Hackin9

InfoSec News

IBM has been slapped with a multimillion dollar lawsuit by chemical products manufacturer Avantor Performance Materials, which alleges that IBM lied about the suitability of a SAP-based software package it sells in order to win Avantor's business.
 
The number and value of technology mergers and acquisitions is flattening out, mainly as a result of economic uncertainty, according to a PricewaterhouseCoopers report.
 
Google confirmed a dropoff in Web traffic to its sites in China today, echoing an online report that the company's services are being blocked there.
 
Zero-day exploit Zero-day exploit was added to a custom version of the Black Hole attack toolkit, according to a Russian-based security firm Group IB.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
RETIRED: MantisBT SOAP API CVE-2012-2691 Security Bypass Vulnerability
 
MantisBT SOAP API Security Bypass Vulnerability
 
Nothing beats the feeling of starting up a new computer amp- be it a laptop, desktop or a major, custom-designed computing system. A new system is a blank slate with no worry of botnets, viruses or any other cybersecurity ...
 
The Commerce Department has published a Notice of Inquiry (NOI) on 'Cybersecurity, Innovation, and Internet Policy.' The department seeks comments from all stakeholders, including the commercial, academic and civil society sectors, on ...
 
A comprehensive review of the nexus between cybersecurity challenges in the commercial sector and innovation in the Internet economy that is being conducted by The Department of Commerces Internet Policy Task Force is the subject of the ...
 
The National Institute of Standards and Technology (NIST) has issued draft recommendations for securely configuring and using full virtualization technologies, which, by means of software, duplicate a computers operating system and its ...
 
On July 15, 2010, two Department of Commerce Agenciesamp-the National Institute of Standards and Technology (NIST) and the National Telecommunications and Information Administration (NTIA)amp-announced the completion of a major ...
 
A computer security invention patented* a decade ago at the National Institute of Standards and Technology (NIST) is now poised to help safeguard patient privacy in hospitals.Photo courtesy GWImagesShutterstockThe inventionamp-an ...
 
After a public comment period, the National Institute of Standards and Technology (NIST) has published an updated set of guidelines for developing security assessment plans and associated security control assessment procedures that are ...
 
As part of its initiative to ensure that the Internet continues to spawn growth and innovation, the Department of Commerce will hold a symposium on 'Cybersecurity and Innovation in the Information Economy' on July 27, 2010, at the Ronald ...
 
Cybersecurity training is spreading from high-tech and government offices into high schools, libraries and workplaces near you. Called the National Initiative for Cybersecurity Education (NICE) and coordinated bythe National Institute of ...
 
Edith Marden, National Bureau of Standards (now the National Institute of Standards and Technology) computer programmer, operates the Standards Electronic Automatic Computer (SEAC) during the 1950s.Credit: NISTView hi-resolution imagetab
 
 
The National Institute of Standards and Technology (NIST) has been designated by Federal Chief Information Officer Vivek Kundra to accelerate the federal governmentamp's secure adoption of cloud computing by leading efforts to develop ...
 
The National Institute of Standards and Technology (NIST) has issued the final version of its Guide to Industrial Control Systems (ICS) Security (SP 800-82),* intended to help pipeline operators, power producers, manufacturers, air ...
 
Most industry executives, military planners, research managers or venture capitalists charged with assessing the potential of an RampampD project probably are familiar with the wry twist on Arthur C. Clarkes third law*: 'Any sufficiently ...
 
The Department of Commerces Internet Policy Task Force is requesting comments on a report that proposes voluntary codes of conduct to strengthen the cybersecurity of companies that increasingly rely on the Internet to do business, but ...
 
A new White House policy document released today* highlights strategic roles that the National Institute of Standards and Technology (NIST) plays in accelerating the modernization of the nations electric infrastructure, bolstering ...
 
Robotic automation, microrobotics and robotic perception and recognition all advanced a few steps closer to their future applications in manufacturing, health care and other areas during the week of May 9-13, 2011.A photomicrograph ...
 
The National Institute of Standards and Technology (NIST) is hosting a workshop on usability of electronic health records (EHR) on June 7, 2011, at NISTs campus in Gaithersburg, Md. 'A Community-Building Workshop: Measuring, Evaluating ...
 
