We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
A landmark study on Department of Justice network crime prosecutions reveals most attacks used stolen IDs and passwords, resulting in far greater damages to affected organizations than previously thought: up to $10 million per occurrence and on average more than $1.5 million per occurrence.
Technologies for pinpointing risky passengers drew renewed attention from Homeland Security Department officials following the recent terrorist airliner bombing plot. But wrangling over privacy policy remained a pivotal factor in evaluation of the data-mining technology.
Peter Clarke, head of Scotland Yard's anti-terrorist branch, told the BBC that the surveillance involved in foiling the plot to blow up trans-Atlantic planes had been "unprecedented". Officials haven't said if it involved data mining, but experts say that data mining can be a valuable tool in the war on terror if it is applied properly. The question is: Is it?
A new open-source software toolkit is available Tuesday to improve remote online scientific collaboration via grid computing. The Access Grid Toolkit from the U.S. Department of Energy's Argonne National Laboratory enables development of programs to share video, audio, data and text for real-time collaboration between people at different locations around the world.
The Chinese government has fined a company 5,000 yuan renminbi (
You may be more accurate than you think. The Regulation of Investigatory Powers Act, to give it its full name, gives the police and the security services the right to intercept our communications data. Scary stuff indeed. But wasn't there a big scandal about this a while ago? That's right. RIPA, as it's affectionately known by some, was passed in October 2000, in the face of widespread opposition that nearly brought the bill down.
he Transportation Security Administration (TSA) needs to address security and privacy concerns before rolling out its Secure Flight program, according to the Government Accountability Office (GAO)
Despite improvements, the Homeland Security Department continues to display significant information security weaknesses that jeopardize the integrity and privacy of department IT programs, according to a new report released by DHS Inspector General Richard Skinner.
The U.S. Senate Friday ratified an international treaty designed to ease investigation of cybercrime, but U.S. civil liberties groups say that signing the pact is a big mistake. The Council of Europe's Convention on Cybercrime, which began circulating in 2001, has been adopted by 41 other countries, including most of Europe as well as Canada and Japan. It is designed to harmonize laws on computer crime, which differ from country to country. Countries that sign the treaty agree to establish some common laws against criminal behavior online, such as attacks on computer networks, terrorist tactics, and exploitation of children. The language of the treaty is very broad and doesn't require the U.S. to write any new cybercrime laws.
The Web site offered to sell stolen credit card information for US$100, but it was the title of the poster that caught FBI agent Thomas X Grasso Jr.'s attention. The cybercriminal identified himself as a "Capo di capo" -- a boss of bosses, in Mafia parlance. As money has become the driving force behind online threats, cyber criminals have been taking a page from organized crime, adopting the same kind of organizational structures as these older crime groups, Grasso told an audience Friday at the Defcon hacker conference. Defcon immediately follows Black Hat, its sister show.
A lawsuit has grown out of alleged breaches in security procedures around electronic voting machines in San Diego County after a hotly contested congressional election, throwing a spotlight on the reliability of the machines themselves.
The FBI's point man for Internet crime wants hackers to join the fight against international gangs of Web mobsters. Dan Larkin, unit chief of the FBI's Internet Crime Complaint Center, used the spotlight of the Black Hat security conference here to call for a new level of trust and cooperation between security researchers and law enforcement, warning that online crime is being controlled by "very sophisticated, very organized" attackers.
The House of Lords Science and Technology Committee is to investigate personal internet security. They are calling on members of the public with direct experience to get in touch.
The net neutrality debate is divided into two camps: Fighting against net neutrality are the telecom companies and cable providers, who provide Internet access to consumers. Opposing them are content providers like Google, Amazon, and non-profits like MoveOn.org and the National Religious Broadcasters. But what are they fighting about?
Sun Microsystems, Pulver.com and a coalition of civil liberties groups have filed an appeal against a US court ruling that would force technology companies to put
Note: This article originally appeared in the New York Times If credit card companies can reassign new numbers, so should the government
Analyst firm Gartner has dismissed a tightening of security rules for US government agencies as a mere "public relations response" to recent high-profile incidents.
The White House's Office of Management and Budget instructed U.S. federal agencies to alert the US-CERT within one hour to any breach involving personally identifiable information, even if the possibility of a breach is only suspected. The memo (PDF), dated last week, is the fourth letter regarding information-security policy sent to government agencies in the past two months. Another memo (PDF), dated Monday, required that government agencies report any computer systems missing from their inventory and outline the results of an investigation into handling of personally identifiable information within their agency. An earlier memo mandated that agencies use encryption to protect sensitive data on laptops.
The lack of an automated refund fraud detection system that would have allowed the U.S. Internal Revenue System to screen 2006 tax returns could cost the agency between $200 million and $300 million, the IRS told the U.S. Senate Finance Committee last week.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
