Culture Shock: Unlocking DevOps with Collaboration and Communication
Event

Culture Shock: Unlocking DevOps with Collaboration and ...

About the WebinarDevOps is all about delivering business value as rapidly as possible. Embracing its philosophies goes beyond implementing automation and tooling to speed software development and delivery. DevOps is a culture ...
SB15-082: Vulnerability Summary for the Week of March 16, 2015
Discussion

SB15-082: Vulnerability Summary for the Week of March ...

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database(NVD) in the past ...
How Secure is My Data? Key Aspects of the Sony and Anthem Attacks
Event

How Secure is My Data? Key Aspects of the Sony and ...

The recent cyber attacks on Sony and Anthem have resonated far beyond the entertainment and healthcare industries. Unfortunately these types of  breaches are becoming more commonplace  - causing internal and external ...

Cybersecurity

Cybersecurity (CS) includes managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes, including analog and physical form. CS includes information availability, identification and authentication, confidentiality, integrity, and non-repudiation as well as the economic considerations with respect to selection of CS techniques, CS processes, and industry trends.

Culture Shock: Unlocking DevOps with Collaboration and ...

Thursday, April 9, 2015 - 1:30pm - 2:30pm
Apr 9 2015

About the Webinar

SB15-082: Vulnerability Summary for the Week of March ...

159 reads since posted on 03/24/2015 - 8:14am by CSIAC Admin
CSIAC Admin
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database(NVD) in the past week.

New submission and notification dates for STC 2015, the ...

124 reads since posted on 03/15/2015 - 4:59pm by pcroll
pcroll
Call for Presentations The 27th Annual IEEE Software Technology Conference (STC 2015) 12 October - 15 OctoberHilton Long Beach, Long Beach, California, USA The IEEE Computer Society is pleased to bring you the 27th Annual Software Technology Conference.

1st Annual Billington Corporate: Cybersecurity Summit

Wednesday, May 27, 2015 - 7:30am - 4:00pm
May 27 2015

Large-scale denial-of-services attacks and point-of-sale thefts capture the headlines, but hackers also are targeting businesses of all sizes. And new legislation may require corporations to report a breach when it occurs rather than months later.

Audit Report: DoD Needs to Reinitiate Migration to ...

119 reads since posted on 03/11/2015 - 3:51pm by CSIAC Admin
CSIAC Admin
The Department of Defense Inspector General recently published an audit report on whether the DoD was effectively migrating to the Internet Protocol Version 6 (IPv6). To view the summary of the findings, management action taken, recommendations and the management comments and response from the DoD Inspector General, click the link below: http://www.dodig.mil/pubs/report_summary.cfm?id=6080

Audit Report: DoD Cloud Computing Strategy Needs ...

64 reads since posted on 03/11/2015 - 3:17pm by CSIAC Admin
CSIAC Admin
The Department of Defense Inspector General recently published an audit report on whether DoD effectively planned and executed a strategy for implementing cloud computing. This report was provided for review and comment. To view the findings, recommendations and management comments click on the link below:  http://www.dodig.mil/pubs/report_summary.cfm?id=6084 What are your suggestions and comments on this topic?

SB15-069: Vulnerability Summary for the Week of March 2, ...

66 reads since posted on 03/11/2015 - 8:55am by CSIAC Admin
CSIAC Admin
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database(NVD) in the past week. Click here to view the document.

SB15-061: Vulnerability Summary for the Week of February ...

146 reads since posted on 03/02/2015 - 2:56pm by CSIAC Admin
CSIAC Admin
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database(NVD) in the past week. Click here to view the document.

Workshop on Cybersecurity in a Post-Quantum World

Thursday, April 2, 2015 (All day) - Friday, April 3, 2015 (All day)
Apr 2 2015

The advent of practical quantum computing will break all commonly used public key cryptographic algorithms. In response, NIST is researching cryptographic algorithms for public key-based key agreement and digital signatures that are not susceptible to cryptanalysis by quantum algorithms. NIST is holding this workshop to engage academic, industry, and government stakeholders. The Post Quantum Workshop will be held on April 2-3, 2015, immediately following the 2015 International Conference on Practice and Theory of Public-Key Cryptography.

SB15-054: Vulnerability Summary for the Week of February ...

118 reads since posted on 02/23/2015 - 11:16am by CSIAC Admin
CSIAC Admin
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database(NVD) in the past week. Click here to view the document.

