Collaborate Disseminate
The Open Cybersecurity Alliance (OCA) today announced the availability of OpenDXL Ontology, the first open source language for connecting cybersecurity tools through a common messaging framework. With open source code freely available to the security c… Continue reading OpenDXL Ontology: An open source language for connecting cybersecurity tools
“There is no wrong way into the security field and it’s never too late to make a career switch that will take you there,” says Mark Orlando, CTO at Raytheon Cyber Protection Solutions. If you think that’s easy for him to say, co… Continue reading Good cybersecurity comes from focusing on the right things, but what are they?
There was no months-old, unpatched Apache flaw. A S3 bucket wasn’t publicly accessible to anyone with an internet connection. There was no effort to hide what happened behind the company’s bug bounty program. When taken at face value, the Capital One breach looks awfully similar to other massive security failures that have made national news in the past few years. But while people fixate on the amount of information taken, there are some in cybersecurity circles that see a silver lining in the way the bank has handled the incident. Multiple security experts told CyberScoop that while the incident is clearly severe and there are still questions that need to be answered, actions taken by the Virginia-based bank — who did not respond to CyberScoop’s request for comment — prevented this breach from becoming another example of extreme corporate cybersecurity negligence. “While it’s tempting to knock Capital One for this […]
The post What Capital One’s cybersecurity team did (and did not) get right appeared first on CyberScoop.
Continue reading What Capital One’s cybersecurity team did (and did not) get right
At the Paris Air Show, Raytheon and Northrop Grumman announced they have formally agreed to collaborate on building an air-breathing hypersonic weapon for DARPA and the US Air Force. Under the new partnership, the two companies will develop, … Continue reading Northrop Grumman and Raytheon team up to develop air-breathing hypersonic missile
Julian Zottl is the Cyber and Information Operations SME at Raytheon. Julian joins us on the show to talk about side-channel attacks! Full Show Notes Follow us on Twitter: https://www.twitter.com/securityweekly Hosts
The post Julian Zottl, Raytheon … Continue reading Julian Zottl, Raytheon – Paul’s Security Weekly #604
Paul talks with Bret Settle, the CEO of ThreatX about shifting the focus to the hacker. Check out this interview and learn about innovative endpoint defenses and how attackers use covert signaling technologies (such as pulsing cooling fans!) to exfiltr… Continue reading Black Hat Dual Interview pt. 2- Enterprise Security Weekly #105
IT officials from leading industries and government have strong concerns about finding and retaining the necessary talent to respond to cybersecurity threats quickly enough, and how to adapt to changing threats, a new survey finds. The study points to a shift in priorities among IT leaders in the public and private sectors. They say the individuals they’re looking for most possess proactive threat hunting expertise and can think like a hacker. The survey, produced by CyberScoop and underwritten by Raytheon, suggests that to meet the demand for qualified expertise, IT leaders are exploring a larger role for artificial intelligence (AI) on the cyber battlefield and turning to outsourcing as a solution. About two-thirds of industry executives surveyed (64 percent) reported their organizations are investing 10 percent or more of their 2018 cybersecurity budget on AI technology. Government is lagging behind with only 34 percent of respondents indicating their agencies are […]
The post New study highlights demand for proactive cyberthreat hunting expertise appeared first on Cyberscoop.
Continue reading New study highlights demand for proactive cyberthreat hunting expertise
The U.S. Air Force’s recently departed Chief Information Security Officer Peter Kim joined the military contracting giant Raytheon as its director of IT security and governance at the company’s subsidiary Raytheon Missile Systems, CyberScoop has learned. Kim left the Air Force on June 1 and joined Raytheon later in the month. Wanda Jones-Heath, formerly the deputy CISO, took over the role. As the name implies, Raytheon Missile Systems develops and produces missile systems for the U.S. military and its allies. Kim will be responsible for protecting information as well as handling incident response and cyber risk while establishing standards across Raytheon’s missile business. Kim spent the last decade working in cybersecurity at the Pentagon. After four years in communications and IT across Europe and Hawaii for the military, in 2006 Kim took over as the commander of the 92nd Information Operations Squadron, the Air Force’s primary blue team. He worked with […]
The post Raytheon hires Air Force CISO Peter Kim appeared first on Cyberscoop.
There are many ways of storing data in a computer’s memory, and not all of them allow the computer to write to it. For older equipment, this was often a physical limitation to the hardware itself. It’s easier and cheaper for some memory to be read-only, but if you go back really far you reach a time before even ROMs were widespread. One fascinating memory scheme is this example using a vacuum tube that stores the characters needed for a display.
[eric] over at TubeTime recently came across a Raytheon monoscope from days of yore and started figuring out how …read more
Continue reading Raytheon’s Analog Read-Only Memory is Tube-Based
Two recent thefts of NSA documents were made possible simply because workers who handled sensitive material decided to walk out the door with some of it, serving to highlight challenges facing the U.S. intelligence community as it seeks to implement, and in some cases create, next generation insider threat programs. Former U.S. intelligence officials tell CyberScoop the rudimentary nature of these incidents makes it extremely difficult to create programs that keep material secure without negatively impacting workforce morale. “It’s impossible to totally stop from what I can see,” said a former U.S. intelligence official who spoke on condition of anonymity to discuss their experience. “There’s just way too many people walking in and out for nothing to get stolen.” Newly released court documents provide details about recent leaks of classified documents to The Intercept, a national security focused news publication known for its work with Edward Snowden. A transcript of an interview with […]
The post Recent NSA leaks show challenge of a software ‘solution’ for insider threats appeared first on Cyberscoop.
Continue reading Recent NSA leaks show challenge of a software ‘solution’ for insider threats