Security and Privacy

Latest Headlines

Latest Headlines

Spotlight: Senators want DOJ stingray rules extended to DHS

In a Sept. 29 letter, Sens. Chuck Grassley (R-Iowa) and Patrick Leahy (D-Vt.) urged DHS Secretary Jeh Johnson to "adopt a default warrant requirement, as DOJ did" for the use of cellphone duping technology, called stingrays.

DHS funding development of smartphone 'brain chip' that learns user behavior, confirm identities

With $2.2 million in Homeland Security Department funding, Boeing is partnering with a software company to develop a smartphone "brain chip" to verify that the phone's owner is who they say they are.

Malware that infected iOS apps has roots in CIA project, says report

The malicious software, called XcodeGhost, infects an app developer's computer and then is incorporated into any app made, without their knowledge. It's a technique first demonstrated at the Central Intelligence Agency's annual top-secret Jamboree conference in 2012.

ACLU urges Capitol Hill lawmakers, staff to use secure, encrypted communications apps, tools

For instance, the ACLU pointed out that encrypted smartphone apps like Signal and WhatsApp are free and easily downloadable from major app stores, while Apple has built encrypted voice, video and text communications apps into its operating system.

Federal IT pros: Employee workarounds are biggest IT security threat

Nearly one-third of respondents from a new survey by Dimensional Research and Dell said federal employees using workarounds are the greatest threat to information technology security in the government.

Federal law enforcement agents must now get warrant to use stingrays, new DOJ policy says

Stingrays or cell-site simulators are devices that impersonate cellphone towers to pinpoint a cellphone's location. While the department maintained that the technology is critical for certain investigations, the new "enhanced policy" marks a significant shift for the agency.  

DHS awards $10.4M to companies, universities to research, enhance mobile device security

The department's Science and Technology Directorate said the awards will focus on four technical areas, including mobile device instrumentation, mobile security management tools, transactional security methods, and mobile device layer protection.

Default smartphone encryption would deter thefts of millions of devices, privacy expert says

Kevin Bankston, director of New America's Open Technology Institute, called smartphone theft a "criminal epidemic," in which there were 3.1 million victims in 2013, nearly double from the prior year.

Survey: 'Shadow BYOD' prevalent in federal gov't as employees sacrifice security for convenience

The federal government is dealing with the growing problem of "shadow BYOD" in which employees are using unsanctioned personal devices to connect to the network and access data.

NIST's cybersecurity center seeking help to address mobile security, network authentication

The National Cybersecurity Center of Excellence is seeking vendor products and technical expertise on three projects that focus on mobile device security, personal identity verification credentials for such devices and access control.