The cloud computing research team at the National Institute of Standards and Technology (NIST) is requesting public comments on a draft of its most complete guide to cloud computing to date.NIST Cloud Computing Synopsis and ...
 
A new publication from the National Institute of Standards and Technology (NIST) provides guidelines to secure the earliest stages of the computer boot process. Commonly known as the Basic InputOutput System (BIOS), this fundamental ...
 
On April 15, the Obama Administration formally launched its National Strategy for Trusted Identities in Cyberspace (NSTIC), a plan to work with the private sector to develop a private market for secure identity credentials for the ...
 
The governing board of the Smart Grid Interoperability Panel (SGIP) has voted in favor of a new standard and a set of guidelines important for making the long-planned amp"smartamp" electricity grid a reality. The two documents address ...
 
Ron Ross, a National Institute of Standards and Technology (NIST) Fellow, has been named to InformationWeek Governmentamp's CIO 50, which identifies 2010amp's top information technology decision-makers in government. Ross is project lead ...
 
Itamp's increasingly difficult to keep up with all the vulnerabilities present in todayamp's highly complex operating systems and applications. Attackers constantly search for and exploit these vulnerabilities to commit identity fraud, ...
 
The National Institute of Standards and Technology (NIST) is co-hosting a conference to explore the current health information technology security landscape and the Health Insurance Portability and Accountability Act (HIPAA) Security ...
 
The National Institute of Standards and Technology (NIST) will host the Cloud Computing Forum and Workshop III on April 7-8, 2011, at its Gaithersburg, Md., campus. Featured speakers include U.S. Chief Information Officer Vivek Kundra, ...
 
The National Institute of Standards and Technologyamp's (NIST) Donna Dodson has received the 2011 Federal 100 Award. Presented by Federal Computer Week, the award honors the top professionals in the federal information technology ...
 
Before you can build that improved turbojet engine, before you can create that longer-lasting battery, you have to ensure all the newfangled materials in it will behave the way you wantamp-even under conditions as harsh as the upper ...
 
Computer scientists at the National Institute of Standards and Technology (NIST) are requesting comments from interested parties on their biennial update of the catalog of security controls for the federal government. The security ...
 
The National Institute of Standards and Technology (NIST) has published the final version of a special publication that can help organizations to more effectively integrate information security risk planning into their mission-critical ...
 
What NIST-led innovation is estimated to have saved U.S. industry $6.1 billion over the past 20 years? Well, probably several, but, perhaps surprisingly, a new economics study* points to the development of 'role-based access control,' a ...
 
If you found this article through a search engine, you can thank an automated text retrieval system. For 20 years, the Text REtrieval Conference (TREC) sponsored by the National Institute of Standards and Technology (NIST) has been one ...
 
Information technology experts, insurers, policy makers and representatives of healthcare organizations will convene on April 5-6, 2011, in Bethesda, Md., to survey current approaches to preserving electronic health records (EHRs) and ...
 
The National Institute of Standards and Technology (NIST) and the Federal Information Systems Security Educators Association (FISSEA) are co-hosting FISSEAamp's 24th annual conference March 15-17, 2011, at NISTamp's Gaithersburg, Md. ...
 
The National Institute of Standards and Technology (NIST) has issued two new draft documents on cloud computing for public comment, including the first set of guidelines for managing security and privacy issues in cloud computing. The ...
 
The National Institute of Standards and Technology (NIST) has issued the final version of its recommendations for securely configuring and using full computing virtualization technologies. The security recommendations are contained ...
 
The Information Technology Laboratory of the National Institute of Standards and Technology (NIST) is pleased to announce that Jeremy Grant is joining the NIST team as a senior executive advisor. Mr. Grant has been selected to manage the ...
 
At a January 7, 2011 forum with Silicon Valley business and academic leaders at Stanford University, U.S. Commerce Secretary Gary Locke and White House Cybersecurity Coordinator Howard Schmidt announced plans to create a National Program ...
 
