15 matches found
iPhones and iPads Approved for NATO Classified Data
Apple announcement: …iPhone and iPad are the first and only consumer devices in compliance with the information assurance requirements of NATO nations. This enables iPhone and iPad to be used with classified information up to the NATO restricted level without requiring special software or...
How public-private partnerships can combat cyber adversaries
For several years now, policymakers and practitioners from governments, CERTs, and the security industry have been speaking about the importance of public-private partnerships as an essential part of combating cyber threats. It is impossible to attend a security conference without a keynote...
How public-private partnerships can combat cyber adversaries
For several years now, policymakers and practitioners from governments, CERTs, and the security industry have been speaking about the importance of public-private partnerships as an essential part of combating cyber threats. It is impossible to attend a security conference without a keynote...
Windows NSA Information Assurance: Locklevel
Windows NSA Information Assurance LOCKLEVEL was a rapidly built prototype that demonstrates a method for scoring how well Windows systems have implemented some of the NSA Information Assurance top 10 mitigation strategies . This prototype is being shared to encourage industry adoption of these...
Microsoft SMBv1 Vulnerability
Microsoft has released a security update to address a vulnerability in implementations of Server Message Block 1.0 SMBv1. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Microsoft Securit...
Giving Red-Teamers the Blues
Pen-testing engagements are generally a breeze for most red-teamers; roadblocks are few, despite the ones in place being expensive and often paid for by very large companies. Chris Nickerson has been running such engagements for 15 years and he sees companies that throw more money and more server...
NSA Director Says Agency Shares Vast Majority of Bugs it Finds
When the National Security Agency discovers a new vulnerability that looks like it might be of use in penetrating target networks, the agency considers a number of factors, including how popular the affected software is and where it’s typically deployed, before deciding whether to share the new...
World's most secure messaging service offers £10,000 if you crack it
Privacy conscious phone users are being offered a new app that claims to be the world's first totally secure messaging service. A London-based iPhone messaging app claims to be unhackable and is offering reward to anyone who can intercept a message sent by it. Redact believes that messages sent v...
DoD Program Expanded, Designed to Share Threat Information
The Pentagon on Friday invited a slew of government contractors to meet and share classified information on cyber threats going forward, part of an initiative that the department hopes will reduce the risk of intrusions to government systems. The information sharing model that the Department of...
Like Enterprises, Government Agencies Are Struggling With Security
WASHINGTON–The U.S. government has a lot of money. Not as much as it used to have, of course, but still, it has a lot. It also has a lot of computers and servers and routers and other things that move and store data. In fact, they have so many that they don’t really know what all of them are doin...
Top Government Security Officials Call For Secure OS Development
WASHINGTON–One of the keys to addressing the widespread security threats facing both private and government networks is to develop more secure operating systems from the ground up and not rely on trying to secure existing ones, top CIA and Pentagon information assurance officials said. The federa...
Pentagon to Obama: icanhasbilliondollars plz?
Capitol Hill may be awash in tough talk on cuts to domestic programs, but that’s not stopping the Pentagon from seeking an additional billion dollars in funding for cyber security, according to a report from Nextgov.com. The Department of Defense is requesting $3.2 billion, almost $1 billion more...
NSA: Our Development Methods Are in the Open Now
WASHINGTON–Despite its reputation for secrecy and technical expertise, the National Security Agency doesn’t have a set of secret coding practices or testing methods that magically make their applications and systems bulletproof. In fact, one of the agency’s top technical experts said that virtual...
New Security Consortium to Focus on Long-Term Projects
The three universities involved in the security consortium put together this week by Northrop Grumman will have wide latitude to pursue research projects as they see fit and will be under no obligation to work only on technology that fits Northrop’s future plans. The researchers, in fact, will be...
NSA to Run $1.5B Security Data Center
The National Security Agency is going to run a planned $1.5 billion data center in Utah that will serve as a support center for the government’s information security programs. The exact mission and function of the data center is a bit unclear, however. The NSA’s core mission is to collect and...