Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 515
Alerts This Week
Warning Icon 1 515

Stay Ahead With Linux Security News

Filter%20icon Refine news
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security news

We found 2 articles for you...
210

Cisco Systems: Security Flaws in Video Surveillance Settlement

Cisco Systems has agreed to pay $8.6 million to settle a lawsuit that accused the company of knowingly selling video surveillance system containing severe security vulnerabilities to the U.S. federal and state government agencies. . It's believed to be the first payout on a 'False Claims Act' case over failure to meet cybersecurity standards. The lawsuit began eight years ago, in the year 2011, when Cisco subcontractor turned whistleblower, James Glenn, accused Cisco of continue selling a video surveillance technology to federal agencies even after knowing that the software was vulnerable to multiple security flaws. The link for this article located at The Hacker News is no longer available. . Cisco is negotiating a settlement concerning allegations that it sold defective video surveillance systems to governmental bodies, despite being aware of their shortcomings.. Cisco Systems, Video Surveillance, Cybersecurity Standards, Security Flaws, Lawsuit Settlement. . Brittany Day

Calendar%202 Aug 01, 2019 User Avatar Brittany Day Security Vulnerabilities
82

U.S. Companies Under Scrutiny for Data Privacy Standards

U.S. businesses for years have urged the government to let them set computer-security standards of their own, but their inability to do so could now prompt Congress to step in, experts say. Those who worry that regulation may stifle innovation say the business community may have already missed an opportunity to prove the government's help is not needed. . "The market is in a much better position to respond to this challenge...but corporate America has not provided evidence across the board that they've taken this issue seriously enough to protect consumers," said Bob Dix, a lobbyist for Citadel Security Software, who until last year handled cybersecurity for a congressional subcommittee. The private sector is under scrutiny after a string of incidents at data brokers, retailers and other businesses exposed at least half a million U.S. citizens to identity theft. The business community for years has argued that any government regulations would quickly become outdated in a rapidly changing field, and a 2003 Bush administration plan called on the private sector to set its own standards. Working with the the Homeland Security Department, an industry-led task force issued a set of guidelines in April 2004 that called for company chief executives to take direct responsibility for their computer systems. One year later, only two companies have adopted the guidelines: Entrust and RSA Security, whose chief executives co-chaired the task force. The link for this article located at ZDNet News is no longer available. . Legislators are ready to implement rules regarding digital privacy as American companies encounter pressure due to the absence of voluntary guidelines.. Data Privacy Laws,Cybersecurity Standards,Corporate Responsibility. . Brittany Day

Calendar%202 May 02, 2005 User Avatar Brittany Day Government
82

NRC Cybersecurity Standards Update for Nuclear Safety Systems

Federal regulators are proposing to add computer security standards to their criteria for installing new computerized safety systems in nuclear power plants. The US Nuclear Regulatory Commission (NRC) quietly launched a public comment period late last month on a proposed 15-page update to its regulatory guide "Criteria for Use of Computers in Safety Systems of Nuclear Power Plants." The current version, written in 1996, is three pages long and makes no mention of security. . The replacement would expand existing safety and reliability requirements for digital safety system, and infuse security requirements into every stage of a system's lifecycle, from drawing board to retirement. The link for this article located at TheRegister.co.uk is no longer available. . The proposed update aims to enhance cybersecurity standards for nuclear safety systems, updating regulations for modern needs.. Nuclear Safety,Cybersecurity Standards,NRC Protocols,Digital Safety Systems. . Benjamin D. Thomas

Calendar%202 Jan 26, 2005 User Avatar Benjamin D. Thomas Government
76

Cyber Security Industry Alliance Seeks Unified Voice for IT Security

The new Cyber Security Industry Alliance could benefit from greater cross-industry cooperation, says Giga Group security analyst Michael Rasmussen. "Otherwise this could be one more voice in the wilderness." . . .. The new Cyber Security Industry Alliance could benefit from greater cross-industry cooperation, says Giga Group security analyst Michael Rasmussen. "Otherwise this could be one more voice in the wilderness." Seeking strength in numbers, leading security companies have joined forces to create the Cyber Security Industry Alliance (CSIA), whose stated mission is to push for policy initiatives, public-sector partnerships, educational programs and industry technology standards. Executive director Paul Kurtz, former Homeland Security Council member and senior director for National Security of the Office of Cyberspace Security, told NewsFactor that the primary objective is to bring I.T. security experts together so that they can speak with one voice. . The Digital Safety Consortium aims to improve inter-industry collaboration to promote stronger protection protocols.. Cyber Security Industry, IT Security, Industry Standards. . Anthony Pell

