We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
The federal agency in charge of protecting other agencies from computer intruders was found riddled with hundreds of high-risk security holes on its own systems, according to the results of an audit released Wednesday.
A scan of IT systems at US-CERT, the Homeland Security Department
The US has released a 537-page guide on how to protect the country's electrical power grid from cyber attack. The guidelines on security requirements and a risk assessment framework were published by the US National Institute of Standards and Technology (NIST).
A senior Pentagon official will outline the anatomy of a 2008 attack on its military's Central Command system, which he admits was triggered by a booby-trapped thumb drive.
Wikileaks, the online whistleblower is growing ever more daring. Three days after signing a deal with Piratpartiet, the Swedish pirate-friendly political party, it's put up a password-protected, encrypted file on its site that anyone can download--or host.
Two senior U.S. lawmakers say they're "troubled" by the collection of personal data at many websites, and they want details on how much data 15 popular sites collect and what the sites do with the data.
The FBI announced that as part of a two-year, cross-border investigation into the Mariposa botnet, authorities in Slovenia last week arrested a Slovenian citizen and charged him with being the botnet's creator. The suspect, a 23-year old known as "Iserdo," has not been named. He is currently free on bail.
Re "A whistle-blower with global resonance," and "WikiLeaks wasn't wrong," Editorial, July 27 WikiLeaks founder Julian Assange, an Australian hacker, may end up being one of the best things to ever happen to our American democracy.
Baidu, China's leading Internet search company, has a "plausible" case against its U.S.-based domain registry for allegedly allowing a hacking attack that left the site disabled and defaced, a U.S. judge ruled Thursday.
FBI agents have raided the homes of three alleged members of a hacker gang that harassed a security expert who helped put the group
Heartland Payment Systems, the victim last year of a massive data breach of sensitive card data, vowed after that devastating event to develop new security gear based on end-to-end encryption between itself and its merchants to prevent such a breach from occurring again. That's now taking shape, but slowly.
Twitter has been ordered to set up and maintain a comprehensive information security programme and allow a third-party review of that programme every two years for 10 years.
A French court this week convicted a man accused of hacking into the Twitter accounts of President Barack Obama and other celebrities, as well as obtaining private Twitter business documents that were eventually published on TechCrunch.
Imagine getting hundreds or thousands of calls on your home, business, or cell phone, tying up the lines. And when you answer, you hear anything from dead air to recorded messages, advertisements, or even phone sex menus.
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cyber Security Division (NCSD) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.
Wikileaks vs. the U.S. Military continues. You
In 2008, the Office of Management and Budget directed federal agencies to improve their domain name server (DNS) security by implementing DNS security extensions (DNSSEC), but 15 months later, many are still struggling to get there. The good news is that since OMB's December 2009 deadline passed, agencies are starting to catch up, taking advantage of both products and services coming on the market to make it easier to apply DNSSEC.
Denver officials have asked the FBI, Denver police and Microsoft Corp. to help them identify the person or people who have hacked into the city's website twice in the past week.
In a legal settlement over its 2008 security breach, Heartland Payment Systems has agreed to pay up to $41.4 million to MasterCard Worldwide and its card issuers to repay operational costs and fraud losses attributed to the breach.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
