What's New

Thank you for visiting the Financial and Banking Information Infrastructure Committee (FBIIC) website!

FBIIC implemented this website as a method of sharing information about Critical Infrastructure Protection and Homeland Security activities and initiatives. The website will also be used to facilitate internal communications among FBIIC members.

January 2012

• Fighting Cybercrime – a major challenge for global society
• UK Online Fraud Report 2012
• Canada - Privacy Commissioner unveils new tools to help young Internet users protect their privacy
• Incident Response Methodologies
• Preparing for High-impact, Low-probability Events
• Hidden Data and Metadata in Adobe PDF Files: Publication Risks and Countermeasures
• Data Mining and Web Data Extractors 2012
• Security Threat Report 2012
• Hash identifier
• Security Development Lifecycle (SDL) Threat Modeling Tool
• Analysis of DNSSEC Validation Failure Domain: NASA.GOV
• National Institute of Justice Investigations Involving the Internet and Computer Networks
• "Anonymous" DDoS activity
• National Strategy for Global Supply Chain Security
• FBI Fraud Alert Notice
• World Economic Forum Global Risks 2012, Seventh Edition
• Oman Computer Emergency Readiness Team
• German Anti-Botnet-Advisory Centre Checker
• Might Governments Clean-up Malware?
• Network Information Security in Education
• VoIP Penetration Testing & Security Risk
• Quantifying Reputational Risk
• Anti-virus Comparative
• Analyzing Malicious Documents Cheat Sheet
• Brief overview of 4 network forensics analysis tools (NFATs)
• Defending Privacy at the U.S. Border: A Guide for Travelers Carrying Digital Devices
• USB Undermining Security Barriers
• Fuzzing USB devices with Frisbee Lite
• Publicly Available Social Media Monitoring and Situational Awareness Initiative Update
• Malware Removal Guide for Windows
• Next gen spam detection
• Study on Cybercrime losses
• Local System Security via SSHD Instrumentation
• Adventures in (Small) Datacenter Migration
• Deploying IPv6 in the Google Enterprise Network: Lessons Learned
• Getting Ahead of Advanced Threats
• US-CERT Current Activity
• Department of Energy Launches Initiative with Industry to Better Protect the Nation’s Electric Grid from Cyber Threats
• DHS National Vulnerability Database
• National Infrastructure Advisory Council Intelligence Information Sharing Final Report and Recommendations
• Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use
• Simple bash script for IP-ASN mapping
• Security Technical Implementation Guide for Smartphones
• Defending Against Denial of Service Attacks
• IPv6 for All
• GPG GUIDE For Secure Communications
• Access Tech 10-Minute Guide to Safer Travel
• Global Civil Society Under Attack
• Basic Internet Security
• Why use a manual on Internet security?
• Secure Communication with the CERTs & Other Stakeholders

