http://connect.educause.edu/browse/content/lib_item/4928,4973,56 http://connect.educause.edu/browse/content/lib_item/4928,4973,56 http://connect.educause.edu/educause/images/e_rss.png Interviews and Proceedings from EDUCAUSE Events The EDUCUASE Podcast Crew EDUCAUSE is a nonprofit association whose mission is to advance higher education by promoting the intelligent use of information technology. Our podcasts provide information about a range of topics including Leadership, Policy and Law, Teaching and Learning, Emerging Technologies, Open Source, Research Computing, Cyberinfrastructure, and Digitial Libraries. http://connect.educause.edu/browse/content/node/691/list/feed Recent library resources tagged with Contributed by Organizations or Campuses; Articles, Papers, and Reports; and Cybersecurity. en http://connect.educause.edu/display/37169 "Outspoken author and security guru Bruce Schneier has questioned the very existence of the security industry, suggesting it merely indicates the willingness of other technology companies to ship insecure software and hardware." http://connect.educause.edu/display/37169#comments CNET News.com Cybersecurity Network Security and Applications Security Management Contributed by Organizations or Campuses Articles, Papers, and Reports HTML Thu, 26 Apr 2007 14:59:33 -0500 drupal 37169 at http://connect.educause.edu http://connect.educause.edu/display/36990 "Personal information on 800,000 students, alumni and others is exposed. Attacks lasted a year, the school says." http://connect.educause.edu/display/36990#comments Cybersecurity Data Security Hacking Identity Theft Incident Handling and Response Contributed by Organizations or Campuses Articles, Papers, and Reports HTML Tue, 12 Dec 2006 13:35:27 -0600 drupal 36990 at http://connect.educause.edu http://connect.educause.edu/display/36675 In a report card released by the Cyber Security Industry Alliance (CSIA), the federal government received a grade of D+ for cybersecurity. CISA gave credit to the Department of Homeland Security for establishing a new position, the assistant secretary for cybersecurity. Six months after that job was created, however, it remains unfilled. Paul Kurtz, executive director of CSIA, commented that "Cybersecurity research is in a crisis." CSIA also launched what it calls a Digital Confidence Index, a measure of public confidence in efforts to protect computers and systems. The initial rating for the index is 58 out of 100. CSIA issued a set of 13 recommendations, called the National Agenda for Information Security in 2006, designed to improve the nation's cybersecurity. Among the recommendations are calls to increase funding for cybersecurity research and to promote cooperation among federal agencies. http://connect.educause.edu/display/36675#comments Cybersecurity Cybersecurity Policy Policy and Law: Federal Contributed by Organizations or Campuses Articles, Papers, and Reports HTML Fri, 16 Dec 2005 15:26:36 -0600 drupal 36675 at http://connect.educause.edu http://connect.educause.edu/display/36638 "More than half a million networks, including military and government sites, were likely infected by copy restriction software distributed by Sony on a handful of its CDs, according to a statistical analysis of domain servers conducted by a well-respected security researcher and confirmed by independent experts recently. Each installation of Sony's rootkit not only hides itself and rewrites systems drivers, it also communicates back out to Sony." http://connect.educause.edu/display/36638#comments Anti-Circumvention Restrictions or Copy Protection Devices Cybersecurity DRM Licensing Network Security and Applications Viruses and Worms Contributed by Organizations or Campuses Articles, Papers, and Reports HTML Wed, 16 Nov 2005 16:26:15 -0600 drupal 36638 at http://connect.educause.edu http://connect.educause.edu/display/36637 "Record label Sony BMG Music Entertainment said Tuesday that it will recall millions of CDs that, if played in a consumer's PC disc drive, will expose the computer to serious security risks." http://connect.educause.edu/display/36637#comments Anti-Circumvention Restrictions or Copy Protection Devices Cybersecurity DRM Licensing Network Security and Applications Viruses and Worms Contributed by Organizations or Campuses Articles, Papers, and Reports HTML Wed, 16 Nov 2005 13:26:31 -0600 drupal 36637 at http://connect.educause.edu http://connect.educause.edu/display/36500 In a presentation at the Black