|
|
Free Newsletters
|
|
|
|
|
|
IT trainer offers master's degree for hackers In an effort to produce the next generation of chief security officers and IT systems defense experts, an online training company is offering a new master's degree program in security science. Contested U.K. encryption disclosure law takes effect British law enforcement gained new powers on Monday to compel individuals and businesses to decrypt data wanted by authorities for investigations. October 1, 6:15 a.m. PDT How to think like an online con artist Con job, pretexting, social engineering – the art and science of manipulating human beings for nefarious ends – goes back as far as the origin of the species. The techniques have been practiced and perfected by a rogue's gallery of flimflam artists, from legendary carnival operator P. T. Barnum to infamous FBI mole Robert Hanssen.  October 1, 3:00 a.m. PDT Gap contractor blamed for data breach An unnamed contractor is being blamed for a data breach at Gap Inc. that has compromised the data of about 800,000 people who applied for jobs with the U.S. clothing retailer. September 28, 4:06 p.m. PDT IBM surveillance software to scan Chicago streets The City of Chicago is developing a futuristic video surveillance system designed to scan city streets looking for everything from bombs to traffic jams. September 27, 5:28 a.m. PDT Security experts pitch 'culture of data' The companies that are having the most success in advancing their data security efforts today are those that are finding a way to protect sensitive information without getting in the way of business users, industry experts maintain. September 25, 2:53 p.m. PDT Fear of insider threats hits home The more money that companies spend on securing their IT operations from external attack, the more it seems they become aware that the potential threat posed by their own employees remains their most significant risk. September 18, 10:42 a.m. PDT Insiders overtake viruses as biggest security worry Company insiders have overtaken viruses as the most reported security incident, according to the annual report from the respected U.S. Computer Security Institute (CSI). September 14, 9:28 a.m. PDT Keyloggers proposed to fight terrorism in cybercafes An organization in Mumbai, India, has proposed that police use key-logging software at cybercafes to keep track of communications between terrorists. September 12, 6:12 a.m. PDT Verizon taps FBI criminal division chief as CSO The executive in charge of the U.S. Federal Bureau of Investigation's criminal investigations division will take over as chief security officer (CSO) of Verizon Communications early next year. September 12, 5:52 a.m. PDT Cisco says acquisitions don't impede best-of-breed Cisco executives speaking at the ongoing Security Standard Conference claim that the networking giant hasn't sapped innovation in the security companies it has acquired in its efforts to add to its own expanse of IT systems-defense products, while some customers clearly feel otherwise. September 10, 4:38 p.m. PDT New group to help first responders with ID cards A consortium of security vendors is trying to make it easier for emergency personnel to identify themselves at the scene of a disaster. September 7, 3:02 p.m. PDT Forrester security show stresses risk management Enterprise security decision makers have long been more likely to be swayed by flashy new technologies than by the notion of comprehensive IT restructuring to protect data and other corporate assets, but the situation is evolving rapidly, according to experts participating in Forrester Research's ongoing Security Forum. September 5, 11:33 a.m. PDT FBI: Enterprises need counterintelligence The Chinese government has denied involvement in a series of hacks carried out against IT systems at the Pentagon in June this week, but the threat of technology-driven espionage has forced the FBI to push businesses and academic institutions to better prepare for such attacks. September 4, 3:45 p.m. PDT Intel adds desktop NAC to latest chips Intel's move to provide new integration with NAC (network access control) tools in its latest vPro desktop processors could provide interesting opportunities for use with the device authentication systems while further strengthening the technology standards it supports, according to industry watchers. August 27, 8:00 a.m. PDT Cogent: Cable was attacked with saw and gun Guns, saws, and some very dim-witted thieves were all apparently involved in a network blackout that affected Internet users, primarily in the northeastern United States, earlier this week. August 23, 4:44 p.m. PDT Gunplay blamed for Internet slowdown Internet service providers in the U.S. experienced a service slowdown Monday after fiber-optic cables near Cleveland were apparently sabotaged by gunfire. August 20, 6:35 p.m. PDT Nissan turns to high-tech to stop drunk driving As part of its drive to reduce road deaths and injuries, Nissan Motor Co. has installed in a car three prototype high-tech systems designed to stop drunk driving. August 3, 5:28 a.m. PDT Apps security to dominate Black Hat Black