Posts Tagged COMSEC

GovSec 2011: March 29-30

The Government Security Expo and Conference
Tuesday – Wednesday, March 29-30, 2011
Washington D.C.

Gain valuable insights into key issues central to the protection of our nation through in-depth conference sessions and conference-only keynote addresses.

GovSec, The Government Security Expo and Conference, features an exposition with a full spectrum of physical, IT and cybersecurity solutions, alongside wireless and mobility communications equipment for federal, state and local governments.  GovSec is a one-of-a-kind event that unites thousands of professionals tasked with securing our homeland, from the decision-makers at the federal level to the first responders, firefighters and police officers responding to catastrophic events in their hometown and every government security professional in between.  Attendance to the exposition is free for government, military, law enforcement and first responders as well as industry — new this year!

 

GovSec is co-located with U.S. Law, the U.S. Law Enforcement Conference and Exposition for federal, state and local law enforcement.

, , , , , ,

No Comments

Complimentary Training for CISSP and Security Clearance

From: University of Fairfax

Federal agencies and contractors need CISSP certified and cleared cyber security professionals. Don’t miss out! Earn your CISSP and get your Security Clearance in 2011 and watch your cyber security career take off! Attend a complimentary:

– CISSP Exam Prep Clinic and
– Security Clearance Workshop

at GOVSEC 2011 Thursday March 31, 2011. Seating is limited…

Register Now

Read the rest of this entry »

, , ,

No Comments

Protect Your Smartphone

Over at ArsTecnica, a technology site, there is a good article about how and why you should want to protect the data on your smartphone. Here is a snippet:

Exhaustive cell phone searches aren’t exactly commonplace today, but they’re growing more and more frequent as law enforcement begins to realize how much incriminating information modern smartphones tend to contain. The rapidly growing digital forensics industry already offers a range of tools to law enforcement designed for pulling data off of mobile phones, and entire books have been written on such topics as the forensic analysis of the iPhone operating system.

Unfortunately, few consumer-grade smartphones support full device encryption. While there are numerous smartphone apps available for encrypting particular types of files, such as emails (i.e. NitroDesk TouchDown), voice calls (i.e. RedPhone), and text messages (i.e. Cypher), these “selective” encryption tools offer insufficient protection unless you’re confident that no incriminating evidence exists anywhere on your smartphone outside of an encrypted container.

,

No Comments

Car Theft by Remote Control

From: MIT

Ketless Access AttackCar thieves of the future might be able to get into a car and drive away without forced entry and without needing a physical key, according to new research that will be presented at the Network and Distributed System Security Symposium next month in San Diego, California.

The researchers successfully attacked eight car manufacturers’ passive keyless entry and start systems—wireless key fobs that open a car’s doors and start the engine by proximity alone.

More

,

No Comments

Cyber-Threat Whitepapers

From: SC Magazine

, , , ,

No Comments

Net Centric Warfare Webinar

Coevolution of NCW: Challenges with Cyberspace and Organizational Development

This FREE webinar will be on:
Thursday, December 16, 2010, 2:00 PM – 3:00 PM ET
Presenter: Maj. Trisha Carpenter

The U.S. military is facing an entire new front in warfare, the cyber domain. Controlling and dominating this new technological theater is becoming critically important as U.S. Military leadership relies heavily on computer networks to communicate, gather INTEL, and even launch weapons and coordinated strikes. At the same time the military is striving to perfect the concept of Net Centric Warfare to effectively use technology to gain advantage and superiority over enemy forces. Two main obstacles may stand in the way of a successful transformation from the current haphazard state of cyberspace operations to a more productive future state required of Network Centric Warfare (NCW). The first obstacle is the military’s lack in knowledge of cyberspace operations. The second obstacle is the difficulty in understanding organizational change. This Webinar first presents a working definition of NCW to show how cyberspace and organizational change are related in the form of coevolution. It then discusses the organizational growth challenges faced by any organization operating in this domain, with a focus on the security missions likely to be given to cyber commands.