December 2011

• Guidance on the rules on use of cookies and similar technologies
• Proactive detection of network security incidents report
• Protecting Industrial Control Systems. Recommendations for Europe and Member States
• Cyber Security Aspects in the Maritime Sector
• Smartphone Secure Development Guidelines
• Cyber security: future challenges and opportunities
• Cyber Security: ENISA’s view on the way forward, new paper
• Proactive detection of network security incidents report
• Protecting Industrial Control Systems. Recommendations for Europe and Member States
• Cyber Security Aspects in the Maritime Sector
• Smartphone Secure Development Guidelines
• Cyber Security: ENISA’s view on the way forward, new paper
• Proactive detection of cyber security incidents
• Analyzing malicious files for writing network signatures
• ICANN WHOIS Policy Review Team Draft Report(via ICANN)
• Taking TLS Authentication to the Next Level Using DNSSEC
• Static Analysis of x86 Executables
• DDoS Basics
• PDF current threats
• WHITE PAPER ON INDUSTRIAL AUTOMATION SECURITY IN FIELDBUS AND FIELD DEVICE LEVEL
• Oracle Cyber Risk Report
• Oracle Security Intelligence Operations
• ICS-CERT Warns Facilities of Exposure via SHODAN
• Disaster and Emergency AlertMap
• Impacts of Severe Space Weather on the Electric Grid
• Fact Sheet: Blueprint for a Secure Cyber Future
• Blueprint for a Secure Cyber Future
• Federal Cybersecurity R&D Strategic Plan
• NSTC Documents & Reports
• Strategic Plan for the Federal Cybersecurity Research and Development Program
• Proactive Botnet Countermeasures - An Offensive Approach
• New Approach to automatically detecting bugs and vulnerabilities in Linux
• Private Search in the Real World
• Pirates of the ISPs: Tactics for Turning Online Crooks Into International Pariahs
• Did Chinese security firm snag too many American security secrets before the barn door closed?
• Android Reverse Engineering Toolset Debuts
• Busted! DOJ says you might be a felon if you clicked a link or opened email
• Security list
• Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination
• ICANN Global Policy Proposal for Post Exhaustion IPv4 Allocation Mechanisms by IANA – Updated Background Report
• OpenIOC - An Open Framework for Sharing Threat intelligence
• DO "LIBERATION TECHNOLOGIES" CHANGE THE BALANCE OF POWER BETWEEN REPRESSIVE STATES AND CIVIL SOCIETY?
• ENISA Launches Information Security Awareness Videos In 23 European Languages
• GS1 EPC/RFID Privacy Impact Assessment Tool
• New, updated map (v2.6) of 'digital fire brigades'- CERTs
• The UK Cyber Security Strategy Protecting and promoting the UK in a digital world
• DDoS Attacks mapped
• Ireland setting up a national CERT
• Newspaper Map
• Cybercrime Protecting Aganist the Growing Threat
• The Chinese People's Liberation Army Signals Intelligence and Cyber Reconnaissance Infrastructure
• SECURITY GUIDANCE FOR CRITICAL AREAS OF FOCUS IN CLOUD COMPUTING V3.0
• Cyberspace Operations
• IT Reference Documents
• MarkMonitor Fraud Intelligence Report - Third Quarter 2011
• Systematic Detection of Capability Leaks in Stock Android Smartphones
• IEEE Cipher's Calendar of Security and Privacy Related Events

November 2011

• AhnLab Monthly Security Report
• Security In A Box - How-to Booklet
• A Report to Congress Pursuant to the National Defense Authorization Act for Fiscal Year 2011, Section 934
• DEPARTMENT OF DEFENSE STRATEGY FOR OPERATING IN CYBERSPACE
• MC/080 DNSSEC Deployment Study
• Text-based CAPTCHA Strengths and Weaknesses
• List of Free Sandboxes for Malware Analysis!
• .eu makes domain name security easy
• FCC Cybersecurity Web Site to Help Small Businesses
• Promoting Cross·Border Data Flows Priorities for the Business Community
• Enabling Trade in the Era of Information Technologies: Breaking Down Barriers to the Free Flow of Information
• Entrust Bulletin on Certificates Issued with Weak 512-bit RSA Keys by Digicert Malaysia
• Cisco Secure Development Lifecycle (CSDL)
• Are free Android virus scanners any good
• Presidential Memorandum -- Accelerating Technology Transfer and Commercialization of Federal Research in Support of High-Growth Businesses
• Vice President Biden Delivers Remarks to The London Conference on Cyberspace
• VP's Remarks to London Cyberspace Conference
• Foreign Spies Stealing US Economic Secrets in Cyberspace
• Special Publication 800-145, The NIST Definition of Cloud Computing
• The ghosts from the machines: A history of 10 years of carelessly discarded data
• Why Johnny Can't Opt Out: A Usability Evaluation of Tools to Limit Online Behavioral Advertising
• SSL As Designed, SSL As Deployed, SSL As It Should Be
• New Tools for Today's Investigative Journalist
• Spam Dashboard
• China's Cyber Warfare Capabilities
• The Socialbot Network: When Bots Socialize for Fame and Money
• Australian Security Intelligence Organisation Annual Report
• ASIO Report to Parliament 2010-11
• ASIO Annual Report Tabled in Parliament

