The bans are in response of cybercriminals abusing those services to spread ransomware and malware
The IT department of the U.S. House of Representatives has blocked access to Yahoo Mail and the Google App Engine platform due to malware threats.
On April 30, the House’s Technology Service Desk informed users about an increase in ransomware related emails on third-party email services like Yahoo Mail and Gmail.
Read More Networkworld
The cloud offers great opportunities and challenges to public sector security teams defending critical systems against advanced threats. These 7 strategies will help you avoid a worst-case scenario.
Like many of you, I was there at the birth of the cloud. I watched the evolution in the private sector and have supported adoption in the public sector, which is taking much longer, due to the time it takes government to innovate and implement new technology. Few government CIOs have been able to overcome this challenge.
Read More Informationweek
As smartphone makers are increasingly adding fingerprint-sensor technology as a log-in feature for their devices, users may be unaware they may lose their right to the Fifth Amendment.
10 iPhone, iPad Apps For Data Nerds
(Click image for larger view and slideshow.)
On the off-chance law enforcement officials may one day want to peruse through the content loaded on your smartphone, there’s a high probability you won’t be able to stop them if it has a fingerprint sensor as its log-in.
In other words, you have lost the right to the Fifth Amendment, which guards against self-incrimination. Such was the case for one woman, who was recently targeted by the FBI. The bureau obtained a warrant from a Los Angeles Court to compel her to press her finger against the smartphone and unlock the device, according to a Los Angeles Times report.
Under the Fifth Amendment, one of the provisions states no one “shall be compelled in any criminal case to be a witness against himself.” For this provision to kick in, however, it applies to law enforcement agencies and the government forcing an individual to make a statement or give “testimony” that could incriminate the individual, notes a report in Wired.
SAN FRANCISCO – RSA CONFERENCE 2016 – US National Security Agency chief Michael Rogers warned Tuesday that hackers will try to mount a cyber attack against US infrastructure, similar to the power failure in western Ukraine last year.
Read More Securityweek
The National Institute of Standards and Technology is set to release an overhauled systems security engineering document it hopes will change the way software and computer designers think about cybersecurity.
An updated draft of NIST’s 800-160 document will be released for public comment on May 4. According to its lead author, Dr. Ron Ross, the new 800-160 will kick off a difficult discussion over not only how federal agencies approach cybersecurity, but also how U.S. business and general population should think about it — not just as an add-on, but as an foundational component of any technology that touches the Internet.
The FBI spent over $1.3 million to unlock the iPhone of San Bernardino shooter Syed Farook — and reportedly found nothing important inside. Now Apple wants to find out how the phone got hacked, but the FBI doesn’t plan to share.
Read More Cnet
The United States government has dropped a case in which it attempted to get Apple to extract information from an iPhone after receiving the passcode to the device.
In February, the FBI convinced a judge to order Apple to create a piece of software that would allow the agency to brute-force the passcode on the iPhone belonging to the San Bernardino shooter. Apple refused to comply, arguing that creating a backdoor to the iPhone puts its customers at risk and creates a dangerous precedent.
In late March, the FBI announced that it managed to break into the San Bernardino attacker’s phone without Apple’s help and the case was dropped. Authorities were reportedly helped by grey hat hackers to crack the phone and FBI director James Comey suggested that theagency paid over $1 million.
Read more Securityweek
DOD’s aggressive and transparent approach to the first federal bug bounty program has the department set up for success, according to Alex Rice, HackerOne CTO and co-founder.
The Defense Department’s revolutionary bug bounty program, just a week into its monthlong run, is already shaping up to be one of the largest and most transparent that partnering company HackerOne has ever worked on, according to one of the startup’s executives.
There has already been a “healthy amount of activity” in the first week of the “Hack the Pentagon” program, Alex Rice, HackerOne CTO and co-founder, told FedScoop. More than 500 vetted hackers are trying to compromise security vulnerabilities in DOD’s infrastructure.
Read More fedscoop.com
A comment last week compared the policy to allowing terrorists control over the country’s air traffic control systems
The Department of Homeland Security has walked back comments on the White House’s Open Source Code Policy, agreeing with the majority of the administration’s stipulations while offering a few tweaks.
Last week, an extensive comment attributed to DHS was posted on the open source policy’s GitHub page. The comments claimed the project’s goal of releasing at least 20 percent of the agency’s software code would be akin to the FBI handing over their source code to the Mafia, leaving agency’s open to highly targeted attacks.
Retrieved from Fedscoop.com