Hat kicks off this week in Las Vegas with a big shift in focus from Internet viruses to application security. July 31, 3:00 a.m. PDT Black Hat security presenter turned away at border A German security expert has been turned away at the U.S. border by immigration officials while on his way to present at the Black Hat conference in Las Vegas. July 30, 4:15 a.m. PDT Weird tech: Clearing the fog of war with text messaging Regardless of one's stance on armed conflict, the death of servicemen by friendly fire is a troubling eventuality of war that stirs a very high level of discomfort in all. In the confusion of battle, the risk of being wounded or killed by comrades-in-arms is by no means trivial, and while the Pentagon states that the rate of deaths by friendly fire has diminished in recent conflicts, it still occurs in Afghanistan and Iraq. July 30, 3:00 a.m. PDT P-to-P users expose U.S. government secrets Contractors and U.S. government employees are sharing hundreds of secret documents on peer-to-peer networks, in many cases overriding the default security settings on their P-to-P software to do so, according to a company that monitors the networks. July 27, 8:31 a.m. PDT MySpace hosting 29,000 sex offenders News Corp.'s popular MySpace.com social networking site hosted Web pages for at least 29,000 known sex offenders as of July 2007, North Carolina's Attorney General said Tuesday. July 25, 4:58 a.m. PDT Organized crime infiltrates financial IT In Martin Scorsese's hit movie "The Departed," actor Matt Damon plays the part of a mole -- someone who helps his connected mob friends stay a step ahead of the cops by becoming one of the very law enforcement officials assigned to stop them. July 23, 11:14 a.m. PDT Homeland Security to detail IT attacks Officials from the U.S. Department of Homeland Security will hold a hearing on Capitol Hill on June 20 to discuss the findings of an investigation into the agency's own problems in battling electronic attacks and IT systems intrusions. June 15, 11:26 a.m. PDT Helping retailers wipe ID data issue When data breach investigator Bryan Sartin gets a call to check into an incident involving customer records loss at a retailer, he knows that the situation most likely involves information that has been lifted from a company's point-of-sale systems. June 13, 8:44 a.m. PDT 2007 InfoWorld CTO 25: James Chong Many still believe that physical and IT security are one and the same – and James Chong, CTO and co-founder of VidSys, is happy to correct them. In fact, Chong believes that his major contribution to security and surveillance is in helping educate the industry on the difference. June 5, 3:00 a.m. PDT Deepwater churns around unencrypted data The most sensitive and highly classified data communicated over the nation's internal computer networks remains at risk for exposure, according to key witnesses in the government's investigation into the United States Coast Guard's Deepwater procurement program. May 17, 11:33 a.m. PDT Infrastructure security powers up He may not have known it at the time, but Lonnie Charles Denison helped prove the need for tighter security at many infrastructure businesses when he launched a multifaceted attack against California Independent System Operator, a quasi-governmental agency responsible for management of the state's power grid. May 9, 4:17 a.m. PDT Cryptome afloat despite Deepwater's ripple The Deepwater defense contractor scandal has echoed from the halls of Congress across the World Wide Web, and despite being shut down by its ISP after posting documents considered central to the controversy, online resource Cryptome.org remains alive. May 8, 4:46 a.m. PDT Making sense of Websense's SurfControl buyout Websense's $400 million buyout offer for rival network filtering specialist SurfControl should help position the two companies for short-term growth and possible acquisition in the future, according to market watchers. May 1, 11:27 a.m. PDT Olympics to bring London IT security challenges Britain's IT industry is likely to see business surge as London prepares to spend at least £1 billion ($2 billion) on security when it hosts the 2012 Olympics. April 24, 9:58 a.m. PDT Large enterprises still serving up spam Well-known enterprise companies are still having their IT systems hijacked by spammers despite investing in many different types of technologies aimed at stopping the problem. April 17, 3:04 p.m. PDT McAfee: Cyber-crime will continue to pay The latest research report from McAfee's Avert Labs paints a frightening picture for enterprise IT administrators and end-users, predicting continued maturation of cyber-crime and the technological means being used to carry out external attacks. April 10, 9:00 p.m. PDT Finding security in Windows Mobile monoculture Without a doubt, the most influential factor driving the current state of IT security is the ubiquitous presence of Microsoft's dominant Windows operating system on a vast majority of the world's PCs. April 6, 4:52 p.m. PDT Not always encrypted, but IRS PCs do phone home The U.S. IRS may not be doing a very good job of encrypting data