Latest Network Security News

September annual security congress in Philadelphia : (ISC)²® announces call for speakers
posted on 12/12/2011

(ISC) 2® announced today the the call for speakers for the second annual (ISC)2 Security Congress, being held September 10-13, 2012, in Philadelphia, USA. The event, being collocated with the ASIS International 58th Annual Seminar and Exhibits, will bring together security professionals from all disciplines, making it the largest security event of its kind in the world. More than 20,000 information and physical security practitioners are expected to attend the joint event. (ISC)²’s primary objective with this event is to provide top-notch information security education to all levels of professionals, as well as offer sessions to all attendees addressing the intersection of physical and logical security. “We are delighted to once again align with ASIS to host this superior event that brings together leading security professionals from all disciplines,” said W. Hord Tipton, CISSP-ISSEP, CAP, executive director of (ISC)². “The integration of physical and logical security has become crit... [more]

Solera Networks provides major government defense contractor against network attacks
posted on 02/12/2011

After an exhaustive search involving a number of network forensics and analytics providers, a government defense contractor selected the Solera Networks appliance for its exclusive ability to sustain full-fidelity packet capture, indexing, classification and analysis at the speeds of today’s fastest enterprise networks. With Solera Networks, the company now has a comprehensive security platform capable of identifying root causes 10 times faster than their previous process, helping them quickly mitigate the damage caused by targeted attacks and data exfiltration. Despite employing “best-of-breed” security tools, malware attacks were regularly circumventing the company’s traditional defenses. Determining what was compromised and quickly identifying the root cause of the breaches required Layer 2–7 data analysis—a capability not available in their existing product set. The company needed a security solution that would identify how each attack had succeeded, who was responsible for it, wh... [more]

Research and development investment on model-based tools for embedded systems in aerospace and defence
posted on 29/11/2011

A new model-based software development framework for complex real-time systems in aerospace and defence will be developped following a partnership between the Open Group and a consortium of leading European real-time technology developers, industrial manufacturers. Supported by the European Commission, the model-based Methods and Tools for Avionics and Surveillance Embedded Systems (MADES) project is investing over €3.5 million (US$5.1 million) to develop an advanced framework covering all phases of real-time systems development — from design to code generation and deployment. This platform-independent framework will maintain the robust reliability essential for safety and mission-critical applications while providing improvements in developer productivity, reusability of code, and lower costs for maintenance and retargeting to newer multicore platforms. Led by TXT e-solutions, an aerospace and defence engineering company, the MADES consortium includes The Open Group; University of Yo... [more]

Context Information Security says BEAST attacks are unlikely to be used
posted on 22/11/2011

The level of risk to businesses and government organisations posed by BEAST, Browser Exploit Against SSL/TLS, does not seem to be a high level risk to businesses and government organisations according to researchers at Context Information Security Recently disclosed by Thai Duong and Juliano Rizzo, the SSL vulnerability allows an attack on a browser to decrypt cookies and compromise HTTPS, giving access to encrypted website log-on credentials. But Context believes that hackers are very unlikely to use this complex attack and also provides some advice on how to further reduce the risks. “In effect, BEAST is simply a practical way to exploit an existing theoretical vulnerability in older versions of TLS/SSL (TLSv1.0, SSLv3.0 and lower), commonly used for HTTPS connections,” said Michael Jordon, research and development manager at Context. “For an attack to be effective, a vulnerable version of SSL using a block cipher must be used; network sniffing of the connection must be possible; a... [more]

Information Security Solutions Europe 2011 in Prague starts today
posted on 22/11/2011

ISSE 2011 (Information Security Solutions Europe) is the only independent, interdisciplinary IT security conference and exhibition in Europe. ISSE 2011, runned by the EEMA (European association for e-identity and security) is taking place in Prague on 22nd and 23rd November 2011. The 13th annual ISSE will be hosted this year by the Czech Chamber of Commerce and Ministry of the Interior of the Czech Republic and is supported by the European Commission, ENISA and TeleTrust. More than 60 individual educational workshops and seminars across four separate tracks will be taking place, focusing on issues surrounding cloud computing security, mobile and wireless security, cybercrime and cyberwar, device and network security, e-ID/e-Government, access, trust and privacy. EEMA Director, Roger Dean predicts that this year’s ISSE will highlight the key issues in identity and raise some effective solutions. He comments, “Some of the identity issues that I feel will be discussed are how to mak... [more]

Other Security news and resources