• Web sites secretly track users without relying on cookies

    Device fingerprinting, also known as browser fingerprinting, is the practice of collecting properties of PCs, smartphones, and tablets to identify and track users. For the vast majority of browsers, the combination of these properties is unique, and thus functions as a “fingerprint” that can be used to track users without relying on cookies. Researchers have discovered that 145 of the Internet’s 10,000 top Web sites use device fingerprinting to track users without their knowledge or consent.

  • Popular e-commerce software vulnerable to hackers

    Online transactions rely on a trusted third party, or “cashier,” who bridges the gap between vendors and their customers. The use of a third party cashier, however, also complicates the payment logic and introduces a new class of vulnerabilities that can result in significant financial losses to merchants. Computer scientists found flaws in e-commerce software that allowed them to purchase stationery, candy, and toys online at below their correct cost.

  • Avira unveils free mobile security app for Apple iPhone, iPad, iPod

    Tettnang, Germany-based security firm Avira yesterday unveiled Avira Mobile Security app for Apple iPhone, iPad, and iPod. The company said that in addition to scanning for malicious processes that may be corrupting your iOS device, Avira Mobile Security integrates a free 5GB cloud storage account to let users free up space to take more pictures or videos, or to access and share media while on the go.

  • NSA tried to crack Tor anonymity tool

    In its efforts to gather more intelligence, and overcome obstacles to this effort, the National Security Agency (NSA) has repeatedly tried to develop attacks against people using Tor, a software tool designed to protect online anonymity – and which is primarily funded and promoted by the U.S. government itself to help political activists, whistleblowers, militaries, and law enforcement. The NSA’s determined effort to crack Tor raises questions about whether the agency, deliberately or inadvertently, acted against Internet users in the United States when attacking Tor. One of the main functions of Tor is to hide the country of all of its users, meaning any attack could be hitting members of Tor’s large U.S. user base.

  • view counter
  • Serious IT consequences if shutdown lasts

    The shutdown of the federal government, if it lasts no more than a week or so, will not seriously damage government IT operations, experts and industry insiders say. A longer shutdown, which would lead to extended furloughs for non-essential employees, will have more serious effects, as it will further depress the federal technology workforce and will deter top graduates from applying for government jobs. If Congress refuses to allow payment to furloughed employees for the time they were idled, the effect will be even more pernicious, these experts said.

  • National Cyber Security Awareness Month starts 1 October

    With just one week until the kickoff of National Cyber Security Awareness Month, and the National Cyber Security Alliance (NCSA) encourages everyone to get involved this October. The month’s theme is “Our Shared Responsibility,” which calls on everyone who uses the Internet to take steps to make it safer for all. This process begins with taking three simple steps before going online — STOP. THINKCONNECT.

  • view counter
  • Evaluating the IT security posture of business partners

    Evaluating the IT security of businesses is increasingly becoming a necessity when forming new business relationships. A start-up has launched a rating service, similar to a credit rating, to measure the security posture of a company based on a number of factors.

  • Rapidly evolving cybersecurity field too diverse for overly broad professionalization

    The U.S. cybersecurity work force is too broad and diverse to be treated as a single occupation or profession, and decisions about whether and how to professionalize the field will vary according to role and context, says a new report. Defined as the social process by which an occupation evolves into a profession, such as law or medicine, professionalization might involve prolonged training and formal education, knowledge and performance testing, or other activities that establish quality standards for the workforce.

  • The side of Homeland Security you won't see on TV

    By Louise Lerner

    The way the Department of Homeland Security is often portrayed in popular culture — surveillance and secret agents — leaves out a crucial aspect of its role. It also works on technology to detect attacks as they are happening, and helps federal and local governments prepare for all kinds of disasters, from hurricanes to accidental chemical spills to anthrax attacks. Argonne Laboratory engineers contribute to this effort, helping local and state governments form emergency plans, run drills for a pandemic flu outbreak in the city of Chicago, and analyzed ways to enhance security at plants and factories across the country.

  • October is National Cybersecurity Awareness Month

    This October marks the tenth National Cyber Security Awareness Month (NCSAM), an effort to educate millions of people each year about the importance of online safety and security. During the month, leaders from the public and private sectors will come together to advance its universal theme that protecting the Internet is “Our Shared Responsibility.”

  • Beer-Sheva Cyber Security Park inaugurated by Prime Minister Benjamin Netanyahu

    The development of the Negev took a step forward earlier this month with the inauguration of Beer-Sheva’s Advanced Technologies Park (ATP) in which Ben-Gurion University of the Negev (BGU) is the academic research partner. Israel prime minister Benjamin Netanyahu presided over the ribbon-cutting ceremony on 3 September.

  • Cyberweapons likely to be an integral part of any U.S.-Syria clash

    A U.S.-led military attack on Syria may have been averted, at least for a while, by the Russian proposal to negotiate the transfer of Syria’s chemical weapons stocks to international control, but had the United States gone ahead with a strike, there is little doubt that cyberattacks would have been used by both sides. If the United States decides to attack Syria in the future, we should expect cyberweapons to be used.

  • Security vs. privacy

    By Raj Goel

    Those who ask you to choose security or privacy and those who vote on security or privacy are making false choices. That’s like asking air or water? You need both to live. Maslow placed safety (of which security is a subset) as second only to food, water, sex, and sleep. As humans we crave safety. As individuals and societies, before we answer the question “security or privacy,” we first have to ask “security from whom or what?” and “privacy from whom and for whom?”

  • Norwich University receives $10 million for cybersecurity research

    Norwich University in Vermont has secured another round of funding for cybersecurity research. $9.9 million in federal funds will go toward a project aiming to ensure that private and public sector groups can better plan for cyberattacks. The university’s Applied Research Institute (NUARI) will direct the money for its Distributed Environment for Critical Infrastructure Decision-making Exercises (DECIDE) program.

  • U.S. “black budget” reveals unwieldy bureaucracy, misplaced priorities: expert

    Classified budget figures and successes and failures by American intelligence agencies, exposed for the first time this week by the Washington Post, show a massive bureaucracy with misplaced priorities, according to a cybersecurity and privacy expert. “The major failure identified in all of the post-9/11 assessments was a ‘failure to connect the dots,’” the expert said. “Nevertheless, the vast majority of the black budget is being spent on data acquisition — collecting more dots — rather than analysis.”