on its laptops, but it does have a way to recover its lost equipment. April 5, 3:37 p.m. PDT IRS still losing laptops A new report filed by federal security auditors finds that that the Internal Revenue Service has had almost 500 laptop computers lost or stolen over the last three years, many of which were loaded with sensitive taxpayer information. April 5, 9:19 a.m. PDT Debate lingers over federal data-handling laws Even as the federal government appears poised to create new consumer data protection laws in 2007, businesses and privacy advocates in the United States remain at odds over the parameters of such legislation and its potential impact. April 3, 6:59 p.m. PDT ShmooCon hacker event gets under way The third annual ShmooCon convention kicked off in Washington, D.C., on March 23 and will run throughout the weekend with a series of lectures and presentations covering a wide range of enterprise security issues. March 23, 2:12 p.m. PST LoJack for laptops I just love some of these security news stories. For example: Police in Bellevue, Washington have been fighting a large car theft crime spree. One of the tools in their arsenal is remote-controlled, life-sized cars, including a regular-looking Honda Civic with a few tricks up its sleeve. (The Honda Civic was the natural choice because it is one of the favorite targets of car thieves.) March 23, 3:00 a.m. PST Real-world IT security challenges: Doing away with passwords Today's column starts an ongoing periodic feature where I'll be covering various real-world scenarios I've come across in my professional consulting life. We're talking about real-world solutions for real-world security problems. March 16, 3:00 a.m. PST Crisis management 101 I recently participated in some war-game-style what-if exercises with a small group of IT execs. The goal was to stimulate thinking about how corporations can best prepare for, and respond to, significant business disruptions, whether from terrorism, weather, biological threats, or other unexpected shocks. March 8, 3:00 a.m. PST Germany puts antiterror data law in place A law allowing security officials in Germany to create the largest and most comprehensive pool of personal data ever amassed in the country goes into effect Thursday as the European Union's largest member state moves to protect itself against possible terrorist attacks. February 28, 7:54 a.m. PST Smokers may be the weak IT security link Where there's smoke, there's a door. A U.K. security company is warning that smokers may impact IT security, leaving open doors that could let in intruders who could abuse a company's network. February 16, 8:53 a.m. PST Taiwan warns firms on tech exports to Iran, North Korea Taiwan issued a warning to local companies not to export electronics components and other items that could be used to make military equipment to Iran or North Korea, promising penalties for failure to comply. February 13, 4:11 a.m. PST Germany to curb commercial satellite data The German government is taking a lead in Europe with draft legislation to control data generated by nongovernmental orbital systems. January 30, 1:35 p.m. PST IT security gets physical The cameras are watching when you drive up to IBM’s Watson Research Lab in Hawthorne, N.Y. They’re also noticing things … things such as the color of vehicle you’re driving and its license plate. When you get out of the car, another camera zooms in on your face, capturing its image and transmitting it (along with snapshots of your car and license plate) to third-party analytics systems, which then compare those bits against a database of lab employees and authorized visitors. January 29, 3:00 a.m. PST Short-term security fixes Although Hollywood-style converged security — with biometric identification tied in to physical and logical access — is still years away, there’s no shortage of actual applications of converged security that solve real enterprise problems and are possible (and affordable) using today’s technology. Here are a few: January 29, 3:00 a.m. PST Microsoft helps fight online child abuse in India Microsoft is working with the International Centre for Missing & Exploited Children (ICMEC) and the international police force Interpol to help fight online child abuse in India. January 19, 5:17 a.m. PST Two charged with hacking LA traffic lights Two men have been charged with illegal computer access after they allegedly hacked in to the Los Angeles city traffic center to turn off traffic lights at four intersections last August. January 10, 12:28 p.m. PST UK's MI5 to send terrorism alerts via e-mail The U.K. Security Service, responsible for the country's counterterrorism efforts, plans to send out e-mail alerts to citizens warning them of changes to the "national threat level," a measure of the risk of terrorist attacks. It will announce the start date and details of the sign-up process soon, it said Tuesday. January 9, 6:54 a.m. PST IBM watchdog system scans digital video Early next year, IBM will start selling advanced video surveillance software that can sift through thousands of hours of digital video in a matter of seconds. November 