A fledgling nonprofit group working to develop an automated cyber-attack early warning system, the Cyber Incident Detection Data Analysis Center (CIDDAC), is about to begin a pilot project to collect data on network intrusions from a group of companies in national-infrastructure industries.
We are proud to announce the immediate availability of the Hack In The Box Security Conference 2004 videos [Pack-1 and Pack-2]. Held at The Westin Kuala Lumpur in Malaysia from October 4th till the 7th, HITBSecConf2004 saw some of the biggest names in the network security industry down to present their latest research and findings. HITBSecConf2004 was also the first time we had two keynote speakers namely Theo de Raadt, creator and project leader for OpenBSD and OpenSSH and John T. Draper infamously known as Captain Crunch. Other speakers who presented include the grugq, Shreeraj Shah, Fyodor Yarochkin, Emmanuel Gadaix, Adam Gowdiak, Jose Nazario, Meder Kydyraliev and several others.
A joint system for reporting and grading security vulnerabilities is going to be launched today. With an eye to guiding companies on which software problems to patch first, Cisco, Symantec and Qualys plan to launch a joint grading system for security vulnerabilities. The ratings will consist of three numbers, Gerhard Eschelbeck, the chief technology officer at security information provider Qualys said on Tuesday. The first will be a baseline estimate of the severity of the flaw. The second will rate the bug depending on how long it has been around, and therefore how likely it is that companies have patched against it.
Source: ZDNet.com.au - Posted by Benjamin D. Thomas
Organisers of LCA 2005, the International Linux conference due to be held in Canberra this April, are hoping its security mini-conference will expand into a separate conference by next year.
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas
On Tuesday, February 8th 2005, LinuxSecurity.com hosted an online chat with the well-known author, consultant, and Linux security expert Bob Toxen. Topics discussed include Linux security best practices, the 7 deadly sins of Linux security, favorite security tools, penetration testing, forensic investigations, merits of open source, full-disclosure, and log evaluation. Once again, we at LinuxSecurity.com want to thank Bob for his participation.
The Southern California Linux expo has announced that Sophos has signed on as one of the latest sponsors of SCALE 3x, the Third Annual Southern California Linux Expo. SCALE 3x has been called " .. one of the few good grass-root level technical conferences for Linux" by Linux Kernel Developer Robert Love.
Source: ZDNet.co.uk - Posted by Benjamin D. Thomas
The General Public License hasn't had a proper update for 13 years, and it's starting to show its age. It looks set to be updated though, to ensure it's more in tune with today's software models and potential legal battles.
Source: Business Wire - Posted by Benjamin D. Thomas
"There is no single solution to the complex issues of security compliance under the HIPAA regulations," noted Dr. Braithwaite. "But there are certain best practices that every organization should follow. Employing encryption technologies in situations where the risk of a security breach is significant is an important core component of these solutions."
Source: LinuxSecurity.com Contributors - Posted by Ryan W. Maple
To celebrate the launch of the new LinuxSecurity.com, we hosted a community chat event. It was held yesterday (December 1st 2004) at 4:00pm, and featured several prominent visionaries from the open source community including Jay Beale, Brian Hatch, Paul Vixie, Lance Spitzner, and Dave Wreski. The topics discussed ranged from authentication, patch management, honeypots, virtues of open source, SELinux, as well as others. We are planning another event to held in January; please send us your ideas!
Security companies TruSecure and Betrusted are expected to formally announce on Tuesday that they plan to merge and create a newly formed company called Cybertrust. . . .