At a forum with Silicon Valley business and academic leaders at Stanford University, U.S. Commerce Secretary Gary Locke and White House Cybersecurity Coordinator Howard A. Schmidt today announced plans to create a National Program Office ...
 
Palo Alto, Calif. amp- As part of a meeting today with local industry and academic leaders in Silicon Valley, at Stanford University, U.S. Commerce Secretary Gary Locke and White House Cybersecurity Coordinator Howard A. Schmidt will ...
 
On Dec. 9, 2010, the National Institute of Standards and Technology (NIST) announced the selection of five finalists in its ongoing competition to select a new cryptographic hash algorithm standard, one of the fundamental security tools ...
 
As the day draws nearer for the world to run out of the unique addresses that allow us to use the Internetamp-now predicted to happen by the end of 2012amp-researchers at the National Institute of Standards and Technology (NIST) have ...
 
Two new draft publications from the National Institute of Standards and Technology (NIST) provide the groundwork for a three-tiered risk-management approach that encompasses computer security risk planning from the highest levels of ...
 
Two new publications from the National Institute of Standards and Technology (NIST) are intended to help developers of software and computer systems for doctors offices, clinics, and hospitals improve the ease of use of electronic health ...
 
The National Institute of Standards and Technology (NIST) has joined in a new public-private partnership to spur cybersecurity innovation in the financial services sector. Through a memorandum of understanding signed on Dec. 6, 2010, ...
 
This simulation depicts flow in a rheometer, as its rotating vanes blade begins to stir a suspension of particles. Colors represent the quadrant where the particles are initially positioned. Such simulations can be used to link ...
 
Researchers at the National Institute of Standards and Technology (NIST) have released an updated version of a computer system testing tool that can cut costs by more efficiently finding flaws. A tutorial on using the tool accompanies ...
 
A new publication from the National Institute of Standards and Technology (NIST) provides technical guidance to government agencies and other organizations interested in mitigating risks with WiMAX (Worldwide Interoperability for ...
 
The National Institute of Standards and Technology (NIST) and the National Telecommunications and Information Administration (NTIA) are seeking partners in the telecommunications industry to help create a demonstration broadband ...
 
On November 4 and 5, 2010, the National Institute of Standards and Technology (NIST) will host the Cloud Computing Forum and Workshop II to give government and industry stakeholders opportunity to comment on the next steps in developing ...
 
 
The Sixth Annual IT Security Automation Conference, co-hosted by the National Institute of Standards and Technology (NIST), focuses on applying and integrating emerging cyber security automation technologies and software assurance into a ...
 
In efforts to help the nations health care industry make the transition to the digital age in an effective and meaningful fashion, the National Institute of Standards and Technology (NIST) has published a set of approved procedures for ...
 
Three new draft reports published by the National Institute of Standards and Technology (NIST) are designed to help both public and private organizations improve the security of their information management systems by developing ...
 
The National Institute of Standards and Technology (NIST) has finalized its first set of guidelines for managing security and privacy issues in cloud computing.*Guidelines on Security and Privacy in Public Cloud Computing (NIST Special ...
 
The International Biometric Performance Conference 2012, to be held March 5-9 at the National Institute of Standards and Technology (NIST), will bring together evaluators, users and technology providers to discuss recent advances in the ...
 
The National Strategy for a Trusted Identities in Cyberspace (NSTIC) National Program Office will host the 2012 NISTNSTIC IDtrust Workshop amp"Technologies and Standards Enabling the Identity Ecosystemamp" on March 13 and 14, 2012, in ...
 
The National Institute of Standards and Technology (NIST) needs American innovators and entrepreneurs to help solve technological problems and develop NIST technologies into marketable products. The NIST Small Business Innovation ...
 
The National Institute of Standards and Technology (NIST) is conducting the 21st annual Text Retrieval Conference (TREC), the premier experimental effort in the field, to encourage research in information retrieval and related ...
 
A new draft computer security publication from the National Institute of Standards and Technology (NIST) provides guidance for vendors and security professionals as they work to protect personal computers as they start up.The first ...
 
A newly revised publication from the National Institute of Standards and Technology (NIST) expands the options for government agencies that need to verify the identity of users of their Web-based services. Electronic Authentication ...
 
