DNS

NIST updates guidelines for securing the DNS

NIST updated its guidance for deploying a secure Domain Name System in government enterprises to ensure the availability and integrity of critical DNS data.

LynxWorks rootkit detection

LynuxWorks rootkit detector adds hardware punch to security scanning

LynuxWorks' system, called RDS5201, is an appliance capable of detecting low-level, zero-day rootkits in real time.

ID

5 pilots to take trusted online ID plan to the next stage

The NSTIC programs, which received more than $7 million in grants, range from military, civilian and commercial authentication initiatives to one aimed at protecting children’s privacy online.

eyes

Biometric ID coming to a government office near you

This week's Biometric Consortium Conference showcases a wide range of hardware and software solutions for personal identification/authentication applications in government.

back door

Suspect NIST crypto standard long thought to have a back door

The agency is advising against using an elliptic curve algorithm adopted in 2006 that has concerned cryptographers from the beginning.

FDAS

Forensics tool makes sure investigators don't come up empty

CyanLine's Fast Disk Acquisition System gives forensics teams a real-time preview of what's on a drive, including whether it's set to prevent copying.

scam

Officials warn of spoofed health exchange websites

The look-alike Web pages may be created by interest groups, private insurance companies and, sometimes, scammers looking to gather personal information.

PIV

PIV credentials can now be used with mobile devices

The latest revision of FIPS 201, which sets the requirements for PIV cards, includes credentials for mobile devices and new interfaces to enable access with contactless connections.

Football referees check instant replay machine

NSA reports prompt NIST to reopen public review of crypto standards

Public concern over possible tampering by the NSA has led NIST to reopen the comment period on a suite of publications, but the IT security community isn't worried.

iPhone scan

Is the new iPhone's fingerprint scanner a sign of things to come?

If opened to app developers, Apple's Touch ID could give another authentication option to agencies looking to manage mobile devices, especially if other smartphone manufacturers follow suit.

cybersecurity

How do you protect DNS from hacktivists like SEA?

DNSSEC can be an effective tool -- but only one tool -- in preventing redirection attacks such as those carried out recently by the Syrian Electronic Army.

USPS

The key to getting your money's worth out of IT security tools

Holding the vendor accountable for results — and right away — is the first step in getting value from your cybersecurity investment, said USPS information security officer Chuck McGann.

Topic Resources

  • Advanced Threats and Big Data: The New Cybersecurity Landscape

    So often in our organizations, information silos keep us from sharing data and communicating the right information at the right time to stop advanced threats. Hear why a big data solution is an important part of a defense against advanced threats and ideas about what data sources are required across the organization for this analysis to combat these attacks.

  • The STAND: Cybersecurity

    Advanced persistent threats. Zero-day attacks. Insider threats. Cybersecurity experts say that if IT leaders are not concerned about the ongoing evolution of the cyber landscape, it just means they are not paying enough attention. The problem is that these and other emerging cyber tactics are designed to evade traditional cyber defenses and escape detection until it’s too late. The good news is it’s not a lost cause. In this special report, two subject matter experts discuss cybersecurity technologies and strategies that can help agencies defend their systems and data against the latest cyber threats, today and into the future.

  • Beyond the Next Generation: Meeting the Converging Demands of Network Security

    A number of network security technologies have arisen that claim to be the "next generation" of network defense - but what does this concept actually mean? How is the threat landscape changing the way we think about and deploy network security solutions? Scott Crawford, Managing Research Director, Security and Risk Management at EMA Research provides insight into what we can expect in the area of network security and how to leverage new technologies to meet today's security challenges in light of other considerations such as overall complexity and performance.

  • Extending Security Intelligence with Big Data Solutions

    Security intelligence solution from IBM help organizations address the most vexing security challenges, including advanced persistent threats, fraud and insider threats. The solution enables security analysts to extend analysis well beyond typical security data using real-time correlation for continuous insight, custom analytics, and forensic capabilities for evidence gathering

  • Avoiding Insider Threats to Enterprise Security

    This white paper explains how IBM Security Privileged Identity Manager provides enhanced security across various IT environments by centralizing and controlling the use of privileged identities.