• Lebanon: alleged Israeli spy had access to "most significant segment" of cell phone network

    Lebanon arrested a high-level employee of one of the two Lebanese mobile phone networks, saying he has been working for Israeli intelligence since 1996; the authorities say he may have planted monitoring devices allowing the Israelis to tap directly into the Alfa network, one of the two major cell phone companies operating in Lebanon

  • Chase: IE6 "more secure" than Chrome, Opera

    Banking giant Chase said it found the old IE6 to be more secure — and popular — than either Google’s Chrome or Opera; the bank’s online banking services will, therefore, continue to support aging the IE 6 but drop support for Chrome and Opera; also making the cut are Mozilla’s Firefox 2.0 and higher and version 3.0 and higher of Apple’s Safari on the Mac — but not the PC

  • Obama emphasizes identity management

    The Obama administration is planning to promote identity management throughout the government; Howard Schmidt: “The ability to interact with the government in a very secure manner, where privacy and civil liberties are protected and you can only do that with some of the things you look at from an identity management perspective”

  • U.S. government to direct more to cybersecurity

    The three themes undergirding the Obama administration’s multi-billion dollar cybersecurity strategy: first, “tailored trustworthy spaces,” which means creating different security levels for different government and non-government Internet activities; second, “moving targets,” in which the search is for security systems that change constantly to increase uncertainty for hackers; third, “economic incentives,” which involves seeking to find ways to motivate users to adopt cybersecurity defenses

  • Lawmakers to combine cybersecurity bills

    Reforming the Federal Information Security Management Act (FISMA) and defining the role of the White House and other agencies are common themes in the many cybersecurity bills now circulating on the Hill

  • Smart Grid cybersecurity market to reach $3.7 billion by 2015

    Spending on security for the smart grid will represent approximately 15 percent of total smart grid capital investment between now and 2015; cumulative investment in the security sector will reach $21 billion between 2010 and 2015, with annual revenue reaching $3.7 billion by 2015; among other incentives, one key condition for smart grid funding awarded last year under the federal stimulus program was that the awardees incorporate strong security into their smart grid initiatives

  • Industry concerned about DHS standards on cybersecurity

    Private cybersecurity companies worry that too-stringent cybersecurity laws and regulations could have a detrimental impact on private sector innovation; “The government needs to be very careful about imposing too much of a top-down standards process,” said McAfee vice president of government relations Tom Gann; “We need to bring products to market very quickly. They need to make sure we can get latest technology”

  • Microsoft offers developers cloud security tips

    New paper provides best practices for writing applications for Windows Azure; one Microsoft security official: “it is important that people building software or hosting services in ‘The Cloud’ understand that they must also build software with security in mind from the start”

  • World Cup security uses quantum encryption to thwart hackers

    Scientists in South Africa are helping the organizers of the World Cup by tapping the laws of physics to prevent hackers from monitoring videos, e-mails, and phone calls relayed between Durban’s Moses Mabhida Stadium and a nearby operations center for police, firefighters, and military personnel

  • "Zero knowledge" keeps secrets you put on the net safe

    Intrigued by topics that touch on mathematics, computer science, physics and neuroscience, Professor Shafrira Goldwasser has made far-reaching contributions to keeping your data safe on-line; the solution she discovered used randomized methods of encoding, which came to underlie all future protocols for secure Internet transactions and data privacy

  • Web services could work with sensitive data -- without decrypting the data

    A cryptographic method could allow cloud services to work with sensitive data without ever decrypting it; a novel technique could see future Web services work with sensitive data without ever being able to read it; several implementations of a mathematical proof unveiled last year will allow cryptographers to start making the proposal more practical.

  • Bill would give the president emergency power to critical networks under attack

    New bill would give the president emergency powers to protect critical private networks under attack; the president could order a patch or tell a cyber network to stop receiving incoming data from a particular country when critical infrastructure in the private sector such as the electrical grid or financial grid is threatened or attacked; the bill’s sponsors insisted it does not allow the government to take control of any private cyber-network

  • U.K. government slashes police's cybercrime budget by 30 percent

    When on the opposition benches, Tory MP James Brokenshire (Old Bexley & Sidcup) said: “if you don’t prioritize cybercrime you compromise national cyber-security”; he is now a junior Home Office minister, presiding over a 30 percent cut in the cybercrime budget of the U.K. national police; security experts, industry, and academics are not happy

  • IG: computer systems connected to DHS network are not secure

    DHS IG reports that DHS has failed to validate the security of computer systems that connect to the primary network, introducing vulnerabilities and putting sensitive information at risk; specifically, the IG detected vulnerabilities in systems connecting to the main department network from Customs and Border Control (CBP); Immigration and Customs Enforcement (ICE); and the Science and Technology Directorate (S&T), including missing security patches, weak passwords, and a lack of access controls that prevent unauthorized users from opening sensitive applications

  • Aussies revamp cyberdefense strategy

    The Australian federal government has decided to stop supporting AusCERT in favor of a new computer emergency response team more focused on providing an early warning system for utilities, banks, and other critical infrastructure firms