October 2011

• Collective Intelligence Framework
• The evolution of collective intelligence
• The State of Hacker Forums Report
• Information security & business continuity standards
• National Incident Management System Implementation for State, Tribal, and Local Governments
• Division of Corporation Finance, Securities and Exchange Commission: CF Disclosure Guidance: Topic No. 2, Cybersecurity
• Microsoft Cyber Security: Abstract | White Paper
• Federal Chief Information Officers: Opportunities Exist to Improve Role in Information Technology Management. GAO-11-634, September 15 | Highlights
• A Process for Continuous Improvement Using Log Analysis
• Department of Energy’s Unclassified Cyber Security Program – 2011
• English-Spanish-Portuguese-Japanese-German-Italian-Croatian glossary of information security and business continuity terms
• Does Cybercrime pay?
• 2011 Social Networking Security and Privacy Study
• Government of South Australia Information Security Management Framework
• GOVERNMENT FRAMEWORK ON CYBER SECURITY
• Additional Guidance Needed to Address Cloud Computing Concerns
• Best Practices for Reporting Badware URLs
• StopBadware releases best practices for reporting
• New best practices for reporting badware URLs
• Best Practices for Web Hosting Providers
• 26 helpful open source network management tools
• SMS-Based Security Measures Implemented by Banks Are Not Foolproof
• Recommendations of the House Republican Cybersecurity Task Force
• AhnLab Monthly Security Report
• Gaming security by obscurity
• IBM X-Force 2011 Mid-year Trend and Risk Report
• Information security awareness video on how to keep yourself and your information safe when online - shopping, surfing
• The Balanced Scorecard: Measure that Drive Performance
• Seven Crucial Identity And Access Management Metrics
• Using the Microsoft Diagnostics and Recovery Toolset (DaRT) for Incident Response
• Cybercrime becomes bigger threat to energy industry than terrorists
• Microsoft Safety Scanner
• Measuring the Black Web: Is cybercrime as big as its foes fear
• A Detail Analysis of an Advanced Persistent Threat Malware
• Georgia Tech Emerging Cyber Threats Report for 2012
• AVG Community Powered Threat Report - Q3 2011
• 2011 CWE/SANS Top 25 Most Dangerous Software Errors
• The Italian Job – Multiple SCADA / ICS Vulnerabilities Go Public
• Digging for Facts on the Siemens S7-1200 PLC Security Vulnerabilities, Part 1/3
• Privacy leakage vs. Protection measures: the growing Disconnect
• Microsoft Security Intelligence Report
• Programming Languages Reference Sheets
• Anatomy Of A Mac APT Attack
• Executive Order -- Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information
• Government Response to the Intelligence and Security Committee’s Annual Report 2010–2011
• Opinion of the European Data Protection Supervisor on net neutrality, traffic management and the protection of privacy and personal data
• CERT Polska Semiannual Report: January-June 2011
• ENISA (European Network and Information Security Agency) Desktop Research on Public Private Partnerships
• Establishing a National CSIRT in Africa - Kenyan Case Study | PDF
• Securities and Exchange Commission CF Disclosure Guidance: Topic No. 2 Cyber security
• Information Sharing: Progress Made and Challenges Remaining in Sharing Terrorism-Related Information, GAO-12-144T | Highlights
• Defense and Development for Michigan Citizens, Businesses and Industry
• Cyber-Security Essentials
• Europol launches two new publications
• State-sponsored Cyber Terrorism: Georgia's Experience
• Cyber crime unit saves UK economy £140m in six months
• Off Shoring and Cyber Security
• DECISION-MAKING UNCERTAINTY AND THE USE OF FORCE IN CYBERSPACE
• Cisco 2011 Connected World Technology Report
• Information Security Continuous Monitoring for Federal Information Systems and Organizations
• The short history of Mac malware: 1982 – 2011
• TC Console
• The IBM Institute for Advanced Security Expert BlogRSS Feed
• Smarter Security Solutions
• VERIZON 2011 PAYMENT CARD INDUSTRY COMPLIANCE REPORT
• Presidential Proclamation -- National Cybersecurity Awareness Month
• Information Security: Weaknesses Continue Amid New Federal Efforts to Implement Requirements. GAO-12-137, October 3 | Highlights

