Category Archives: Government

House GOP seeks $120M for visa fraud-catching software

capitol dome government

Credit: FEMA/Bill Koplitz

Security issues could complicate employer use of H-1B and L-1 workers

House Republican lawmakers have introduced legislation intended to bolster the scrutiny of people entering this country. Its impetus is last year’s terrorist attack by a married couple who killed 14 people in San Bernardino, Calif. and wounded 22. But the bill’s provisions will affect all visas, including the H-1B.

Read More Computerworld

US House of Representatives bans Yahoo Mail and Google App Engine over malware concerns

The bans are in response of cybercriminals abusing those services to spread ransomware and malware

The IT department of the U.S. House of Representatives has blocked access to Yahoo Mail and the Google App Engine platform due to malware threats.

On April 30, the House’s Technology Service Desk informed users about an increase in ransomware related emails on third-party email services like Yahoo Mail and Gmail.

Read More Networkworld

The Balancing Act: Government Security In The Cloud

The cloud offers great opportunities and challenges to public sector security teams defending critical systems against advanced threats. These 7 strategies will help you avoid a worst-case scenario.

Like many of you, I was there at the birth of the cloud. I watched the evolution in the private sector and have supported adoption in the public sector, which is taking much longer, due to the time it takes government to innovate and implement new technology. Few government CIOs have been able to overcome this challenge.

Read More Informationweek

iPhone Fingerprint Unlocking Case Raises Constitutional Issue

As smartphone makers are increasingly adding fingerprint-sensor technology as a log-in feature for their devices, users may be unaware they may lose their right to the Fifth Amendment.

10 iPhone, iPad Apps For Data Nerds

10 iPhone, iPad Apps For Data Nerds

(Click image for larger view and slideshow.)

On the off-chance law enforcement officials may one day want to peruse through the content loaded on your smartphone, there’s a high probability you won’t be able to stop them if it has a fingerprint sensor as its log-in.

In other words, you have lost the right to the Fifth Amendment, which guards against self-incrimination. Such was the case for one woman, who was recently targeted by the FBI. The bureau obtained a warrant from a Los Angeles Court to compel her to press her finger against the smartphone and unlock the device, according to a Los Angeles Times report.

Under the Fifth Amendment, one of the provisions states no one “shall be compelled in any criminal case to be a witness against himself.” For this provision to kick in, however, it applies to law enforcement agencies and the government forcing an individual to make a statement or give “testimony” that could incriminate the individual, notes a report in Wired.

(Image: Rinat_Dasajev/iStockphoto)
Read More Informationweek

NIST looks to reengineer thinking about cyber

The National Institute of Standards and Technology is set to release an overhauled systems security engineering document it hopes will change the way software and computer designers think about cybersecurity.

An updated draft of NIST’s 800-160 document will be released for public comment on May 4. According to its lead author, Dr. Ron Ross, the new 800-160 will kick off a difficult discussion over not only how federal agencies approach cybersecurity, but also how U.S. business and general population should think about it — not just as an add-on, but as an foundational component of any technology that touches the Internet.

Shutterstock image (by Sergey Nivens): Security concept, lock on a digital screen.
Read More FCW

US Drops iPhone Encryption Case After Getting Passcode

The United States government has dropped a case in which it attempted to get Apple to extract information from an iPhone after receiving the passcode to the device.

In February, the FBI convinced a judge to order Apple to create a piece of software that would allow the agency to brute-force the passcode on the iPhone belonging to the San Bernardino shooter. Apple refused to comply, arguing that creating a backdoor to the iPhone puts its customers at risk and creates a dangerous precedent.

In late March, the FBI announced that it managed to break into the San Bernardino attacker’s phone without Apple’s help and the case was dropped. Authorities were reportedly helped by grey hat hackers to crack the phone and FBI director James Comey suggested that theagency paid over $1 million.

Read more Securityweek

DOD ‘leading the way in technological innovation’ with bug bounty

DOD’s aggressive and transparent approach to the first federal bug bounty program has the department set up for success, according to Alex Rice, HackerOne CTO and co-founder.

The Defense Department’s revolutionary bug bounty program, just a week into its monthlong run, is already shaping up to be one of the largest and most transparent that partnering company HackerOne has ever worked on, according to one of the startup’s executives.

There has already been a “healthy amount of activity” in the first week of the “Hack the Pentagon” program, Alex Rice, HackerOne CTO and co-founder, told FedScoop. More than 500 vetted hackers are trying to compromise security vulnerabilities in DOD’s infrastructure.

Read More

DHS U-turns on feds’ open source policy

A comment last week compared the policy to allowing terrorists control over the country’s air traffic control systems

The Department of Homeland Security has walked back comments on the White House’s Open Source Code Policy, agreeing with the majority of the administration’s stipulations while offering a few tweaks.

Last week, an extensive comment attributed to DHS was posted on the open source policy’s GitHub page. The comments claimed the project’s goal of releasing at least 20 percent of the agency’s software code would be akin to the FBI handing over their source code to the Mafia, leaving agency’s open to highly targeted attacks.

Retrieved from