Cybersecurity
People v. Process
Philip Reitinger, deputy undersecretary of the National Protection and Programs Directorate at the Homeland Security Department, claims <a href= http://www.govexec.com/story_page.cfm?articleid=46357&dcn=todaysnews>people are more important</a> than process when it comes to protecting America's cyber infrastructure. Is he right?
Featured eBooks
Cybersecurity
Critical Adobe Patches
Adobe published a pretty big <a href="http://www.macnn.com/articles/10/10/06/mac.updates.for.9x.and.82x.available.now/">patch</a> on Wednesday for its reader and <a href="http://www.adobe.com/support/downloads/detail.jsp?ftpID=3806">acrobat programs</a>.
Cybersecurity
Army Tops Air Force, Navy
In the midst of a computer's worst nightmare -- malicious files, malware and corrupted Web servers -- the unlikeliest of responders burrows in and wages a winning defense. It's the U.S. Army, a military branch that's not exactly synonymous with cybersecurity.
Cybersecurity
LinkedIn and ZeuS
ZeuS, a password stealing Trojan, is not a new threat but it is the cause of some discomfort for users of the social media site LinkedIn. ZeuS is a family of malware that you can buy, and various organizations run these botnets for profit. Attackers typically will try to trick you into installing the ZeuS malware with a fake link.
Cybersecurity
BitTorrent Protection
<a href="http://www.bittorrent.com/">BitTorrent</a> users, a free, open source peer-to-peer file-sharing application, might be wondering how to protect themselves. It's quite difficult to know when a download is masquerading as something it isn't. And while some might associate the tool with those who download illegal music, movie and software files, it's also used in legal ways. For example, users quite frequently download Linux distributions, some of which exist in DVD, a form that can only be obtained via BitTorrent.
Cybersecurity
Out-of-Band Patch
Microsoft just published an out-of-band patch for its <a href="http://en.wikipedia.org/wiki/Active_Server_Pages">ASP</a> .NET vulnerability. The vulnerability allows for remote cracking of some encryption keys via an oracle vulnerability. Any system telling an attacker some fact about a piece of encrypted data is dubbed an "oracle."
Cybersecurity
ESPN Fantasy Football Flaw
ESPN fantasy football players beware: The system is rife with security flaws. According to security experts, the vulnerabilities exist in the URL the site uses as a final confirmation when making roster decisions. The site is not authenticating the requests correctly, so by essentially editing the URL, a player can make changes to another player's team.
Cybersecurity
Any Word on Zeus?
Earlier this year, the <a href="http://krebsonsecurity.com/2010/02/zeus-attack-spoofs-nsa-targets-gov-and-mil/">Zeus</a> banking Trojan infected hundreds of computers within the federal government leaving experts no choice but to prepare for a mass attack. The then e-mail campaign was designed to steal passwords, but at the time was only sent to government and military e-mail addresses.
Cybersecurity