September 2011

• Release of the First Edition of the National Preparedness Goal
• ICSJWG 2011 September Quarterly Newsletter
• PwC Fraud Forum
• Securely deploying Android devices
• SABMiller: Conficker virus cost us £7.2 million
• Models To Advance Voluntary Corporate Notification to Consumers
• George Mason University - International Cyber Center: Sample Case Studies
• George Mason University - International Cyber Center: C.E.R.T Documentation
• How to choose an e-discovery tool and e-discovery vendor
• Digital Forensics Solutions
• regdecoderlive
• registrydecoder
• European Commission Staff Working Paper
• 2011 Implementation Report on the Protection of Minors and Human Dignity Recommendations
• Making the EU cyber-safe
• Additional Malware Protection with MSS
• President Toomas Hendrik Ilves at ICEGOV conference
• National Cyber Security Centre opens
• National Cyber Security Centre of New Zealand
• New Zealand’s Cyber Security Strategy
• WebGL Globe Visualization
• WebGl Globe Visualizing Data from hpfeeds
• 5 more dirty tricks: Social engineers' latest pick-up lines
• Control Systems Security Program (CSSP)
• Cyber Security Evaluation Tool (CSET)
• Macintosh Operating System X version 10.6 Technology Overview
• STIG Transformation to XCCDF
• Federal Communications Commission News
• Fifth Annual Chemical Sector Security Summit
• DETERRENCE IN CYBERSPACE: DEBATING THE RIGHT STRATEGY WITH RALPH LANGNER AND DMITRI ALPEROVITCH
• Bad new world: Cyber risk and the future of our nation
• Proxy logs helped FBI track and arrest LulzSec member
• Cyber Security and the UK's Critical National Infrastructure
• Singapore to set up national cyber security centre
• ENISA today and in the future
• ED presentation in Council Working Group
• Better Board Governance: Communications, Security and Technology in a Global Landscape of Change
• Cybercrime: is it out of control?
• Legal risks abound for firms without a mobile device security policy
• Public Accounts Committee - Fiftieth Report
• Visualizing data
• DDOS Tracer: Trace the Attack!
• APT SUMMIT FINDINGS
• Internet Traffic Agent
• Team CYMRU Community Services
• Malware and cyber-crime
• Malware - Messaging Anti-Abuse Working Group(MAAWG)
• Network Weathermap
• Cyber 999 - Malaysia Computer Emergency Response Team
• Identifying and Detecting Security Breaches
• MANDIANT - Free Software
• Thank Goodness for Fraud
• Information Security Lab Setup Guide
• A Guide to Facebook Security
• FCC News Release on DACA White Paper
• All Your Mobile Applications Belong To Us
• Free 'HoneySink' Tool Captures Botnet Traffic
• APT Summit Findings
• Show Me Your Cookie And I Will Tell You Who You Are
• Intelligence To Protect The Homeland
• NIMS Guideline for the Credentialing of Personnel
• Issue 62: July/August 2011 NIPP News
• The Next Wave of Botnets Could Descend from the Skies
• Saudi Arabia - National Center for Earthquakes and Volcanoes

August 2011

• Career Focus: Cyber Security — A Growing Threat, a Growing Career
• Graphene goes plasmonic
• Fraudulent Digital Certificates Could Allow Spoofing - I
• Fraudulent Digital Certificates Could Allow Spoofing- II
• Fraudulent Digital Certificates Could Allow Spoofing - III
• Fraudulent Digital Certificates Could Allow Spoofing - IV
• Fraudulent Digital Certificates Could Allow Spoofing- V
• Bird Flu rears its head again
• Earthquake Safety Checklist
• Earthquake Safety Guide for Homeowners
• Earthquake Safety in the Work place
• 65% of online adults use social networking sites
• Windows Remote Desktop worm "Morto" spreading
• Malware Protection Center
• McAfee Threats Report: Second Quarter 2011
• MyCERT Cyber Security Malaysia Introduce DNSwatch
• Malaysia Computer Emergency Response Team
• Finale - Lessons from Some of the Least Malware Infected Countries in the World – Part 6
• Global Cyberlympics
• Behind Intel's New Random-Number Generator
• DOE Hurricane Irene Situation Report #5
• NEW YORK CITY HURRICANEE VACUATION ZONES
• HURRICANES AND NEW YORK CITY
• Ready New York: Hurricanes and New York City
• MAYOR BLOOMBERG UPDATES NEW YORKERS ON PREPARATIONS FOR HURRICANE IRENE
• Ready NY Hurricane Guide
• 11-17 Corrections to Shelter Locations - QN.doc
• NYC Hurricane Evacuation Zones and Centers
• NYC Severe Weather - Hurricane Watch in Effect for NYC
• NYC Office of Emergency Management
• Local: Transit Information
• Local: OEM's Hurricane Evacuation Zone Finder and additional information-site is slow due to use
• National Hurricane Center
• Ready America-good site for individual preparedness and "Go Kit" information
• National Hurricane Center on Preparedness
• Human Resources Flexibilities Available to Assist Federal Employees During Emergencies
• OPM Emergency Guidance Memoranda-listing of recent OPM emergency announcements
• READY NEW YORK HURRICANES AND NEW YORK CITY
• NARA-Records Disaster Preparedness Plans
• Tips for Pets
• Hurricane Preparedness
• Records Emergency Preparation
• OCC Allows National Banks and Federal Savings Associations Affected by Hurricane Irene to Close
• Hurricane IRENE
• Republic of Korea – Cyber Terror Response Center
• US quake bolsters calls for public safety wireless network
• 9/11 Spear Phishing Campaign - NCCIC Bulletin
• Career Focus: Cyber Security — A Growing Threat, a Growing Career
• Tool Release: A Banking Trojan Detection Tool
• Security Awareness Newsletters
• Dirt Jumper Caught in the Act
• Hackers post BART cops' personal information
• United Kingdom – Information Commissioner's Office - "Data Protection Audit Report" August 2011
• Let the Market Drive Deployment: A Strategy for Transitioning to BGP Security
• Flash Cookies and Privacy II: Now with HTML5 and ETag Respawning
• How to find unwanted files on workstations
• PCI Security Standards Council Releases PCI DSS Tokenization Guidelines
• IT Threat Evolution: Q2 2011
• Advisory Guidelines for 6to4 Deployment
• Measuring Pay-per-Install: The Commoditization of Malware Distribution
• The CERT Insider Threat Database
• BART website hacked, customer info leaked
• “10-year-old hacker finds zero-day flaw in games” August 7, 2011
• Beware Malware: A Comprehensive Guide to Malicious Software
• Revealed: Operation Shady RAT
• "Exclusive: Operation Shady rat—Unprecedented Cyber-espionage Campaign and Intellectual-Property Bonanza" - Vanity Fair, August 2, 2011
• Korean Communications Commission Press Release July 28, 2011

