Federal


From the Web

United States Department of Defense Embraces Hacker Certification to Protect US Interests

March 01, 2010 from: Saumil's Infosec Blog

The U.S. Department of Defense (DoD) announces the official approval of the EC-Council Certified Ethical Hacker (CEH) certification program as a new baseline skills requirement for U.S.cyber defenders. Specifically, the new Certified Ethical Hacker program is required for the DoD's computer network defenders (CND's), a specialized personnel classification within the DoD's information assurance wor...

Comments  (1)


From the Web

China Shut Down Biggest Hacker Training Site

February 09, 2010 from: Saumil's Infosec Blog

What is believed to be the country's biggest hacker training site has been shut down by police in Central China's Hubei province. Three people were also arrested, local media reported yesterday. The three, who ran Black Hawk Safety Net, are suspected of offering others online attacking programs and software, a crime recently added to the Criminal Law. A total of 1.7 million yuan ($249,000) in asse...

Comments  (2)


From the Web

Today’s threat: computer network terrorism

February 08, 2010 from: Saumil's Infosec Blog

“Carry out all my demands or the entire country’s electricity will be cut off.” Is this another line from a suspense film, or is it a palpable threat made possible with a computer keyboard? “Today, there is a growing trend amongst hackers around the world to threaten national infrastructures for ransom,” says Dr. Yaniv Levyatan, an expert in information war at the Uni...

Comments  (1)


From the Web

Hacking the US Government Is Cheap – Costwise

December 21, 2009 from: AEON Security Blog

Anyone who follows information security news is probably wondering this week: “What in the hell is up with security in this country”. At least for those of us living in the United States, this should of been the statement of choice.

Comments  (1)


From the Web

Many More Government Records Compromised in 2009 than Year Ago, Report Claims

December 03, 2009 from: Office of Inadequate Security

If you’re bummed about the data in your department that just got breached, you have some cold comfort. Although the combined number of reported data breaches in the government and the military has dropped in 2009 compared to last year, many more records were compromised in those breaches, according to recent figures compiled by a California nonprofit.

Comments  (0)


From the Web

Government accused of ‘cover up’ over lost farmer tapes

November 06, 2009 from: Office of Inadequate Security

The Department of Environment Food and Rural Affairs (Defra) has been accused of a “cover up” after two back-up tapes went missing containing the banking details of around 100,000 farmers.

Comments  (0)


From the Web

Senate Panel Clears Data Breach Bills

November 05, 2009 from: Office of Inadequate Security

The Senate Judiciary Committee Thursday approved two companion bills that would require businesses and government agencies to notify individuals of security breaches involving sensitive personally identifiable information. Both bills go to the Senate for consideration.

Comments  (0)


From the Web

Whitehouse Drupal and The Open Source Security Model

October 25, 2009 from: Rsnake's blog at ha.ckers.org

Have you heard the news? The Whitehouse has decided to go open source. They have decided to switch from their own proprietary in-house CMS system to Drupal. You heard me right, Drupal. The same Drupal with 12 pages of vulnerabilities at OSVDB since it’s inception. I’m sure this made the Open Source community jump for joy, but I see this as a big mistake if you take it on face value and...

Comments  (0)


From the Web

IT security breaches In Canada more than triples in 2009

September 30, 2009 from: Office of Inadequate Security

IT security breaches cost the average Canadian organization an estimated $834,000 in 2009 – a 97 per cent increase from the $423,000 reported by the study last year. Similarly, the average number of reported IT security breaches also increased 276 per cent to 11.3 per organization in 2009 – compared with an average of three in 2008.

Comments  (0)


From the Web

Auditor: Bullitt lacked proper controls to prevent online theft

September 16, 2009 from: Office of Inadequate Security

Bullitt County [Kentucky] Fiscal Court did not have sufficient online banking controls in place at the time of the June online theft of $415,989, according to a report by the state auditor.

Comments  (0)


From the Web

Website exposes sensitive details on military personnel

September 08, 2009 from: Office of Inadequate Security

Programming errors on a website that helps commuters carpool to work are exposing sensitive information of workers for hundreds of employers in Southern California, including at least one military installation.

Comments  (1)


From the Web

Email Obfuscation and Spam Robots

September 08, 2009 from: Rsnake's blog at ha.ckers.org

I’ve long been interested in spam and robots that scrape for email addresses. I’ve done tons of work in the space, although I’ve never published any of it. Call it more of a side hobby than anything I really want to go public with - as it is with a lot of my research

Comments  (0)


From the Web

Digital Direct reports breach

September 05, 2009 from: Office of Inadequate Security

Chris Cooper of Bloomberg.com reports that Digital Direct, Inc., a unit of Mitsubishi Corp., had a breach of their e-commerce web site that resulted in the compromise of 52,000 customers’ credit card numbers.

Comments  (0)


From the Web

Helping users keep plugins updated

September 04, 2009 from: Mozilla Security Blog

Starting with the upcoming releases of Firefox 3.5.3 and Firefox 3.0.14, Mozilla will warn users if their version of the popular Adobe Flash Player plugin is out of date. Old versions of plugins can cause crashes and other stability problems, and can also be a significant security risk.

Comments  (0)


From the Web

Best of Application Security (Friday, Sep. 4)

September 04, 2009 from: Jeremiah Grossman's Blog

Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order. Regularly released until year end. Then the Best of Application Security 2009 will be selected!

Comments  (0)


From the Web

Announcement Regarding The October 2009 Critical Patch Update

September 03, 2009 from: The Oracle Global Product Security Blog

Because many Oracle customers with responsibility for deploying the Critical Patch Update within their respective organizations will be attending Oracle OpenWorld on October 11-15, 2009; the October 2009 Critical Patch Update originally scheduled to be published on Tuesday, October 13th 2009, will be released on October 20th 2009.

Comments  (0)


« First   < Previous   | 1 - 2 |   Next >   Last »