http://www.govsecurity.net/ en
Phased NAC deployment for compliance and policy enforcement
Thinking about NAC? You're not alone. Many organizations are taking a new look at the latest generation of network access control tools, with the hopes of mapping security policy requirements to technical controls. For those about to take the NAC plunge, Mike Chapple reviews the proper phases of deployment.

Screencast: Nessus
Peter Giannoulis of Bones Consulting demonstrates how Nessus can be used as a vulnerability assessment tool that enterprises can use to help protect critical systems and networks.

TA08-079A: Apple Updates for Multiple Vulnerabilities
Apple Updates for Multiple Vulnerabilities
SA08-087A: Mozilla Updates for Multiple Vulnerabilities
Mozilla Updates for Multiple Vulnerabilities
Hannaford and the evolution of the data breach
As the rash of large data breaches and thefts continues unabated, it’s important to resist the urge to lump them all together. Not all breaches are created equal, and the latest one, at Hannaford supermarkets, illustrates this point perfectly. A lot of people are comparing the incident to last year’s breach at TJX, but the [...]
DHS takes a chance with new cybersecurity chief Beckstrom
The cybersecurity group at the Department of Homeland Security has had a hard time hanging onto its leaders, for various reasons, since the department started five years ago. DHS officials have tried a number of approaches in trying to find the right man for the job, going first to government veterans such as Howard Schmidt [...]
Enterprise security in 2008: Assessing access management
Access management troubles were hardly few and far between in 2007, and according to IAM expert Joel Dubin, access management challenges aren't going away in 2008. In this tip, Dubin outlines this year's key issues, including remote access, provisioning and Web authentication.

SB08-084: Vulnerability Summary for the Week of March 17, 2008
Vulnerability Summary for the Week of March 17, 2008
The data breach that hit home
Covering the security breach at Hannaford Bros. Supermarkets this week was a particularly interesting experience for me. Unlike the other breaches I’ve written about, this one really hit me where I live. Of course, the bank did send me a new debit card after my old one was compromised in the TJX data breach, but that’s [...]
How to lock down USB devices
USB devices, thumb drives, flash drives -- whatever you call them, portable media present a significant challenge for enterprises, as they enable easier data transport for mobile workers, but are often the cause for catastrophic data leaks. In this tip, contributor Rich Mogull reviews software options for keeping USB devices in check.

TA08-079B: MIT Kerberos Updates for Multiple Vulnerabilities
MIT Kerberos Updates for Multiple Vulnerabilities
ST05-006: Recovering from Viruses, Worms, and Trojan Horses
Recovering from Viruses, Worms, and Trojan Horses
Researcher: Beware of massive IFrame attack
Security researcher Dancho Danchev has raised the red flag in his blog about a new scam the bad guys are using to corrupt hundreds of thousands of websites with IFrame redirects. Visit one of these corrupt pages and you just might find yourself caught on another site rigged with malicious code. The infamous hacking group known [...]
]]> http://www.govsecurity.net/computernetworksecurity/computer-network-security-professional.php Sat, 29 Mar 2008 15:28:41 -0700
Screencast: Nessus
Peter Giannoulis of Bones Consulting demonstrates how Nessus can be used as a vulnerability assessment tool that enterprises can use to help protect critical systems and networks.

SB08-077: Vulnerability Summary for the Week of March 10, 2008
Vulnerability Summary for the Week of March 10, 2008
How to lock down USB devices
USB devices, thumb drives, flash drives -- whatever you call them, portable media present a significant challenge for enterprises, as they enable easier data transport for mobile workers, but are often the cause for catastrophic data leaks. In this tip, contributor Rich Mogull reviews software options for keeping USB devices in check.

Supermarket chain discloses breach
East Coast supermarket chain Hannaford Bros. Co. said Monday that its network was broken into and customer credit and debit card numbers were stolen. The Associated Press reported that company officials said the breach exposed 4.2 million credit and debit cards and led to 1,800 cases of fraud. In a statement on the company’s website, Hannaford CEO [...]
Screencast: Opening up the Network Security Toolkit
Tom Bowers reviews the basics of the browser-based Network Security toolkit, including proper configurations, tool selection and general usage.

Lockdown Networks shuts its doors
We’ve been reporting for some time that the NAC market is on shaky ground, with demand for the technology failing to meet the expectations of a couple years ago. We saw more proof of that this week, when Lockdown quietly posted this message on it’s website: “Lockdown Networks today announced that it is ceasing operations effective [...]
SA08-079A: Apple Updates for Multiple Vulnerabilities
Apple Updates for Multiple Vulnerabilities
TA08-087B: Cisco Updates for Multiple Vulnerabilities
Cisco Updates for Multiple Vulnerabilities
Hannaford and the evolution of the data breach
As the rash of large data breaches and thefts continues unabated, it’s important to resist the urge to lump them all together. Not all breaches are created equal, and the latest one, at Hannaford supermarkets, illustrates this point perfectly. A lot of people are comparing the incident to last year’s breach at TJX, but the [...]
DHS takes a chance with new cybersecurity chief Beckstrom
The cybersecurity group at the Department of Homeland Security has had a hard time hanging onto its leaders, for various reasons, since the department started five years ago. DHS officials have tried a number of approaches in trying to find the right man for the job, going first to government veterans such as Howard Schmidt [...]
Vista SP1 experiences: The good and the bad
Yesterday I wrote a story about the reaction from Windows administrators to Microsoft’s release of Vista SP1, and the response was mostly one of caution and frustration. The challenges people are running into are the same ‘ol items: incompatibility with third-party programs, device driver glitches, a sleep mode problem and endless reboots. One of the folks [...]
Enterprise security in 2008: Assessing access management
Access management troubles were hardly few and far between in 2007, and according to IAM expert Joel Dubin, access management challenges aren't going away in 2008. In this tip, Dubin outlines this year's key issues, including remote access, provisioning and Web authentication.

TA08-087A: Mozilla Updates for Multiple Vulnerabilities
Mozilla Updates for Multiple Vulnerabilities
]]> http://www.govsecurity.net/computernetworksecurity/government-computer-and-network-security.php Sat, 29 Mar 2008 15:28:56 -0700