Cybersecurity
Most Dangerous -- Browser Hooking
Browser hooking -- the next attack vector on Ed Skoudis's <a href="http://cybersecurityreport.nextgov.com/2010/03/most_dangerous_attacks_-_day_1.php">most dangerous list</a> -- is stealthy, damaging and found all over the place.
Cybersecurity
Cyber Command nominee lays out rules of engagement
The nominee to head the Defense Department's new Cyber Command outlines how the command could respond to different cyberattack scenarios.
Cybersecurity
TSA contractors performed government-only work, IG concludes
TSA allowed contractors to review invoices for other contractors in apparent violation of the Federal Acquisition Regulation, according to a new report from the Homeland Security Department inspector general's office.
Cybersecurity
What'd You Learn in School Today?
Sharing. This key kindergarten lesson has many real-life applications, including a few in cyberspace. Collaboration and teamwork are the keys to effective cybersecurity programs, according to Homeland Security Department officials.
Cybersecurity
Pick to lead cyber command lays out battle plans
Army Lt. Gen. Keith Alexander says that militarizing cyberspace is not part of his agenda, and reveals what is at the top of the list.
Cybersecurity
DHS inks deal with Germany for global trusted travelers
Homeland Security Department officials signed an agreement with Germany to integrate the countries' trusted traveler programs.
Cybersecurity
House committee OKs bill to boost Homeland Security technology
Legislation would double the agency's cybersecurity research and development budget.
Cybersecurity
GAO Talks FDCC Failures
Usually when the Government Accountability Office releases a <a href="http://gao.gov/products/GAO-10-202">report</a>, there's a bit of finger wagging going on inside the Beltway. But with two new reports highlighting the lack of compliance by major federal agencies to meet the requirements of both the <a href="http://docs.google.com/viewer?a=v&q=cache:DGK-eVhgZWcJ:www.whitehouse.gov/omb/memoranda/fy2008/m08-05.pdf+Trusted+Internet+Connection&hl=en&gl=us&pid=bl&srcid=ADGEESi1jLZL7ngbvJD6AS0LLOkEJM8Y_F1LPxuRw6mV4McfMoVAPGrpfkjWZnjtfZam54tLx23rxax9C7Zh4HxhQsh1f04bEU1fB6nz1I3odlR-sbX0mwtYXWIZygs9dapMwGCThyL6&sig=AHIEtbT5zbBYfwH4DT38Tf1ctUE1OAxPcA">Trusted Internet Connection</a> (TIC) and the <a href="http://nvd.nist.gov/fdcc/index.cfm">Federal Desktop Core Configuration</a> (FDCC) White House initiatives, it's more like finger pointing.
Cybersecurity
Senators look to Amsterdam for airport technology
Computer-based auto-detection technology deployed at Amsterdam’s airport to screen passengers for explosives could be useful in the United States, according to some senators.
Cybersecurity
Civil liberties groups fight biometric IDs
The ACLU and other civil liberties groups oppose two senators' plan that includes a requirement for biometric Social Security cards.
Cybersecurity
Haiti response proves interagency collaboration can work
Every once in awhile, a cataclysmic event will bring together the factions and defy federal compartmentalization.
Cybersecurity
Cyber chief slams security efforts
The White House's top cybersecurity official calls for needed measures to protect federal networks, some of which should have been done long ago.
Cybersecurity
Apache.org and Attack Soup
This morning, a <a href="http://isc.sans.org/diary.html?storyid=8623">story</a> from the Internet Storm Center caught my eye. The piece, about an attack launched against the <a href="http://en.wikipedia.org/wiki/Bug_tracking_system">bug tracking system</a> used by <a href="http://apache.org/">Apache.org</a>, was pretty technical, so I asked Johannes Ullrich, chief research officer for SANS, to break it down.
Cybersecurity
Contract rules need IT security standards, official says
A defense official has recommended changing the Federal Acquisition Regulation to require contractors' IT products to meet minimum security standards.
Cybersecurity
Passwords as Easy as 123
For a peak into what passwords people choose - and just how easy they are to break - check out <a href="http://www.boston.com/bostonglobe/ideas/articles/2010/04/11/passwords_we_love/">this article</a> the <em>Boston Globe</em> published on April 11. (It accompanied a <a href="http://www.boston.com/bostonglobe/ideas/articles/2010/04/11/please_do_not_change_your_password/">larger article</a> on a study that concluded the cost of changing passwords outweighs the benefits - another interesting read.) A security firm analyzed 32 million passwords stolen from the social applications producer called RockYou and posted online. (A hacker had broken into the system in December 2009.) The most popular passwords were a form of 123456. And No. 4 on the list? "Password."
Cybersecurity
Agencies struggle with securing computers, GAO reports
Senators act to get agencies to secure their computer systems against cyberattacks and hackers.
Cybersecurity