Hat conference last week, security researcher Dan Kaminsky argued that domain name system (DNS) servers represent a broad vulnerability in the Internet. Kaminsky said that of2.5 million DNS servers he tested, nearly 10 percent could be susceptible to so-called DNS cache poisoning. In total, about 9 million DNS servers are operating globally. DNS servers translate typed URLs into numbers necessary to locate Web sites. In cache poisoning, legitimate numeric Web addresses are replaced, causing users to be redirected to sites of the hacker's choosing. Often, users are sent to Web sites that install malware or that deceive users into disclosing personal information, which can then be used in identity theft.Incidents of cache poisoning have disrupted Internet service in the past, including this March, when users trying to access CNN.com and MSN.com were sent to sites that installed spyware. Security experts advise operators of DNS servers to audit their machines and make sure they configure them in the safest manner possible. http://connect.educause.edu/display/36500#comments Cybersecurity Data Security Hacking Network Security and Applications Servers Contributed by Organizations or Campuses Articles, Papers, and Reports HTML Thu, 04 Aug 2005 09:37:16 -0500 drupal 36500 at http://connect.educause.edu http://connect.educause.edu/display/36479 Federal agencies are facing a set of emerging cybersecurity threats that are the result of increasingly sophisticated methods of attack and the blending of once distinct types of attack into more complex and damaging forms. Examples of these threats include spam (unsolicited commercial e-mail), phishing (fraudulent messages to obtain personal or sensitive data), and spyware (software that monitors user activity without user knowledge or consent). To address these issues, GAO was asked to determine (1) the potential risks to federal systems from these emerging cybersecurity threats, (2) the federal agencies' perceptions of risk and their actions to mitigate them, (3) federal and private-sector actions to address the threats on a national level, and (4) governmentwide challenges to protecting federal systems from these threats. http://connect.educause.edu/display/36479#comments Cybersecurity Phishing Security Risk Assessment and Analysis Spam Spyware or Adware Contributed by Organizations or Campuses Articles, Papers, and Reports PDF Fri, 29 Jul 2005 11:20:27 -0500 drupal 36479 at http://connect.educause.edu http://connect.educause.edu/display/36382 TippingPoint--part of 3Com--is soliciting hackers to report vulnerabilities in exchange for money. If a valid bug is found, TippingPoint will notify the maker of the flawed product and update its security products to protect users against exploitation of the flaw until an official patch is released http://connect.educause.edu/display/36382#comments Cybersecurity Hacking Internet Products and Services Security Awareness Contributed by Organizations or Campuses Articles, Papers, and Reports HTML Fri, 29 Jul 2005 10:17:10 -0500 drupal 36382 at http://connect.educause.edu http://connect.educause.edu/display/36328 In an effort to raise Internet security awareness, Michigan opened a Web portal that will give state employees access to computer and Internet security awareness programs. Cybersecurity has emerged as a major concern among state chief information officers, who say their networks are increasingly under attack. http://connect.educause.edu/display/36328#comments Cybersecurity Federal Computer Week Security Awareness Security Policies Training Contributed by Organizations or Campuses Articles, Papers, and Reports HTML Fri, 17 Jun 2005 12:42:59 -0500 drupal 36328 at http://connect.educause.edu http://connect.educause.edu/display/36326 This article reports on the U.S. Department of Justice exploration of data retention rules that could permit police to obtain records of e-mail, browsing or chat-room activity months after ISPs ordinarily would have deleted the logs. Data retention could aid criminal and terrorism prosecutions, but privacy worries and questions about the practicality of assembling massive databases of customer behavior could engender stiff opposition to the proposal. http://connect.educause.edu/display/36326#comments Cybersecurity Data Retention Policies Internet Governance ISP Privacy Contributed by Organizations or Campuses Articles, Papers, and Reports HTML Fri, 17 Jun 2005 12:21:33 -0500 drupal 36326 at http://connect.educause.edu