• Dell to replace server parts infected with virus

    Dell says W32.Spybot worm was found in replacement motherboards, and that it will replace infected parts with clean motherboards; the company says it is unaware of any attacks as result of infections

  • House's homeland security bill doubles cybersecurity R&D budget

    The 2010 Homeland Security Science and Technology Authorization Act would double the cybersecurity research and development budget to $75 million for each of the next two years and authorize another $500 million for a study to find ways to promote industry best practices through, for example, liability requirements that hold hardware and software vendors responsible for damages caused by a security breach

  • Dell warns of hardware trojan

    Computer maker Dell is warning that some of its server motherboards have been delivered to customers carrying an unwanted extra: computer malware; it could be confirmation that the “hardware trojans” long posited by some security experts are indeed a real threat; the Pentagon is spending millions on research designed to ensure it can trust the microchips in critical systems, especially those made outside the United States

  • U.S. quietly launches protection program against cyber attacks on critical infrastructure

    The administration has quietly launched Perfect Citizen, a digital surveillance project to be run by the NSA; the project’s goal is to detect and detect cyber attacks on private companies and government agencies running critical infrastructure such as the electricity grid, nuclear-power plants, dams, and more; the program would rely on a set of sensors deployed in computer networks for critical infrastructure that would be triggered by unusual activity suggesting an impending cyber attack — although it would not persistently monitor the whole system

  • Security tensions at the core of the cloud concept hobble cloud growth

    The cloud model and the notion of data having a specific location are somewhat antithetical: some cloud-service providers attempt to maintain security and availability by locating the data in multiple servers or data centers, or by locating it in an undisclosed data center; cloud-service providers are thus in a tight situation with regard to secrecy about their data centers and security procedures: many of these providers believe that this information must remain secret, but many customers — including giant potential customers such as the U.S. federal government — want to be made aware of such information before signing on with a provider

  • Secureworks World Cup of cyber security finds India the safest nation, U.S. the least safe

    Digitally speaking, the United States is the least cyber-secure country in the world: with 265,700,000 active PCs, there were 441,003,516 attempted cyber attacks, or 1,660 attacks per 1,000 computers; India is the safest digital country in the world, with a mere 52 attacks per 1,000 PCs

  • Industrial espionage puts German companies, jobs at risk

    Companies failing to protect themselves from external attack risk losing their competitive edge; in the information age, the threat of industrial espionage is all too real, with thousands of jobs at stake in Germany

  • A smarter, faster, more controllable cloud

    Different types of cloud applications have different needs; a highly interactive application such as a voice chat program probably needs a high-quality connection; a file-backup service that transfers data in bulk might benefit from the least expensive transit between machines; a proposed system would let cloud developers control the way their data travels across different machines

  • Chase: IE6 "more secure" than Chrome, Opera

    Banking giant Chase said it found the old IE6 to be more secure — and popular — than either Google’s Chrome or Opera; the bank’s online banking services will, therefore, continue to support aging the IE 6 but drop support for Chrome and Opera; also making the cut are Mozilla’s Firefox 2.0 and higher and version 3.0 and higher of Apple’s Safari on the Mac — but not the PC

  • Lawmakers to combine cybersecurity bills

    Reforming the Federal Information Security Management Act (FISMA) and defining the role of the White House and other agencies are common themes in the many cybersecurity bills now circulating on the Hill

  • Industry concerned about DHS standards on cybersecurity

    Private cybersecurity companies worry that too-stringent cybersecurity laws and regulations could have a detrimental impact on private sector innovation; “The government needs to be very careful about imposing too much of a top-down standards process,” said McAfee vice president of government relations Tom Gann; “We need to bring products to market very quickly. They need to make sure we can get latest technology”

  • Lookingglass named finalist for Best Cyber Security Company

    Lookingglass Cyber Solutions’s ScoutVision allows corporations to monitor networks and infrastructure they are not in control of, but rely upon for day-to-day operations; the company is finalist in Maryland Incubator of the Year Awards program

  • Agency wants data on enterprise cyber forensics system products

    TSA solicits information about commercially available computer security forensics technologies it could use for information technology security; TSA is interested in products that would give the agency the ability to scan, capture, identify, report, and resolve IT forensics matters

  • Melissa Hathaway highlights nine important cyber bills

    Congress is getting more and more involved in cyber issues; Melissa Hathaway, former White House cybersecurity official, examines the pending legislation and highlights nine bills — out of the 40-odd bills at various stages in the legislative process — which she considers to be the most important ones to watch

  • Today's IT security professionals are expected to offer more than a school certificate

    Demand for IT security specialists in both the private sector and government grows steadily; IT security is the No. 1 growth industry in the government and government contractor sectors; employers, however, no longer see IT security certification as a sufficient qualification, and are looking for a broader set of skills