-
Top Internet security risks of 2007 revealed today
This year’s SANS Top 20 illuminates two new attack targets that criminals have chosen to exploit and the older targets where attackers have significantly raised the stakes
-
-
Security software may be posing security risks
Security maven Thierry Zoller says that file-parsing bugs in security software could become a big problem: Increasing your use of antivirus software only increases the chances that you could be successfully attacked
-
-
Industry, military, academia to discuss cyber and national security
In a three-day meeting in Shreveport this week, experts from industry, the military, and academia will discuss business, national and military security, the politics of cyber and its impact on the military planning and execution of the future
-
-
Pay attention to the human element in IT security
As far as information security is concerned, even the world’s best technological solution cannot replace a piece of paper –- the company security policy
-
-
NSA may have put secret back door in new encryption protocol
The U.S. government released NIST Special Publication 800-90 — a new official standard for random-number generators — earlier this year; the document contains four different approved techniques (Deterministic Random Bit Generators); one of those generators — the one based on elliptic curves and championed by the NSA — is three orders of magnitude slower than its peers; Why?
-
-
VoIP can be made secure for business purposes
Many companies have security worries about VoIP, so they decide not to implement the technology even though it has many cost advantages over traditional telephony, Cisco’s Eric Vyncke argues that with proper attention and maintenance, VoIP can be made secure enough even for business purposes; A combination of secure switches, firewalls, and secure devices will not produce 100 percent security, but it can approach 99.9 percent,” he said
-
-
Corporate e-mail authentication battle royal: IP-based vs. signature-based
There are two categorical approaches to corporate e-mail security: Path- or IP-based focuses on where the message originated and evaluates the network path traversed by the e-mail; cryptographic methods look at who sent the message
-
-
TI licenses Elliptic Curve Cryptography (ECC) technology
TI prepares for the future: Company notices two trends — growing shift toward e-documents, and increasing need for NIST-based security protocols compliance; TI licenses Certicom ECC technology
-
-
Chinese subcontractor installs trojan horses on hard drives
Seagate hard drives sold in Taiwan are discovered to have trojan horses installed on them by Chinese subcontractor; virus uploads information saved on the computer automatically to Web sites in Beijing
-
-
Sender ID vs encryption, I
Fighting spam requires authenticating e-mail addresses on the fly; Microsoft-backed Sender ID battles with encryption-based schemes for adoption by enterprises
-
-
Blue-ribbon panel to recommend cybersecurity measure to next president
CSIS creates a 31-member committee of experts and policy makers to recommend comprehensive cybersecurity measures to the next president
-
-
IBM will spend $1.5 billion to improve computer security
IBM’s security initiative would double IBM’s security spending; company says its IT security is becoming more difficult because of collaborative business models, sophisticated criminal attacks, and increasingly complex infrastructures
-
-
Rumors of al Qaeda cyber attack to be launched 11 November
News report says that Bin Laden’s cyber legions are retaliating against Western surveillance programs; among the targets: Western, Jewish, Israeli, Muslim apostate, and Shiite Web sites
-
-
NIST invites comments on important FISMA-related document
NIST releases cybersecurity framework document for public comment; when finalized, it will become NIST’s flagship FISMA-related document
-
-
Colorado Springs lobbying for AF Cyber Command to move there
Colorado, California, Nebraska, and Louisiana compete for being home to the Air Force’s new Cyber Command
-