The National Institute of Standards and Technology (NIST) published a revised biometric standard in November, 2011, that vastly expands the type and amount of information that forensic scientists can share across their international ...
 
Computer scientists at the National Institute of Standards and Technology (NIST) have dramatically enlarged a database designed to improve applications that help programmers find weaknesses in software. This database, the SAMATE ...
 
A new tool, developed by the National Institute of Standards and Technology (NIST) and offered for free, can help public and private organizations, large and small, to understand and implement the requirements of the Health Insurance ...
 
Charles H. Romine, new director of the NIST Information Technology Laboratory.Credit: NISTView hi-resolution imageCharles (Chuck) H. Romine became director of the Information Technol
 
The National Initiative on Cybersecurity Education (NICE) has published for public comment a draft document that classifies the typical duties and skill requirements of cybersecurity workers. The document is meant to define professional ...
 
The National Institute of Standards and Technology (NIST) has released for public comment a draft 'roadmap' that is designed to foster federal agencies adoption of cloud computing, support the private sector, improve the information ...
 
The National Institute of Standards and Technology (NIST) has agreed to work with the Department of Education and a new organization, the National Cybersecurity Education Council (NCEC), to develop a strategic public-private partnership ...
 
The U.S. Commerce Departments National Institute of Standards and Technology (NIST) has released for public comment a draft 'roadmap' that is designed to foster federal agencies adoption of cloud computing, support the private sector, ...
 
If quantum computers are ever to be realized, they likely will be made of different types of parts that will need to share information with one another, just like the memory and logic circuits in todays computers do. However, prospects ...
 
The National Institute of Standards and Technology (NIST) has issued for public review and comment two draft guides to securing wireless communication networks. NIST is requesting comments on the two publicationsamp-one on Bluetooth ...
 
After years in the works and 15 drafts, the National Institute of Standards and Technologys (NIST) working definition of cloud computing, the 16th and final definition has been published as The NIST Definition of Cloud Computing (NIST ...
 
Government Computer News magazine has honored the Digital Library of Mathematical Functions (DLMF), which the National Institute of Standards and Technology (NIST) released last year, with one of its 10 annual awards for information ...
 
A new computer security publication* from the National Institute of Standards and Technology (NIST) will help organizations understand their security posture against threats and vulnerabilities and determine how effectively their ...
 
The National Institute of Standards and Technology (NIST) will unveil the public draft of its U.S. Government Cloud Computing Technology Roadmap at the Cloud Computing Forum ampamp Workshop IV that it will host Nov. 2-4, in Gaithersburg, ...
 
The National Institute of Standards and Technology (NIST) awarded today a $1 million cooperative agreement to the University of Maryland at College Park (UMD). Researchers at UMDamp's Institute for Systems Research will help NIST as it ...
 
Washington, D.C.amp-The U.S. departments of Commerce and Homeland Security (DHS) today discussed with other federal agencies and private-sector leaders in the information technology industry the need to create a voluntary industry code ...
 
Maryland Governor Martin OMalley addressed several hundred educators, IT experts, and others at the National Institute of Standards and Technology (NIST) yesterday as part of a workshop hosted by the National Initiative for Cybersecurity ...
 
Risk assessment is the topic of the newest special publication from the National Institute of Standards and Technology (NIST). Guide for Conducting Risk Assessments (NIST Special Publication 800-30, Revision 1), an extensive update to ...
 
The National Institute of Standards and Technology (NIST) has published two new documents on cloud computing: the first edition of a cloud computing standards roadmap and a cloud computing reference architecture and taxonomy. Together, ...
 
Bringing order and security to the patchwork quilt of computing environments in a large organization can be a daunting task. Software tools and technical specifications that allow security information to be shared between information ...
 
The Seventh Annual IT Security Automation Conference, co-hosted by the National Institute of Standards and Technology (NIST), will focus on the breadth and depth of principles and technologies designed to support computer security ...
 
The National Institute of Standards and Technology (NIST) will host a workshop on cryptography for new technologies from Nov. 7-8, 2011, at the agencyamp's Gaithersburg, Md., campus.As the Internet evolves, it is becoming possible for ...
 
