RSS Alerts

Related Stories

  • FISMA inches closer to reform
    Legislation has been introduced into the US Senate that would reform existing cybersecurity regulations, just as federal CISOs condemned existing rules as out of touch with current security concerns.
  • McAfee Calls for More Legal Measures on Cybercrime
    ISPs, banks and software vendors must be legally persuaded to take a more prominent role in fighting cybercrime, warns a report from McAfee released Tuesday 9 December. The firm's Virtual Criminology Report calls for more law enforcement training and more liability for software vendors, along with legal incentives for ISPs as the 'front line' for anti-cybercrime measures.
  • US lawmakers upset at breach news delay
    US lawmakers are asking why a stolen laptop, which had medical test results for 2,500 patients in a National Institute of Health study, was not encrypted.
  • Information security goes green
    Green IT has gone mainstream. The last year has seen corporations such as Citigroup establishing their environmental credentials by opening green data centers. But how do the separate disciplines of green IT and information security come together? Robin Arnfield reports
  • Weekly Brief - June 8 2009
    Information security: Privacy, enforcement, attacks, and defenses

News

Weekly Brief - June 1 2009

01 June 2009

Information security: Tools, Techniques, Law, Attacks and Defenses

Tools

The L0pht collective has issued its long-awaited upgrade to the L0phtcrack password cracking and auditing tool. It is available in three versions ranging from $295 to $1195.

Sourcefire has announced a new release candidate for Snort, the IPS/IDS technology that underpins many intrusion prevention products. Version 2.8.5 includes the ability to set policies according to VLAN functions. Expect a virtual console based on VMware's ESX Server in the future.

Techniques

Researchers have figured out how to embed traffic in TCP-layer traffic by exploiting a weakness in the protocol.

Microsoft has published a guide for administrators to help them understand what should be excluded from an anti-virus scanner

Law

The Obama administration is digging in its heels by refusing to reveal state secrets that would be instrumental in a lawsuit to decide whether George W Bush acted legally in wiretapping US citizens.

NIST wants the US Government to amend the 1974 Privacy Act to be more appropriate for today's privacy threats, according to a letter sent by the Institute's Information Security and Privacy Advisory Board.

The Massachusetts Supreme Court quashed a search warrant that law enforcers had used to seize the computing equipment of Boston College student Riccardo Calixte. Police had claimed that Calixte was a hacker, but the Electronic Frontier Foundation, acting on behalf of Calixte, said that there was no probable cause.

The State of Oregon passed legislation rejecting the federal Government's Real ID program.

Attacks

A malicious Javascript attack that mimics the Gumblar attack but is unrelated has spread to around 30 000 websites, say experts.

Anti-US hackers operating in Turkey have penetrated US army websites.

Health insurer Aetna is offering credit protection to 65 000 people after social security numbers of employees and successful job applicants were copied from its web site.

Defenses

Finland is founding a cyberwarfare unit.

The Jericho Forum and the Cloud Security Alliance have joined forces to promote best practices for secure cloud computing.

 

This article is featured in:
Data Loss Internet and Network Security Malware and Hardware Security Public Sector

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water