Ok, I had to go with the “Words Starting with N” theme. Oh and by Notes, I really mean Comments. And by NICE I really mean the National Initiative for Cybersecurity Education. I had been meaning to write about this a little sooner as you can tell by the dates of the articles referenced...
Read more »
Yesterday, I posted my thoughts on Amazon’s new GovCloud announcement. Although it offers a huge step in the right direction, there is still a lot of ground work that needs to be done in most cases. Someone that’s a bit more read in this whole area is local blogger Chris “@cyberhiker” Burton. You may...
Read more »
If you haven’t heard by now, Amazon recently announced a new self-contained cloud region specifically customized for U.S. government customers. Think of it as their normal set of services (e.g., EC2, S3, etc.) but set up in their own special area only accessible to U.S. persons. They aren’t the first cloud provider to claim...
Read more »
We’ve written about a Skype 0-day earlier this year as well as another post regarding a XSS vulnerability in their client (the second to be reported recently). Since Skype’s acquisition by Microsoft, problems appear to be popping up more. Coincidence? Well it’s happened again … another XSS bug has been found. This time the...
Read more »
This past week CSO Online put out an update post on the National Strategy for Trusted Identities in Cyberspace (NSTIC) program that National Institute of Standards and Technology (NIST) set up this past spring. I hadn’t recently heard much about this effort until @manicode mentioned that blog post on Twitter. RT @manicode .. NSTIC...
Read more »
I came across an article over at GovInfoSecurity.com where they interviewed Ron Ross about the future of Special Publication 800-53. As most of you have probably heard there is a draft appendix that contains a bunch of new privacy controls. We discussed this a while ago, mentioning how in most cases new controls are...
Read more »
One of the things we talked about last week in our “The Downside of 0% Infosec Unemployement” post is people obtaining quick certs to get into the high-demand security industry. Non-security savvy companies looking to hire qualified infosec pros in this lucrative market need to be on the lookout for people passing themselves off...
Read more »
Early last week we had a story on a targeted attacks against military contractors using a malicious PDF disguised as a conference CFP. On Friday the threats continued with emails being sent to all 163 participants of a recent Intelligence Advanced Research Projects Activity (IARPA) event purporting to be a list of the attendees....
Read more »
Last week we mentioned how great it was that there was 0% unemployment in the IT security field. Of course there may be a few of you out there looking but overall you’d think this is good thing. Well, maybe from the employee perspective … but if you’re an employer seeking to hire qualified...
Read more »
I really enjoyed the Freakonomics article published earlier this week by Stephen J. Dubner that asked “Why Has There Been So Much Hacking Lately? Or Is It Just Reported More?” To tackle this issue their editors assembled a panel of experts to comment on the topic, including Bruce “no introduction needed” Schneier, Tal “Imperva”...
Read more »
Should We Change Our Name to NovaInfosec.com?
Total Voters: 11
Loading ...