The National Institute of Standards and Technology (NIST) today* issued for public comment a draft strategic plan for the National Initiative for Cybersecurity Education (NICE) program. The plan, 'Building a Digital Nation,' outlines ...
 
With increasing dependency on information systems and advances in cloud computing, the smart grid and mobile computing, maintaining the confidentiality and integrity of citizens personally identifiable information is a growing challenge. ...
 
Researchers at the National Institute of Standards and Technology (NIST) have released for public comment updated specifications for the Security Content Automation Protocol (SCAP), which helps organizations find and manage ...
 
The National Institute of Standards and Technology (NIST) has published draft guidelines that outline the baseline security technologies mobile devices should include to protect the information they handle. Smart phones, tablets and ...
 
A new software test suite developed at the National Institute of Standards and Technology (NIST) allows local and federal agencies and other users of the NISTs revised biometric standard to gain higher confidence that the correct ...
 
The National Institute of Standards and Technology (NIST) has published for public comment a revised draft of its guidance for managing computer patches to improve overall system security for large organizations. The previous version, ...
 
The National Institute of Standards and Technology (NIST) today announced the winner of its five-year competition to select a new cryptographic hash algorithm, one of the fundamental tools of modern information security.Credit: K. ...
 
The National Institute of Standards and Technology (NIST) is offering a strong finale to National Cybersecurity Awareness month with its the third annual National Initiative for Cybersecurity Education (NICE) Workshop, Oct. 30 through ...
 
The U.S. Department of Commerceamp's National Institute of Standards and Technology (NIST) today announced more than $9 million in grant awards to support the National Strategy for Trusted Identities in Cyberspace (NSTIC). Five U.S. ...
 
ampnbspOnline registration is now open for [email protected] 2012, a three-day symposium on cutting-edge forensic science research being performed at NIST. The symposium will run from Wednesday, November 28 - Friday, November 30, 2012, at ...
 
The National Institute of Standards and Technology (NIST) has released a final version of its risk assessment guidelines that can provide senior leaders and executives with the information they need to understand and make decisions about ...
 
The National Institute of Standards and Technology (NIST) will host a workshop at its Gaithersburg, Md., headquarters October 15 and16, 2012, to discuss ways NIST can focus its work to help federal departments and agencies manage the ...
 
The National Institute of Standards and Technology (NIST) is requesting comments on new draft guidelines for securing BIOS systems for server computers. BIOSamp-Basic Inputoutput Systemamp-is the first major software that runs when a ...
 
The National Institute of Standards and Technology (NIST) will co-sponsor the 2012 Biometric Consortium Conference (BCC 2012), September 18-21, 2012, at the Tampa Convention Center in Tampa, Fla. The annual conference, produced in ...
 
Tests performed at the National Institute of Standards and Technology (NIST) show that a new method for splitting photon beams could overcome a fundamental physical hurdle in transmitting electronic data. These results* could lead to ...
 
The National Institute of Standards and Technology (NIST) has published the final version of its guide for managing computer security incidents. Based on best practices from government, academic and business organizations, this updated ...
 
The Identity Ecosystem Steering Group Kickoff Meeting to support the National Strategy for Trusted Identities in Cyberspace (NSTIC) will be held Aug. 15 and 16, 2012, in Chicago, Ill.In April 2011, President Obama signed the strategy, ...
 
Detecting and stopping malicious attacks on computer networks is a central focus of computer security these days. The National Institute of Standards and Technology (NIST) is asking for comments on two updated guides on malicious ...
 
A new guide from the National Institute of Standards and Technology (NIST) describes a 'scoring system' that computer security managers can use to assess the severity of security risks arising from software features that, while ...
 
Next-generation 'smart' electrical meters for residential and commercial buildings will have computerized operating systems just as laptops or mobile devices do. On July 10, 2012, the National Institute of Standards and Technology (NIST) ...
 
The National Institute of Standards and Technology (NIST) has released the second-round draft version of its updated security standard for identity credentials in the Personal Identity Verification cards (PIV cards) that all federal ...
 
The National Institute of Standards and Technology (NIST) has released a guide to help improve the design of electronic health records for pediatric patients so that the design focus is on the usersamp-the doctors, nurses and other ...
 
The National Institute of Standards and Technology (NIST) has released a proposed update to its guidelines for securing mobile devicesamp-such as smart phones and tabletsamp-that are used by the federal government. NIST is asking for ...
 
A powerful color-based imaging technique is making the jump from remote sensing to the operating roomamp-and a team of scientists* at the National Institute of Standards and Technology (NIST) have taken steps to ensure it performs as ...
 
The National Institute of Standards and Technology (NIST) has issued the final version of the Guide to Bluetooth Security (NIST Special Publication 800-121 Rev. 1). The publication is a revision of the original guide, which was released ...
 
The National Institute of Standards and Technology (NIST) is hosting a workshop on the use of 'big data'amp-a term referring to massive amounts of stored and streaming digital informationamp-at its Gaithersburg, Md., campuss Green ...
 
For a clear view of cloud computing, the National Institute of Standards and Technology (NIST) has issued a new publication that explains cloud systems in plain language.The final version of Cloud Computing Synopsis and Recommendations ...
 
The National Cybersecurity Center of Excellence (NCCoE) will host a kickoff workshop on Tuesday, June 26, 2012. The workshopamp's goal is to introduce the center, which will bring together experts from industry, government and academia ...
 
Botnet activity is on the rise around the globe, and to help understand this problem the National Institute of Standards and Technology (NIST) is hosting a free, day-long workshop May 30, 2012, at its Gaithersburg, Md., campus. Technical ...
 
On Tuesday, May 22, 2012, the National Institute of Standards and Technology (NIST) and the Office of the National Coordinator for Health IT (ONC) will host amp"Creating Usable Electronic Health Records: A User-Centered Design Best ...
 
The National Institute of Standards and Technology (NIST) has extended until May 25, 2012, the comment period for the second draft of a publication intended to help federal departments and agencies better manage supply chain risks for ...
 
Researchers at the National Institute of Standards and Technology (NIST) have developed and published a new protocol for communicating with biometric sensors over wired and wireless networksamp-using some of the same technologies that ...
 
The National Institute of Standards and Technology (NIST) is hosting Cloud Computing Forum ampamp Workshop V on June 5-7, 2012, at the Department of Commerceamp's Herbert C. Hoover Building in Washington, D.C.Cloud computing is a model ...
 
 
Identifying people by acquiring pictures of their eyes is becoming easier, according to a new report* from the National Institute of Standards and Technology (NIST). NIST researchers evaluated the performance of iris recognition software ...
 
The National Institute of Standards and Technology (NIST) is co-hosting the fifth annual Safeguarding Health Information: Building Assurance through HIPAA Security conference on June 6 and 7, 2012, at the Ronald Reagan Building and ...
 
The National Institute of Standards and Technology (NIST) has announced proposed changes to a standard that specifies how to implement digital signatures, which can be used to ensure the integrity of electronic documents, such as wills ...
 
Securing computers against unlawful and malicious attacks is always important, but itamp's especially vital when the computers in question control major physical systemsamp-manufacturing plants, transportation systems, power grids. ...
 
Washington, D.C. -- Responding to President Obamas call for an 'all-of-the-above' strategy to help consumers reduce their energy costs, the Administration announced on March 22 that nine major utilities and electricity suppliers will ...
 
An important aspect of any product is how easily someone can use it for its intended purpose, also known as usability. Electronic health records (EHR) that are usable have the potential to improve patient care, which is why the National ...
 
On March 9, the National Institute of Standards and Technology (NIST) announced that it is soliciting proposals to establish a steering group in support of the National Strategy for Trusted Identities in Cyberspace (NSTIC) and to provide ...
 
 
The National Institute of Standards and Technology (NIST) has released in final form a guide to enhanced security for wireless local area networks (WLAN). A WLAN is a group of wireless networking devices within a limited geographic area, ...
 
 
An updated roadmap for the Smart Grid is now available from the National Institute of Standards and Technology (NIST), which recently finished reviewing and incorporating public comments into the NIST Framework and Roadmap for Smart Grid ...
 
A major revision of a Federal Information Security Management Act (FISMA) publication released today by the National Institute of Standards and Technology (NIST) adds guidance for combating new information security threats and ...
 
The National Institute of Standards and Technology (NIST) has published for public comment a draft update to a guide for organizations managing their responses to computer security incidents such as hacking attacks. The authors cast a ...
 
State of Maryland and Montgomery County Join PartnershipThe National Institute of Standards and Technology (NIST) today announced a new partnership to establish the National Cybersecurity Center of Excellence, a public-private ...
 
The National Institute of Standards and Technology (NIST) released its recommendations for a new, privately led steering group to tackle the complex policy and technical issues necessary to create an online environment where individuals ...
 
The National Institute of Standards and Technology (NIST) will host the 25th annual conference of the Federal Information Systems Security Educatoramp's Association (FISSEA) March 27-29, 2012, at its Gaithersburg, Md., ...
 
Video recordings of the Nov. 2-4, 2011 Cloud Computing Forum ampamp Workshop IV hosted by the National Institute of Standards and Technology (NIST) are now available for on-line viewing.The three-day November meeting featured, among ...
 
Proposersamp' Conference Set for Feb. 15WASHINGTON - The National Institute of Standards and Technology (NIST) today announced a competition to award a total of approximately $10 million for pilot projects to accelerate progress toward ...
 
Xen PV Domain Builder Kernel Decompression Local Denial Of Service Vulnerability
 
Google confirmed a dropoff in Web traffic to its sites in China today, echoing an online report that the company's services are being blocked there.
 
The Nexus 10 tablet brings the pure Google Android experience into a large-screen form. Here's an in-depth look at where it shines -- and where it falls short.
 
In a survey, physicians revealed they're excited about the iPad Mini because the smaller device fits into their lab coats, yet retains a familiar interface.
 
In a survey, physicians revealed they're excited about the iPad Mini because the smaller-size device fits into their lab coats, yet retains a familiar interface.
 
Cray on Friday agreed to acquire server maker Appro International for US$25 million in cash as it looks to strengthen its high-performance computing product portfolio.
 
IBM has been slapped with a multimillion dollar lawsuit by chemical products manufacturer Avantor Performance Materials, which alleges that IBM lied about the suitability of a SAP-based software package it sells in order to win Avantor's business.
 
With build-to-order options, the new Mac mini makes a giant leap in performance.
 
Cray on Friday agreed to acquire server maker Appro International for $25 million in cash as it looks to strengthen its high-performance computing product portfolio.
 
Sophos Antivirus Multiple Security Vulnerabilities
 
In this edition: a look at hacking an Android banking app, new malware that steals your photos, talks from Hack.LU, a rather young script kiddie and finding bugs in the iOS kernel


 
This November marks the ninth year for which we will be announcing the Gibbs Golden Turkey Awards ...
 
On its November Patch Tuesday, Microsoft plans to focus on closing critical Windows holes – including some in the ARM edition. Adobe has announced that it will synchronise future Flash updates with Microsoft's Patch Tuesday schedule


 
IBM became 'Big Blue' because it leased hardware and provided free software, but its collapse divorced the two. The growth of the cloud has caused another marriage, one that brings together software and services. Vendors such as Amazon, Google and especially Microsoft understand this, CIO.com columnist Rob Enderle says, and they are bound to leave those trying to sell a 'cloud solution' in their dust.
 
[ MDVSA-2012:171 ] icedtea-web
 
Cisco Security Advisory: Cisco Ironport Appliances Sophos Anti-virus Vulnerabilities
 
Preparing quick service pizza chain Domino's (ASX:DMP) for a digital future is top priority for Group CIO, Wayne McMahon.
 
Google's Cloud SQL database has gained more storage, faster reads and writes, and now offers users the choice of running their instances in data centers based in either the U.S. or Europe.
 
 

Unified threat management
Crain's Cleveland Business (blog)
Early in the days of Infosec, the way things worked was that if you needed a firewall, you purchased one; if you needed antivirus, you bought that; if you needed IDS, anti-spam, and so on, you bought each piece separately, from one vendor or several ...