In this webinar participants will learn:

• An Operational Illustration of NCW

• Key Challenges in Cyberspace:

• Technical Environment: Cyber Triad

• Non-Technical Environment: Organizational Design

, , , ,

No Comments

Zeus Trojan Targets Government and Military Workers

From: Angela Moscaritolo

A new campaign of the password-stealing Zeus trojan is targeting workers from government and military departments in the United States and United Kingdom, according to security researchers at Websense. The trojan is being distributed through spoofed emails claiming to come from the U.S. National Intelligence Council. The bogus messages contain subject lines such as “Report of the National Intelligence Council.” The emails aim to lure users into downloading a document about the “2020 project,” which actually is Zeus. — AM

, , , , ,

No Comments

Feds Propose Onerous Internet Laws

From: EFF

Government Seeks Back Door Into All Our Communications

The U.S. government has made two proposals this week that threaten online speech and privacy in radical new ways. Either one, if passed by Congress, will fundamentally rewrite the rules of the Internet. EFF is fighting hard for your rights and needs your help.

These proposals are the most frightening we’ve seen in a long time. The first is a bill called the “Combating Online Infringement and Counterfeits Act,” which would give the Justice Department new powers to censor websites accused of aiding “piracy.” The second is an Obama Administration proposal that would end online privacy as we know it by requiring all Internet communication service providers — from Facebook to Skype to your webmail provider — to rebuild their systems to give the government backdoor access to all of your private Internet communications.

more

No Comments

ZeuS Can Defeat Mobile Phone 2-factor Authentication

From: S21sec and Dave Jevans

It appears now that the criminals have developed malicious software for various mobile smart phones, than can capture these (one-time password)  banking text messages, and forward them to the criminals so that they can  log into the user’s bank account.

In his blog posting, David describes analyzing such a mobile phone malware that was designed for Symbian phones.

He calls this attack, “Man-in-the-mobile”.

, , , ,

No Comments

LastPass Vetted by Steve Gibson of GRC

LastPass is a cross-platform ( Windows, Mac, Linux, iPhone, BlackBerry, Android) password manager and multi-factor authentication  tool. I have been using it in a limited test for almost a year now and I am very pleased to say that my confidence in the security of this system is high and I am adopting it as my go-to application for managing secure passwords and for multi-factor authentication. There is a free version with almost all the functionality. This is a well thought out system.

Steve Gibson of GRC.com and the Security Now podcast  goes into some detail about the LastPass CRYPTO and why this is a secure and redundant system in the podcast linked bellow . The real meat isn’t until about the 53rd minute so fast forward if you find yourself nodding off in the first part of the show.

Security Now Episode 256.

Here is a transcript of the show.

, , ,

No Comments

Car-Hacking

From: MIT Tech Review

Taking Over a Car

Researchers “break in” with software and a laptop.

By Erica Naone

Car-HackingCars are becoming more computerized, an evolution that could have an unintended side effect: vulnerability to attacks. Researchers at the University of Washington and the University of California, San Diego, led by Tadayoshi Kohno and Stefan Savage, recently showed that by taking over a car’s computers, they could disable the brakes, stop the engine, and control the door locks. For now, most of the attacks require access to a port inside the car. But wreaking havoc could get easier as carmakers add more wireless connectivity. The researchers hope their work will motivate manufacturers to add security features.

,

No Comments

Apple Seeks Patent to Spy on Customers

From: EFF

While users were celebrating the new jailbreaking and unlocking exemptions, Apple was quietly preparing to apply for a patent on technology that, among other things, would allow Apple to identify and punish users who take advantage of those exemptions or otherwise tinker with their devices. This patent application does nothing short of providing a roadmap for how Apple can — and presumably will — spy on its customers and control the way its customers use Apple products.

More

,

No Comments

Protecting the Critical Infrastructure

From: IDGA

With a turbulent economic outlook, advancing threats from cyber criminals and an ongoing oil spill impacting our global ecosystem; the challenge of protecting the critical infrastructure can no longer be an exercise in reactive security. Caretakers of these systems have to look at changing how they monitor, control, and recover in the event of a cyberevent. By the looks of things BP is dealing with their fair share of Hacktivism right now.

more

, , , ,

No Comments

Cyber Security Summit

4th Cyber Security Summit

September 20 – 22, 2010, Sheraton Premiere at Tysons Corner Hotel, Vienna, VA

Info

, , ,

No Comments