchers sent the CEOs at major auto firms an open letter calling for them to adopt a new five-star cyber safety program.

Alarmed by mounting cyber threats around the world and across industries, a growing number of security experts see aggressive government action as the best hope for averting disaster.

Security Experts Call for Government Action against Cyber Threats

August 11, 2014 10:12 am | by Joseph Menn, Reuters | News | Comments

Alarmed by mounting cyber threats around the world and across industries, a growing number of security experts see aggressive government action as the best hope for averting disaster.                   

Advertisement
Network breaches are inevitable. It’s what happens next that really matters, said renowned cryptographic expert Bruce Schneier during the Black Hat security conference.

Incident Response Best Practice and Automation

August 11, 2014 10:00 am | by Fahmida Rashid, Infosecurity Magazine | News | Comments

Network breaches are inevitable. It’s what happens next that really matters, said renowned cryptographic expert Bruce Schneier during the Black Hat security conference.                       

10 Dramatic Moments In Black Hat History

August 7, 2014 9:54 am | by Ericka Chickowski | Blogs | Comments

If there is one thing there's no lack of in Las Vegas at the Black Hat conference, it's drama. This year's show is shaping up to be no different. But before we get there, let's take a quick look back at some of the big demos and research highlights of the past so we can see how influential this show's moments have been in shaping the industry. 

Microsoft's Internet Explorer (IE) has become the most patched software   product, receiving more security patches in the first six months of this year   than Adobe or Oracle software, a report by Bromium Labs has found.

Tool to Thwart Cyber-Attacks

August 6, 2014 11:27 am | News | Comments

Cybersecurity researchers at the Georgia Tech Research Institute are developing a tool that amasses information from the Internet to give organizations an early warning of a pending cyber-attack. The system, known as BlackForest, scrapes and analyzes information culled from a variety of online sources to detect potential attacks. 

Hacker Claims Passenger Jet Communications Vulnerable to Attack

August 5, 2014 8:26 am | News | Comments

Cybersecurity researcher Ruben Santamarta says he has figured out how to hack the satellite communications equipment on passenger jets through their WiFi and inflight entertainment systems - a claim that, if confirmed, could prompt a review of aircraft security.

Expanding Cybersecurity and Privacy Research

August 5, 2014 8:14 am | News | Comments

The National Science Foundation's (NSF) Secure and Trustworthy Cyberspace (SaTC) program has announced two new center-scale "Frontier" awards to support large, multi-institution projects that address grand challenges in cybersecurity science and engineering with the potential for broad economic and scientific impact.  

InfoSec teams should expand their rapid incident detection and response capabilities to mobile devices that have access to sensitive data.

70 Percent of Internet of Things Devices Vulnerable to Hacking

August 4, 2014 9:01 am | News | Comments

Nearly three-quarters of all Internet of Things devices are susceptible to getting hacked or compromised, according to a recent study. The study, released by Hewlett-Packard (HP), examined 10 common smart devices, including thermostats, smart TVs and webcams. Each device had approximately 25 vulnerabilities.

Gathering and understanding cyber intelligence is the work of BlackForest, a new open source intelligence gathering system developed by information security specialists at the Georgia Tech Research Institute (GTRI). By using such information to create a t

Threat Information System Warns of Impending Cyber Attacks

July 31, 2014 9:46 am | by Georgia Institute of Technology | News | Comments

Gathering and understanding cyber intelligence is the work of BlackForest, a new open source intelligence gathering system developed by information security specialists at the Georgia Tech Research Institute (GTRI). By using such information to create a threat picture, BlackForest helps corporations, government agencies and nonprofit organizations battle increasingly-sophisticated threats to their networks.

Feds Admit Cooperation Remains Obstacle with Corporations, Cyber Threats

July 31, 2014 9:26 am | by Tom Fontaine, Trib LIVE | News | Comments

A key to reducing cyber crime is getting victims — often major corporations — to cooperate with authorities, two top federal law enforcement officials said during visits to Pittsburgh.                   

In an interview with former National Security Agency Director General Keith Alexander, Foreign Policy's Shane Harris learned that Alexander plans to file “at least” nine patent applications — “and possibly more" — pertaining to technology for detecting ne

Former NSA Director to File Cybersecurity Patents in the Private World

July 30, 2014 9:08 am | by Megan Guess, Ars Technica | News | Comments

In an interview with former National Security Agency Director General Keith Alexander, Foreign Policy's Shane Harris learned that Alexander plans to file “at least” nine patent applications — “and possibly more" — pertaining to technology for detecting network intruders.

Federal Chief Information Security Officers (CISOs) and information security executives face a number of challenges in today's dynamic, fast-paced environment.

How to Build a Federal Information Security Team

July 29, 2014 10:01 am | by (ISC)2 Writers Bureau, Information Week | News | Comments

Federal Chief Information Security Officers (CISOs) and information security executives face a number of challenges in today's dynamic, fast-paced environment. These challenges include advanced persistent threats, system vulnerabilities, and regulatory compliance, to name a few.

It has been over a year since The Guardian reported the first story on the National Security Agency’s surveillance programs based on the leaks from former NSA contractor Edward Snowden, yet the national conversation remains largely mired in a simplistic d

Surveillance Costs: The NSA's Impact on the Economy, Internet Freedom & Cybersecurity

July 29, 2014 9:42 am | by Danielle Kehl,Kevin Bankston,Robyn Greene,Robert Morgus,New America Foundation | News | Comments

It has been over a year since The Guardian reported the first story on the National Security Agency’s surveillance programs based on the leaks from former NSA contractor Edward Snowden, yet the national conversation remains largely mired in a simplistic debate over the tradeoffs between national security and individual privacy. It is time to start weighing the overall costs and benefits more broadly.

Cybersecurity is being pushed in two directions. On the one hand, the growing complexity of information systems and the onslaught of threats facing them are putting a premium on speed. Automation is the future of security.

Security Automation: Are Humans Still Relevant?

July 28, 2014 10:38 am | by William Jackson | Blogs | Comments

Cybersecurity is being pushed in two directions. On the one hand, the growing complexity of information systems and the onslaught of threats facing them are putting a premium on speed. Automation is the future of security.       

X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading