Saturday, August 31, 2013

German Government Warning Not To Use Windows 8

LEAKED: German Government Warns Key Entities Not To Use Windows 8 – Links The NSA | InvestmentWatch: "The backdoor is called “Trusted Computing,” developed and promoted by the Trusted Computing Group, founded a decade ago by the all-American tech companies AMD, Cisco, Hewlett-Packard, IBM, Intel, Microsoft, and Wave Systems. Its core element is a chip, the Trusted Platform Module (TPM), and an operating system designed for it, such as Windows 8. Trusted Computing Group has developed the specifications of how the chip and operating systems work together."

more news below

Thursday, August 29, 2013

Open Sourcers, Secure Email

Open Sourcers Pitch Secure Email in Dark Age of PRISM | Wired Enterprise | "...“E-mail is going to be with us for a long time,” says Bjarni RĂșnar Einarsson, a software developer and member of the Icelandic Pirate Party. “We need to do what we can to make it more secure.” Einarsson is doing his part with Mailpile, an open source web-based e-mail client that you can run on your own computer or in the cloud. With this creation, he hopes to make it easier for every day users to encrypt their mail — without giving up the sort of search tools they get from a service like Google’s Gmail. The team has already raised over $100,000 dollars on the crowdfunding site Indie GoGo to fund its future development...."

more news below

Saturday, August 24, 2013

BIND Vulnerablilty, DNS Cache Poisoning Attack

BIND Vulnerablilty Enables DNS Cache Poisoning Attack | Threatpost: "A vulnerability in the BIND domain name system (DNS) software could give an attacker the ability to easily and reliably control queried name servers chosen by the most widely deployed DNS software on the Internet, according to new research presented at the Woot Conference in Washington D.C. today. The Internet Systems Consortium has acknowledged the vulnerability."

more news below

Tuesday, August 20, 2013

Secure email service? Not if NSA has its way

Silent Circle sees 'writing on the wall,' shuts down secure email service | The Verge: "Phil Zimmerman’s encrypted communications company Silent Circle is shuttering its Silent Mail email service after another secure email service used by NSA leaker Edward Snowden, called Lavabit, closed down earlier today. Silent Circle wrote that it saw "the writing on the wall" after Lavabit owner Ladar Levison explained he was being forced to "become complicit in crimes against the American people or walk away." Silent Circle’s other services, Silent Phone and Silent Text, are completely end-to-end encrypted; only the users hold the keys needed to decrypt the messages, so even if the company were compelled to produce evidence in court, it wouldn’t have access to its customers’ communications in a usable form. But the protocols used for email — SMTP, POP3, and IMAP — can’t be secured, facing the team with a dilemma: continue providing Silent Mail, which offers similar privacy protections as other secure email services, or ditch the service altogether."

more news below

Saturday, August 17, 2013

NSA secrets kill Trust

Opinion: NSA secrets kill our trust - "Both government agencies and corporations have cloaked themselves in so much secrecy that it's impossible to verify anything they say; revelation after revelation demonstrates that they've been lying to us regularly and tell the truth only when there's no alternative."

more news below

Thursday, August 15, 2013

Anyone could be a NSA Target

Weak or non-existent Congressional oversight, secret "rubber stamp" courts, inept Presidential leadership, all  lead to one conclusion -- an out-of-control electronic spy agency could make anyone a "target"--

What It Means to Be An NSA "Target": New Information Shows Why We Need Immediate FISA Amendments Act Reform | Electronic Frontier Foundation: "An important New York Times investigation from today reporting that the NSA "is searching the contents of vast amounts of Americans’ e-mail and text communications into and out of the country," coupled with leaked documents published by the Guardian, seriously calls into question the accuracy of crucial statements made by government officials about NSA surveillance."

more news below

Tuesday, August 13, 2013

Oil and Gas Cyber Security

SMi's 3rd annual Oil and Gas Cyber Security conference, taking place on 25-26 November in London, will feature an array of global project updates from oil and gas companies including Petroleum Development Oman, Shell and GDF Suez, among others.

IT Business Net
Cyber criminals are increasingly sophisticated, highly organised and constantly inventing ways to bypass traditional defences such as anti-virus and firewalls.
Broadway World
EAST BRUNSWICK, NJ and OAKBROOK TERRACE, IL(Marketwired - Aug 5, 2013) - Tetrus Corporation, a leading provider of information sharing, collaboration ...
FutureGov Magazine
The two agencies aim at the joint development of a strategic plan for national cyber security (2013-2017). The Minister for ICT, Anudith Nakornthap, said, “Cyber ...

