Brian Prince

The Obama administration is releasing details of its approach to facilitating better sharing of national security information between agencies and authorized parties. The president on Dec. 19 released the National Strategy for Information Sharing and Safeguarding (NSISS), which is meant to provide guidance for developing policies, processes and standards to promote secure information sharing between […]

An audit of the Department of Energy’s Cyber Security Incident Management Program found that duplicative efforts and the inconsistent reporting of cyber incidents are challenging security management. Released earlier this month, the audit by the DOE’s Office of Inspector General paints a picture of an agency in need of a unified cyber-security management strategy as […]

Internet Explorer users will now be able to get their hands on a free tool that forces the browser to use the HTTPS version of a site whenever possible. Designed by Zscaler, the tool builds off the HTTPS Everywhere extension developed by the Electronic Frontier Foundation (EFF) and The Tor Project for the Mozilla Firefox […]

A new piece of malware is targeting point-of-sale (POS) systems at retailers, hotel chains and other businesses worldwide. According to Seculert, the malware—known as “Dexter”—has been used in hundreds of attacks during the past two to three months. The malware has hit systems in 40 different countries, with the largest percentage (42 percent) in North […]

Federal authorities joined forces with the Facebook security team to catch 10 people accused of being involved in a massive $850 million cyber-crime operation. The investigation stretched across the globe, involving the FBI and the U.S. Department of Justice as well as law enforcement officials from other countries in a case that ultimately led to […]

Analysts at Gartner are predicting significant growth in adoption of cloud-based security services used by companies along with a quickening pace of merger and acquisitions among IT security companies. In a new report entitled, “Predicts 2013: Security Solutions,” Gartner states that the higher-than-average growth of cloud-based security services will generate merger and acquisition activity involving […]

Microsoft issued seven security bulletins today as part of its final Patch Tuesday release for the year. In all, the update fixes 12 vulnerabilities affecting Internet Explorer, Windows, Microsoft Word and Windows Server. According to Microsoft officials, the most pressing fixes are included in MS12-077 and MS12-079, which deal with issues in Internet Explorer and […]

Advanced persistent threats may use different types of malware, but they do have one thing usually in common—spear-phishing. According to a new paper from Trend Micro entitled “Spear-Phishing Email: Most Favored APT Attack Bait,” 91 percent of the targeted attacks it collected data on between February and September 2012 involved spear-phishing tactics that dupe a […]

The gang using the Citadel malware platform to deliver ransomware is now using the name of the Internet Crime Complaint Center in a scheme to intimidate victims into paying. The Internet Crime Complaint Center (IC3) is a partnership between the FBI and the National White Collar Crime Center. In an advisory, officials warned that the […]

The Romanian versions of Google and Yahoo were among the sites diverted Nov. 28 after a Domain Name System attack on the Romanian Top-Level Domain Registry (RoTLD). The sites themselves were not hacked. According to security researchers with Romania-based security firm BitDefender, the attack appears to be the work of The Algerian Hacker Group, an […]