 
Ransomware is a growth industry that puts at least $5 million a year into criminals' coffers, according to Symantec.
 
Cisco Systems has warned customers about critical vulnerabilities in the Sophos antivirus engine included in its Cisco IronPort email and Web security appliances.
 
Researchers have found a serious vulnerability in the game "Call of Duty: Modern Warfare 3," and another in the CryEngine 3 graphics platform on which many games run.
 
Computer security conferences tend to be male-dominated affairs. It's not that women aren't present, but just not anywhere near their normal proportional representation in society.
 
The U.S. on Thursday said it ordered sanctions against Iran's Minister of Communication and Information Technology, Reza Taghipour, and other entities and persons responsible for engaging in censorship in their country.
 
A man from Michigan was arraigned in a U.S. federal court on Thursday on charges of mail fraud and selling counterfeit software worth over US$1.2 million that he purchased from China and Singapore, the U.S Department of Justice said Thursday.
 
A court in California said Thursday that it would consider Samsung Electronics' concern that the foreman of the jury deciding a patent infringement lawsuit between Apple and Samsung had concealed information.
 
A blunder made by the operators of the micro-blogging service caused confusion for many Twitter users when they were advised that their accounts may have been compromised


 
The traffic anonymisation tool TOR can leave confidential data like passwords in the system memory due to usage of a function that is not always used by all compilers


 
Debian 'openvswitch-pki' Package Multiple Insecure File Permissions Vulnerabilities
 
Mcrypt Stack Buffer Overflow Vulnerability
 

Posted by InfoSec News on Nov 09

http://www.cbsnews.com/8301-205_162-57547502/sec-left-stocks-data-vulnerable-to-hackers-report/

CBS News
November 9, 2012

WASHINGTON -- Securities and Exchange Commission staffers left
highly-sensitive information from stock exchanges open to hacking and
cyber-attacks because they didn't adequately protect the security of
some computers and other electronic devices, according to Reuters,
citing people familiar with what happened.

The...
 

Posted by InfoSec News on Nov 09

http://www.theregister.co.uk/2012/11/08/google_compare_identity_theft/

By John Lettice
The Register
8th November 2012

Exclusive -- A security flaw accessible via Google's UK motor insurance
aggregator Google Compare has potentially exposed vast numbers of
drivers to identity theft.

The vulnerability, the existence of which has been verified by The
Register, made it possible for comprehensive personal details -
including names,...
 

Posted by InfoSec News on Nov 09

http://www.federalnewsradio.com/241/3110944/On-cyber-defense-US-stuck-at-the-starting-line

By Jared Serbu
Federal News Radio
11/8/2012

The head of the National Security Agency said the U.S. has the technical
capability to secure its networks from cyber threats, but until Congress
takes action on cybersecurity legislation, security improvements are
stopped in their tracks.

Gen. Keith Alexander, the director of NSA and the commander of U.S....
 

Posted by InfoSec News on Nov 09

http://www.japantimes.co.jp/text/nb20121109n2.html

Bloomberg
Nov. 9, 2012

Tim Schaaff, head of Sony Corp.'s online entertainment service that was
hacked into last year, is resigning his post, the electronics maker
announced Thursday.

The 52-year-old president of Sony Network Entertainment will leave the
position effective Dec. 31, the company said in a statement. Andrew
House, president of Sony's game unit, has been tapped to...
 

Posted by InfoSec News on Nov 09

http://www.wired.com/threatlevel/2012/11/bug-bounties/

By Kim Zetter
Threat Level
Wired.com
11.08.12

The night before the end of Google’s Pwnium contest at the CanSecWest
security conference this year in Vancouver, a tall teen dressed in khaki
shorts, tube socks and sneakers was hunkered down on a hallway bench at
the Sheraton hotel hacking away at his laptop.

With a $60,000 cash prize on the line, the teen, who goes by the hacker
handle...
 

Iran says its infosec defences foiled oil hack
OODA Loop
“Iran is claiming to have successfully deflected yet another large scale cyber attack on critical infrastructure in the country, this time targeted at its offshore oil installations. A brief report on the Iranian Students' News Agency site on Monday ...

 
Internet Storm Center Infocon Status