Is cyber insurance AAA for data or another back door? - BetaNews
Robert X. Cringely
Data theft is being viewed as a military problem and the term cyber warfare is ... 

more news below

Saturday, August 10, 2013

Asia's Cyber Security Battleground

Asia's Cyber Security Battleground
Diplomatic Courier (blog)
The Obama Administration has had a rough time dealing with cyber security ... Dr. Schneck's opening remarks included details form the recent cyber-attack on ...
Drives & Controls
Rockwell Automation has announced an initiative to help manufacturers to cut risks to their control systems from cyber-security threats. The initiative aims to help ...
TechWeekEurope UK
At a time of successful and continued growth, Thales Cyber Security are recruiting for talented, passionate IT, Network and Security Architects to join their ...

more news below

Thursday, August 8, 2013

Latest cyber security technologies

Latest cyber security technologies to be demonstrated to industry ...Military & Aerospace Electronics
Cyber warfare experts at the U.S. Department of Homeland Security (DHS) in Washington are going to Silicon Valley to demonstrate recently developed cyber ...

Military & Aerospace Electronics

more news below

Tuesday, August 6, 2013

Tango Hacked -- Is Your Site Next?

WordPress is a very popular platform for blog-style websites, and as such it's a prime target for attack. If your site relies on WordPress, you absolutely must keep the platform up to date, as many of the updates patch serious security vulnerabilities. (source infra)

Syrian Electronic Army Hacked Tango Chat App; Is Your Site Next?: " . . . The biggest entry point for hackers, and the hardest to secure, is attack by social engineering. For example, one employee of The Onion was fooled by a phishing message into entering Google Apps credentials on a bogus site. Those credentials gave hackers access to all of The Onion's social media accounts. They also used the hacked account to broadcast a second phishing attack to more of the staff. You need a multi-layered defense against this kind of attack. Create and enforce a policy that all employees must use strong passwords. Educate them on how to spot fraudulent email messages, and what to do with links in emails (don't click them!). Limit your potential losses by giving each employee access to only those accounts and resources needed for the job. And be prepared for the eventuality that despite all your precautions, some schmo will fall for a phishing message and thereby compromise your site. . . ."

more news below

Saturday, August 3, 2013

Google Engineer Wins NSA Award but Says NSA Should Be Abolished

"I don’t want to live in a country with an organization like the NSA is right now."

Tikkun Daily Blog » Blog Archive » Google Engineer Wins NSA Award, Then Says NSA Should Be “Abolished”: "In an interview with Andy Cush at Animal, Bonneau went even farther in his critiques of the NSA: I’d rather have it abolished than persist in its current form. I think there’s a question about whether it’s possible to reform the NSA into something that’s more reasonable…But my feeling based on what I’ve read is that I don’t want to live in a country with an organization like the NSA is right now. When Bonneau learned that he has won the award from the NSA, he considered turning it down. However, he ultimately decided upon accepting as a way to potentially bridge academic gaps with the NSA, as a means of opening up at least one avenue into the organization that has been mostly closed."

more news below

Thursday, August 1, 2013

US Marshals Lose Track of Encrypted Radios Worth Millions

The biggest security risks ALWAYS come from inside--

Marshals Lose Track of Encrypted Radios Worth Millions - "The U.S. Marshals Service has lost track of at least 2,000 encrypted two-way radios and other communication devices valued at millions of dollars, according to internal agency documents, creating what some within the agency view as a security risk for federal judges, endangered witnesses and others. The problem, which stretches back years, was laid out in detail to agency officials at least as early as 2011, when the Marshals were deploying new versions of the radios they use to securely communicate in the field. Agency leaders continued to have difficulty tracking their equipment even after they were warned about the problems by an internal technology office, according to the documents, which were obtained through Freedom of Information Act requests. Some Marshals officials told The Wall Street Journal that besides the wasted money and resources, the inventory problems raise the possibility that criminals could get their hands on radios and listen to them to learn details of security or law-enforcement operations. Such radios are a key communications tool of U.S. Marshals. . . ." (read more at link above)

more news below

Cybersecurity - Google News

Malware - Google News

National Security - Google News

"Security Threats" - Google News

Maritime security - Google News

The State of Security

TSA - Google News

Homeland Security - Google News