• Attack on California power station heightens concerns about grid security

    Security experts are concerned that last year’s unsolved attack on an electrical-power substation in San Jose, California, is but a prologue to similar attacks which, if executed simultaneously and in a coordinated fashion against several such substations, could cripple the U.S. power grid. The transformers at the substation, vital for regional power distribution, were shot at by several gunmen and disabled for twenty-seven days. What is especially worrisome, security exert note, is that the attack appeared to have been carried out by people with some training, although the FBI said the agency does not think it was the act of terrorists.

  • Pace of acquisitions of cybersecurity startups quickens

    With the number and scope of cybersecurity breaches on the rise, cybersecurity startups offering innovative security solutions have become a sought-after target in the merger and acquisition market. These innovative companies are eagerly sought not only for their technologies, but also as an investment vehicle, with the average valuation acquiring companies willing to pay approaching ten times revenue. “To pay ten times on services in the normal world is crazy, in the security world it’s normal,” says an industry insider.

  • Two Israeli startups with innovative cybersecurity solutions raise combined $25 million

    Two Israeli cybersecurity startups, launched by veterans of the IDF technology units, announced that, separately, they had raised a combined $25 million from investors. Adallom’s solution accumulates users’ behavioral data in order to protect databases. It monitors how software applications like the customer relationship management program Salesforce, Google apps, and Microsoft Office 360 are used, and protects data security. Aorato’s solution watches for suspicious usage of employee credentials – for example, multiple guessing attempts. “2013 showed the world the risks of advanced threats in parallel to the implications of insiders’ access to sensitive corporate data,” Aorato’s CEO Idan Plotnik noted, referring to the Edward Snowden’s leaks of secret government information.

  • National cyber complex to open next to Ben-Gurion University of the Negev campus

    A new national cyber complex called CyberSpark will open at the Advanced Technology Park (ATP) which is located next to Ben Gurion University of the Negev. Fortune 500 companies Lockheed Martin and IBM announced they would invest in CyberSpark R&D facilities, joining other cybersecurity leaders Deutsche Telekom, EMC, RSA, and many startups. The 15-building ATP is the only type of complex of its kind in the world that includes Fortune 500 companies and cyber-incubators, academic researchers, and educational facilities as well as national government and security agencies. The CyberSpark will also include a high school geared toward science and technology.

  • The 9 January chemical leak in West Virginia is the latest in a long history of industrial accidents

    The chemical spill that affected the water source in nine West Virginia counties in early January is part of a long history of industrial accidents resulting from the concentration of chemical and coal-mining operations in the region. The 9 January spill, which saw coal-cleansing chemical which leaked from Freedom Industries’ storage tank into the Elk River, leaving more than 300,000 residents without access to clean tap water for days, is the latest in a history of pollution which has poisoned groundwater, spewed toxic gas emissions, and caused fires and explosions.

  • Cal Poly unveils ambitious cybersecurity educational initiative

    Cal Poly, with a grant from the Northrop Grumman Foundation, has established a Cybersecurity Center, opened a new cyber lab, and is developing a cybersecurity curriculum with an ambitious set of goals in mind: educating thousands of students in cybersecurity awareness and readiness; producing experts in cyber technologies and systems, including many professionals who will serve the military and defense industry; and graduating cyber innovators who are prepared for advanced study and applied research in emerging cyber issues.

  • ExxonMobil to pay fines for violations at its Baton Rouge chemical facilities

    In a settlement with Louisiana’s Department of Environmental Quality (DEQ), ExxonMobil is ordered to pay $2.329 million to address violations from 2008 to 2013 at its greater Baton Rouge facilities. ExxonMobil was cited for a series of problems at its refinery and resin-finishing and chemical plants in East Baton Rouge Parish, and its tank-farm facility in West Baton Rouge.

  • Security check contractor defrauded U.S. of millions of dollars

    The Department of Justice said Wednesday that U.S. Investigations Services (USIS), the company which conducted the background checks on Edward Snowden and Aaron Alexis, has defrauded the government of millions of dollars. The government charges that between 2008 and 2012, 650,000 background investigations – about 40 percent of the company’s investigations in that period – were submitted to the government as having been completed although, in fact, they were not. Several former and current USIS employees said the company had an incentive to rush background check work because it was paid only after a file is marked “FF,” for fieldwork finished, and sent to the government. Two senior managers said that toward the end of the month, investigations were closed in order to meet financial quotas, without a required review by the quality control department.

  • Botwall: New Web security solution uses real-time polymorphism to ward off attacks

    Malware has long used polymorphism — that is, rewriting its code — every time a new machine was infected in order easily to evade antivirus detection systems. Shape Security says its new product, the ShapeShifter, is reversing this advantage which malware has so far enjoyed: the new product uses polymorphic code as a new foundational tool for Web site defense. The patent-pending technology implements real-time polymorphism, or dynamically changing code, on any Web site, to remove the static elements that botnets and malware depend on for their attacks.

  • FireEye acquires Mandiant in a deal worth about $1 billion

    The combination of the two companies creates one of the cybersecurity industry leading vendor. The combined competencies of the two companies would allow them to find and stop attacks at every stage of the attack life cycle. “The reason for this deal is that we now live in a world of constant compromise. When you know you will be compromised, you can’t just continue trying to keep the bad guys out; you also need to investigate every compromise, figure out what happened, prevent it from ever happening again and clean up the mess,” says one analyst.

  • Small, portable, fast TLC unit for explosives, drugs analysis

    Field Forensics of St. Petersburg, Florida, unveiled its microTLC, a portable and easy to use solution for pre-screening and presumptive identification of drugs and explosive mixtures. Thin layer chromatography (TLC) is an established laboratory procedure which identifies compounds belonging to the same general chemical class. The microTLC makes it possible for both laboratory and field analysis to be performed by first responders and forensics scientists.

  • BGU researchers identify critical vulnerability Samsung's Galaxy S4

    Security researchers at Ben Gurion University of the Negev’s (BGU) Cyber Security Labs have identified a critical vulnerability in highly secure Samsung mobile devices which are based on the Knox architecture. Samsung Knox, which is currently undergoing the U.S. Department of Defense approval review process, features the most advanced security-driven infrastructure for mobile phones. The breach, researchers believe, enables easy interception of data communications between the secure container and the external world including file transfers, emails and browser activity.

  • Barrier systems, robots reduce security costs

    High-security compounds have traditionally employed security guards to protect buildings and facilities, deter intrusion, and prevent theft, but as budget cuts continue to force both private and government organizations to cut staff, some agencies are deploying portable barrier systems and robots tasked with securing organizations and their assets.

  • Cybersecurity giants adapt to changing cyberthreat landscape

    McAfee and Symantec, the two technology giants of traditional firewall and antivirus protection software, are shifting their attention to focus more on cybersecurity challenges. A rapidly changing landscape for computer networks, in which data is transmitted and stored via mobile devices and cloud computing, has created demand for products and services that can secure information against state-sponsored or organized cyber terrorism.

  • Shot spotting system helps Stockton, Calif. Police reduce gunfire

    ShotSpotter sensors detect gunfire, then immediately transmit a signal to control center where technicians use triangulation to locate the spot of origin of the firing to within five to ten feet. The technician reports the location within thirty to forty seconds to the police to dispatch officers to the scene. Stockton, California police has been using ShotSpotter for nine months now, and the police chief says the system has helped reduce gunfire in the covered area by fifty percent.