Calendar%202 Feb 26, 2004 User Avatar Anthony Pell Organizations/Events
82

Cyber Security Industry Alliance Forms To Lobby On Standards

Eleven of the nation's top computer security companies are forming a new organization to lobby on cyber-security issues in Washington, breaking ranks with the broader technology industry in hopes that a more cooperative approach to protecting the nation's critical information infrastructure will avert heavy-handed regulation by Congress and the White House. Leaders of the Cyber Security Industry Alliance (CSIA) stress that they remain wary of any government effort to regulate security practices. They are, however, willing to concede that some requirements, perhaps developed under existing federal laws, could improve computer security practices without foisting onerous mandates on businesses. . . .. Eleven of the nation's top computer security companies are forming a new organization to lobby on cyber-security issues in Washington, breaking ranks with the broader technology industry in hopes that a more cooperative approach to protecting the nation's critical information infrastructure will avert heavy-handed regulation by Congress and the White House. Leaders of the Cyber Security Industry Alliance (CSIA) stress that they remain wary of any government effort to regulate security practices. They are, however, willing to concede that some requirements, perhaps developed under existing federal laws, could improve computer security practices without foisting onerous mandates on businesses. That concession marks a departure from the technology industry's traditional anti-regulatory philosophy and signals an attempt by the computer security community to speed up efforts to implement a White House-sponsored plan to secure the nation's electronic communications networks. "Rather than saying to Congress, 'This is not an issue, stay out,' we as an industry need to figure out how to solve these problems in a proactive way before someone gets fed up and says it's time to legislate," said Sanjay Kumar, the chief executive of Islandia, N.Y.-based Computer Associates and a leading figure in the new organization. One of thefirst tasks on the alliance's agenda is to develop common standards for reporting and sharing information on the latest Internet security threats. A presidential commission report submitted to the White House earlier this month found that the anti-virus software vendors often create public confusion by giving different names and threat levels to the same computer viruses and worms. Richard Clarke, the former White House adviser who led the drafting of the White House's National Strategy to Secure Cyberspace, said the spate of worms and viruses that plagued the Internet in 2003 put added pressure on the security industry to take action. "Last year was the worst in history in terms of the damage from cyber-attacks," Clarke said. "I think we're getting to the point where Congress wants something to happen, the people and American corporations that buy information technology want something to happen, and so having the technology security industry organized to be part of that debate makes a lot of sense." The link for this article located at WashingtonPost is no longer available. . Eleven of the nation's top computer security companies are forming a new organization to lobby on cy. eleven, nation's, computer, security, companies, forming, organization, lobby. . Anthony Pell

Calendar%202 Feb 26, 2004 User Avatar Anthony Pell Government
82

Department Of Energy Mandates Enhanced Oracle Database Security

The department of energy has done something unusual for a federal agency. It has become an example of excellent cyber-security practice. It has done this by pressuring Oracle to elevate security in its 9i database product--in the process, taking software out . . . . The department of energy has done something unusual for a federal agency. It has become an example of excellent cyber-security practice. It has done this by pressuring Oracle to elevate security in its 9i database product--in the process, taking software out of the shadows of "as is" licenses and putting it in the spotlight of a government procurement action. DOE's action could begin a process that improves the security of the technologies available to the public and private sectors alike. To win this open-ended deal, Oracle promised to deliver its database in a secure configuration and took responsibility for the security of the software going forward. Future patches must be delivered quickly and cannot create new problems or vulnerabilities if Oracle wants to continue getting paid. It's the kind of vendor commitment that every enterprise merits but that only the $59 billion IT buying power of the federal government can effect right now. The link for this article located at eWeek is no longer available. . The energy sector establishes a benchmark by insisting on advanced safety measures from Microsoft for fortified cloud infrastructure.. Database Protection, Cybersecurity Standards, Government Procurement, Vendor Accountability. . Anthony Pell

Calendar%202 Oct 07, 2003 User Avatar Anthony Pell Government
82

Exploring Government-Mandated Network Security Standards for Internet Firms

Do you think there should be network security standards set by the government? According to MSNBC "insurance companies and the security industry are considering quasi-government regulation to try to compel Internet firms to take basic security steps." This was . . . . Do you think there should be network security standards set by the government? According to MSNBC "insurance companies and the security industry are considering quasi-government regulation to try to compel Internet firms to take basic security steps." This was probably complled by the fact that there are "125,000 networks with the same flaw that allowed the attacks" that occured six months ago on major US websites. The link for this article located at ZDNet is no longer available. . With rising digital threats, a debate emerges on mandatory cybersecurity rules for online companies, balancing user protection and industry innovation.. Network Security Standards, Internet Safety, Cyber Attack Prevention, Government Regulation. . Anthony Pell

Calendar%202 Aug 12, 2000 User Avatar Anthony Pell Government
News Add Esm H340

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200