SB15-047: Vulnerability Summary for the Week of February ...

107 reads since posted on 02/17/2015 - 3:10pm by CSIAC Admin
CSIAC Admin
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database(NVD) in the past week.

New Government Agency: "Cyber Threat Intelligence ...

227 reads since posted on 02/10/2015 - 12:57pm by CSIAC Admin
CSIAC Admin
In the wake of the Sony Pictures hack the Obama administration will establish a new government agency to "combat the deepening threat from cyberattacks," according to the Washington Post. To view the article, click here. What are some thoughts and views on this new agency?

ISIS Threat at Home: FBI Warns US Military About Social ...

511 reads since posted on 12/02/2014 - 4:51pm by Cybersec12
Cybersec12
The FBI on Sunday issued the strongest warning to date about possible attacks by the ISIS terrorist group against the U.S. military inside the homeland, officials tell ABC News. Read More - http://abcnews.go.com/International/isis-threat-home-fbi-warns-us-military-social/story?id=27270662

Vulnerability Alert - Shellshock bash bug discovered

2060 reads since posted on 09/26/2014 - 9:06am by CSIAC Admin
CSIAC Admin
Over the past few days a bug was discovered in bash that allows remote attackers to run any shell command they would like by excersizing a vulnerability in the way environment variables are defined. This is extremely concerning especially for web server administrators running their web environments on CGI. You can obtain additional information from the following sources: National Vulnerability Database - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271

Cybersecurity Digest Suggestions?

7040 reads since posted on 06/11/2014 - 5:06pm by CSIAC Admin
CSIAC Admin
Please share any thoughts or comments on the Cybersecurity Digest and what you would like to see in it. Suggest any articles, news topics, et cetera that would make it more interesting for the CSIAC community as a whole. The Cybersecurity Digest is a bi-weekly news summary for information assurance professionals. It is transmitted in an HTML formatted e-mail and includes recent headlines to articles across a spectrum of information assurance and cyber-security topics.

NIST announces that the Second Public Draft of Special ...

1584 reads since posted on 06/11/2014 - 5:03pm by CSIAC Admin
CSIAC Admin
This document provides guidance to federal departments and agencies on identifying, assessing, and mitigating Information and Communications Technology (ICT) supply chain risks at all levels in their organizations. It integrates ICT supply chain risk management (SCRM) into federal agency enterprise risk management activities by applying a multitiered SCRM-specific approach, including supply chain risk assessments and supply chain risk mitigation activities and guidance.

RISK: AUTO-PREVIEW / AUTO-LAUNCH

3303 reads since posted on 04/21/2014 - 11:39am by douglas.vanderlip
douglas.vanderlip
For years computer defenders have battle USER convenience over USER safety. Current vulnerabilities bring this to Heart and Soul of Information Assurance Managers and Computer Network Defense - defenders. For example: the auto preview pane in MS Outlook - it is and has been for years recommended that users self-disable this functionality however, not many do. My question to this group: Should we force MS Outlook auto preview functionality away from the user’s control?  

Technology Domain Awareness - bringing commercial sector ...

2864 reads since posted on 04/11/2014 - 3:22pm by CSIAC Admin
CSIAC Admin
…the development and proliferation of more advanced military technologies by other nations means that we are entering an era where American dominance on the seas, in the skies, and in space can no longer be taken for granted.Given these realities, we must now adapt, innovate, and make difficult decisions to ensure that our military remains ready and capable – maintaining its technological edge over all potential adversaries.

Heartbleed

2860 reads since posted on 04/11/2014 - 2:35pm by CSIAC Admin
CSIAC Admin
Heartbleed is a software bug in the open-source cryptography library OpenSSL, which allows an attacker to read the memory of the host computer, allowing them to retrieve potentially privacy-sensitive data. OpenSSL provides encryption and authenticity services on the Internet and web. Read the official Common Vulnerabilities and Exposures (CVE) here: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160

The Cyber Shield Newsletter

6126 reads since posted on 01/20/2014 - 2:02pm by CSIAC Admin
CSIAC Admin
The Cyber Shield is a Cyber Newsletter  for Counterintelligence, IT and Security Professionals associated with DoD and USG agencies. There are no distribution constraints. If you would  like to subscribe, please contact Dr. Paul Losiewicz at plosiewicz@quanterion.com
Syndicate content