The program could move to cover high security requirements or standardize service-level agreements for agencies and providers.
NIST gives supply-chain security its own publication, offering guidelines for incorporating it into an agency's overall risk management program.
Apricorn's software-free Aegis Padlock Fortress keeps all data encrypted and protected from tampering.
Researchers from Georgia Tech demonstrate a prototype tool, ExecScent, that learns a network's normal traffic patterns to spot the command and control traffic from infected hosts. In live tests it identified dozens of new C&C domains and discovered hundreds of infected computers.
Silent Circle's decision to shut down its encrypted email service is the latest in a number of responses to the NSA's surveillance of sensitive communications.
Setting up a rogue IPv6 router on an IPv4 network gives attackers access to the host's Internet traffic, one more reason to enable IPv6 rather than waiting for an attacker to do it for you.
The product extends privilege management to admins, giving them enough control to do their jobs but restricting them to authorized tasks.
The convergence of computing and mobile telephony has made smartphones the new frontier of cybersecurity, with a host of new vulnerability research presented at this year’s Black Hat Briefings.
Researchers at Dell SecureWorks were able to monitor the command and control system of the persistent RAT, which was used in the 2010 RSA breach that also compromised DOD contractors and is still in wide use.
Recent research by Trend Micro shows ICS networks are frequently attacked -- and not by accident.
The Savannah River National Lab’s prototype hardware, designed in collaboration with NSA, uses Suite B cryptography for a system that could be adapted for other uses.
Gen. Keith Alexander traveled to the "technical center of gravity" instead of appearing before Congress to plead his case that surveillance programs are targeted, limited and under control.