CSIA 459

Here is a recent article that discusses additional exploit kits besides the Blackhole kit discussed in the video.

A fun read about a former Google vulnerability. Of note is the "attacker's" use of Amazon Web Services to aid in cracking certificates.

Be careful what you ask for -- NIST is now sorting through all the public comments related to the cybersecurity executive order and 185 days to get the framework publish.

Interesting thoughts from DHS about the recently signed cybersecurity framework.

This article talks about buying technology products from China and whether the US should. The supply chain is an important part of emerging technologies. As you worked on your bibliography - did you question where the technology comes from?

Just a heads up for anyone living in Austin, TX.

This article discusses 11 best best practices for mobile device management of mobile devices and identifies ways an organization can use these practices to improve network security while using mobile devices.

This article discusses how businesses relate to mobile collaboration and issues that address its use in the mobile community

This standards publication (FIPS 140-2) is a key standard's document. Skim through it and see if you can find some ideas for emerging threats against the standard(s).

Any time you are allowed to introduce code into a program, you have a chance for error. By allowing cryptographic software and firmware to be updated, I think you will always have the chance for emerging threats to be introduced in the form of malware. Recently, the U.S. has stopped allowing the use of Chinese built hardware for certain DOD/ Federal agencies. if we allow the enemy to build the devices we use to form our security foundations, we have already lost the war.

I believe the frequency of review of this policy is untimely to the speed technology advances in. If they could move the review from 5 years to 2 years will suffice. At times, once the policy is published folks are already working on the revision to keep up with technology growth. "Since a standard of this nature must be flexible enough to adapt to advancements and innovations in science and technology, this standard will be reviewed every five years in order to consider new or revised requirements that may be needed to meet technological and economic changes."

An article detailing the privacy concerns regarding mass implementation of NFC technology in mobile devices.

Michael & Ben, Did you know that iPhone 5 passed on Near-Field Communication Data Sharing while Samsung, Nokia and HTC didn't ? Article: Android Embraces, iPhone 5 Passes on Near-Field Communication Data Sharing http://www.scientificamerican.com/article.cfm?id=near-field-communication-security-purchase Sam Rios

Hi Sam, I had noticed that the iPhone 5 wasn't using NFC. I didn't research it further though, as I honestly don't care for Apple products (way overpriced imho). There are numerous reasons Apple may not want to use NFC, which could be anything from them having a competing technology and not wanting it to prosper to them simply not seeing the value the technology in its current implementation (it is still in its infancy in some respects). I found a site which was able to list numerous reasons NFC is lagging behind: http://news.cnet.com/8301-1035_3-57441842-94/is-nfc-killing-google-wallet/ ~Mike

A few of my sources are from universities in Norway or Amsterdam. Apparently password cracking is a big thing over there!

Dan, thanks for posting. This was a good article, not that I wasn't aware of the information in it, but it was just a good reminder, and something I can use to send around for some people to read who may be using some of the obvious techniques to secure thair passwords, such as "what was your first car", lol Facebook destroyed these types of questions/answer security forms.

Interesting slideshow with some short discussions which relate to this weeks project, as well as the final class project.

This web site offers a lot of valuable information. I like it because it keeps current with emerging technologies. SIEM systems and technology enable more dynamic detection than some of the more traditional defenses.