IT Security


'Unknowns' hack NASA, Air Force, saying 'We're here to help'

A new gray hat hacker group hits 10 organizations, including three U.S. government sites and one at Harvard, saying it wants to promote better security.

Targeted attacks exploiting Flash flaw; Adobe issues fix

Current exploit in the wild targets IE for Windows, but Mac, Linux and Android also vulnerable.

FEMA: Cybersecurity ranks lowest among critical protections

The National Preparedness Report from FEMA puts cybersecurity at the bottom of the readiness list, with fewer than half of states prepared to defend IT systems and networks.

New spec lets any mobile device swap biometrics

New protocols sponsored by the National Institute of Standards and Technology, the FBI and the Homeland Security Department would make biometric technology interoperable and easier to use.

Are rogue cloud users a risk for states?

Most states lack policies on online file storage usage, but CISOs say there is risk in uncontrolled use of these services.

Mobile privacy risks: Who should alert end users?

Both industry and government are concerned about the potential for many mobile applications to share data with third parties without user consent.

105 Top Level Domain applicants had info exposed

ICANN has begun notifying 105 applicants who paid $185,000 each to apply for new generic TLDs that some of their information was exposed through a glitch on the online application system, which has been offline for three weeks.

New Android malware designed to sneak into networks

The Trojan doesn't seem to hurt Android devices but is clearly designed to get inside private networks, which is a concern for BYOD programs.

Cyber crime-fighters: A model for international cooperation?

Current international collaboration against online criminals could offer a template for broader cooperation on cybersecurity, although law enforcement has challenges of its own.

Decisions on cloud 'all about the data,' USPS security officer says

Agencies should only deal with what they can tolerate as a risk, the U.S. Postal Service's Chuck McGann tells a FedScoop audience.

Madison County bridges security in a virtual world

In moving to a virtual data center, Madison County, Ind., found that security in a virtual world can be at least as good as in a physical environment.

Targeted attacks, mobile vulnerabilities on the rise, report states

Criminals continue to exploit old vulnerabilities as enterprises, and users fail to keep up with the flood of security updates, the latest Symantec report states.

World War I Dazzle Painting

WWI 'dazzle paint' fools face recognition scanners

An artist finds that the same approach used in World War I to confound the rangefinders on attacking ships will prevent a facial scanner from recognizing you.

90 percent of 'secure' HTTPS sites are vulnerable, study finds

A nonprofit initiative to check on SSL implementations finds that 75 percent of those sites are vulnerable to a BEAST attack, and only 10 percent are secure.

House wraps up Cyber Week by passing two more security bills

The two recent bills, which address cybersecurity standards, research and education, passed with little opposition.