IT Security


FedRAMP closer to rollout with GSA's release of third-party assessors

The GSA May 14 released a list of accredited third-party assessment organizations -- or 3PAOs for short -- that will do initial assessments and test the controls of cloud service providers per FedRAMP requirements.

Can better software make cyberattacks a losing proposition?

A conference on secure software development aims to raise the bar for attackers trying to compromise IT systems.

Surprise: 57 percent admit to using pirated software

Is it just coincidence that unmanaged and unpatched software continues to be a major security problem?

DOD expands cyber threat info program

The Defense Department is expanding a program to share cyber threat information and inviting all of its eligible contractors to take part.

California loses personal info for 700,000...on microfiche

The records, including Social Security numbers and state ID numbers for home care workers and recipients, were lost or stolen while in the mail.

Have you checked your PC for DNSChanger? The clock is ticking.

It's a small, easy step to make sure you don't risk losing access to the Internet.

The '.secure' domain would enforce rigorous security

Artemis Internet promises to enforce high standards for organizations in the new domain, and to kick out anyone who slacks on security.

Report: Attacks on gas pipeline networks linked to RSA hack, China

Digital signatures used in the spear-phishing campaign against the natural gas industry are identical to those used in the RSA breach, according to a published report.

FBI's hotel Wi-Fi warning: Don't talk to strange pop-ups

The alert that travelers are being targeted through hotel Wi-Fi connections is short on details, but it serves as a reminder that the Internet can be a rough neighborhood.

9 keys to making BYOD work

Employees will use personal mobile devices for work anyway; here are tips on making sure it's done right.

Partnership develops encryption for federal mobile devices

Verizon and Cellcrypt will offer voice encryption for smart phones and tablets running the Android, BlackBerry and iOS operating systems.

ICANN to reopen applications for new top-level domains

ICANN has notified TLD applicants whose information might have been compromised by a software glitch and is offering full refunds to applicants who want to withdraw.

Windows 8 a step forward in security, researcher says

A researcher examining early releases of Microsoft's new operating system says Windows 8 makes it harder to exploit vulnerabilities.

Spear-phishing attacks hit gas pipeline networks

DHS alerts operators that "tightly focused" attacks, ongoing since at least December, have compromised a number of organizations.

FBI seeks to expand wiretap law to social networks, IM, webmail

The FBI has drafted a proposal that would require social networking, webmail and IM sites, as well as voice-over-IP providers, to make their sites wiretap-ready, and it is asking those companies not to oppose the measure.