Shows & Panels
- AFCEA Answers
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Connected Government
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Cyber Imperative
- Cyber Solutions for 2013 and Beyond
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Mission-critical Apps in the Cloud
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- The Real Deal on Digital Government
- The Reality of Continuous Monitoring... Is Your Agency Secure?
- Veterans in Private Sector: Making the Transition
Shows & Panels
Search Tags: UMUC
The chief scientist with Berlin's Security Research Labs, revealed recently that he led a research team at the German firm that figured out a way to remotely gain control of and also clone some mobile SIM cards. Karsten Nohl, a well-known security expert said mobile carriers have quickly protected customers from that security bug that he revealed 10 days ago and that he estimated had put more than 500 million phones at risk of cyber-attacks.
On August 6, 2013 - 10:24 AM, a critical day a what was called the biggest Al Qaida threat since 9/11 was unfolding, the US Secret Service tweeted "Contact your nearest field office with time-sensitive or critical info or to report a tweet." While some question the solicitation, there is merit, as the very next day Wikileaks posted a tweet warning former NSA Director Mike Hayden that if NSA leaker Edward Snowden is extradited Cyber terrorist would destroy Hayden.
Researchers at mobile security firm Lookout discovered a security flaw in Google Glass which allowed them to capture data without the user's knowledge, when the user merely took a photo that captured a malicious QR code. Lookout was able to force Google Glass to silently connect to a Wi-Fi access point, which let the researchers view all of the data flowing to and from the device. When combined with an Android 4.0.4 web vulnerability, the hack apparently gave researchers full control of the Glass headset.
Two London men have each been sentenced to two months in jail following contempt of court convictions for misusing the Internet while serving on a jury. One of them posted a Facebook message while the other used Google to search for extra information about the victims of a fraud case and later shared the information with other jurors. A 2010 UK survey by the Guardian found that about 12 percent of jurors involved in high-profile cases had supplemented courtroom evidence with Web searches.
Both the White House and Congress have asserted that protecting the nation's resources from cyber-attacks is a top priority. Techworld is reporting enacting legislation designed to enhance security for critical infrastructure components such as water, power, telecom and transport facilities that is acceptable to both political parties has been a struggle. The problem political differences. But Cyber industry leaders have started to work on a voluntary standards and best practices platform to provide some level of security.
Cyber-attacks on banks are growing more frequent. Wall Street has just conducted a cyber-defense exercise called "Quantum Dawn 2,". During the drill, bank employees were stationed at their normal offices, and were emailed throughout the day with bits of information that could indicate an encroaching hacker attack. They monitored a simulated stock exchange for irregular trading and were pressed to figure out what was going on and how to react while sharing information with regulators and each other.
Ever hear of the Multi-State Information Security and Analysis Center? It's a division of the Center for Internet Security. Their focus is cyber threat prevention, protection, response and recovery for state, local territory and tribal governments. Their objectives iclude providing two-way sharing of information and early warnings on cyber security threats, dissemination of information on cyber security incidents, to promote awareness and coordinate training.
Will exploit developers become potential targets of state-sponsored assassinations in the future -like the nuclear scientists in recent times? There's been some discussion in the "Tech" community regarding the legitimacy of using lethal force against civilian hackers. As a result some are wondering what the future might hold for exploit developers and other members of the cyber supply chain who are facilitating state-funded, offensive cyber operations.
We hear a lot about zero-day attacks and system vulnerabilities, but most hackers look for easier enterprises like the application used to access the Web. That's the one most online attackers will target. Why? Because most attackers and online exploit kit designers realize that the common browser is usually an endpoint's weakest link. Not only are enterprises generally slow to keep up with browser patching, they're downright sluggish at updating plug-ins and extensions.
Earlier this year information security firm Mandiant identified a previously unknown group hackers thought to be in China. "People referred to China or Chinese hackers, but there was plenty of wiggle room there to assume it could be a collection of guys working in someone's basement without a tie to the government," Richard Behtlich chief security officer for Mandiant. The group the identified is called Unit 61398. Bejtlich says, "we showed pretty conclusively that at least this one group is part of the PLA" AKA The Chinese People's Liberation Army.