7, 4:31 a.m. PST FBI sends in troopers, Microsoft clips coupons Chris Soghoian must be feeling much more secure now that the FBI has shut down his Web site and confiscated his computers. Last week the Indiana University grad student created a site that allowed users to generate fake Northwest Airlines boarding passes. His point: to demonstrate how mind-numbingly easy it is to circumvent airport security. Rather than fix the system, the Feds sent G-men to his door. (I hear they also confiscated a bottle of hair gel and two tubes of toothpaste.) As DHS honcho Michael Chertoff says, the Internet is the new terrorism training ground. The good news? After our government invades and takes over all our IP addresses, they’ll be greeted as liberators. November 3, 3:00 a.m. PST National personality, national identity Every seven years since 1964, the filmmaker Michael Apted has released another installment of "The Up Series." These films document the lives of a diverse group of Britons from the ages of 7 to, most recently, 49. One of the patterns that emerges is a dramatic illustration of the Jesuit motto that inspired the series: “Give me a child until he is 7 and I will give you the man.” You can clearly see how these kids’ very different personalities were fully formed at age seven. September 27, 3:00 a.m. PDT Advocacy groups organize to stop surveillance bills A group of civil liberties and other advocacy groups are urging supporters to contact the U.S. Congress as it moves ahead to approve an electronic surveillance program run through the U.S. National Security Agency (NSA). September 6, 9:20 a.m. PDT Police utilize Segways for transport Police officers at the University of Maryland in College Park nowadays glide across the often-crowded campus, eight inches off the ground. Since April, police officers and student auxiliary members of the university's Department of Public Safety have used Segway Human Transporters to patrol the campus, which has 32,000 full-time students during the school year. August 15, 1:25 p.m. PDT In case of emergency, activate business continuity plan Gemstar-TV Guide International hired Ed Sullivan to direct Business Continuity Services in 2003, soon after an audit found that TV Guide’s infrastructure was essentially unrecoverable in the event of a sustained crisis. There was a time when Sullivan’s first stop for addressing the issue would have been IT and the datacenter. But times have changed -- Sullivan first conducted several weeks of meetings with senior executives and various business unit executives to talk about the company’s business processes. “The fact that I work for the CIO is almost irrelevant,” Sullivan says. “I’m there to provide recovery for the business units.” August 4, 3:00 a.m. PDT HP's Memory Spot presents security risk Hewlett-Packard's tiny Memory Spot chip is designed to put digital information on documents and photos. However, the chip's size and wireless capability can also be used by corporate thieves to copy and steal valuable data. July 19, 4:25 a.m. PDT Robots patrol World Cup soccer stadium Robots are having a heyday in Germany. While one group has just completed a World Cup championship in Bremen, Germany, another is diligently patrolling Berlin's Olympic Stadium, one of 12 venues hosting the World Cup soccer tournament currently under way in the country. June 20, 6:59 a.m. PDT Hack Tales: Network auditing on a shoestring What do you do when the auditors are breathing down your neck, wanting to see an exhaustive report on the Windows network security of a 2,000-user network across eight sites? That’s easy. Break out a text editor and start writing some Perl. May 29, 3:00 a.m. PDT When someone is stealing your hardware Just call me Philip Marlowe. May 23, 3:00 a.m. PDT MIT simulation suggests avian flu outbreak can shred supply chain At first, the reports from your supplier in China seem innocent enough: an assembly line worker has become very ill and is hospitalized with flu-like symptoms. Before you know it, workers are dying, the government has quarantined your factory and its contents, your supply chain is in ruins, and reporters are camped out at your company headquarters with a fleet of satellite news trucks. April 14, 2:00 p.m. PDT Top six steps toward disaster-recovery I recently got to write a fun piece for InfoWorld called "Stupid user tricks" about protecting your network from human error. Researching the article revealed to me how many variables folks tend to miss when running a network, as well as when planning to protect and recover that network. (By the way, if you were one of the folks who submitted anecdotes for this article, check out the SMB IT blog to see whether you’re on the list for a free InfoWorld backpack.) April 13, 3:00 a.m. PDT UK business continuity drill calls for communication U.K. financial institutions need to think ahead and communicate more when faced with a crisis such as a terrorist attack that could dramatically affect their operations, according to a report issued by top financial authorities. April 12, 9:49 a.m. PDT > Security |
|
|
||||||||||||||||||