July 2011

• “A Neutralizing Antibody Selected from Plasma Cells That Binds to Group 1 and Group 2 Influenza A Hemagglutinins” Science
• American Society of Civil Engineers "The Economic Impact of Current Investment Trends in Surface Transportation Infrastructure"
• Strategy to Combat Transnational Organized Crime
• CSIA: US and India Sign Cybersecurity MOU
• Economic and Policy Frameworks For Cybersecurity Risks
• Pirates of the ISPs
• Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure
• Data Center Consolidation: Agencies Need to Complete Inventories and Plans to Achieve Expected Savings
• France - la Haute Autorité pour la diffusion des œuvres et la protection des droits sur internet
• Randy Vickers, top cyber official, resigns abruptly
• Defense Department Cyber Efforts: DOD Faces Challenges in Its Cyber Activities: GAO-11-75, July 25 | Highlights
• Italy - Centro Nazionale Anticrimine Informatico per la Protezione delle Infrastrutture Critiche (National Computer Crime Center for Critical Infrastructure Protection)
• CNAIPIC - Italian government hacked by Antisec , Various Confidential documents leaked - July 25, 2011
• 2011 Payment Security Practices and Trends Report
• Forbes Thought Of The Day
• Retrevo Blog
• LPS-Public Quick Start Guide
• Marine General Calls for Stronger Offense in U.S. Cyber-Security Strategy
• Creating Your Own SIEM and Incident Response Toolkit Using Open Source Tools
• Security and Privacy Controls for Federal Information Systems and Organizations - INITIAL PUBLIC DRAFT” National Institute of Standards and Technology, July 19, 2011
• Sixteen individuals arrested in the United States for alleged roles in cyber attacks
• Anonymous and associated hacker groups continue to be successful
• A Look Inside Targeted Email Attacks
• Plug and Prey: Malicious USB Devices
• Police-Led Intelligence
• TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION Reference Number: 2011-40-054
• Dynamic DNS
• Primer on the Common Vulnerability Scoring System CVSS
• Dirty Jobs: The Role of Freelance Labor inWeb Service Abuse
• Secunia Half Year Report 2011
• Cyber Attack: Exploiting the User
• Automorphic Signatures and Applications
• Business Assurance for the 21st Century
• Infrastructure security
• Internet infrastructure review
• Hackers Gained Access to Sensitive Military Files
• iOS Hardening Configuration Guide
• "DEPARTMENT OF DEFENSE STRATEGY FOR OPERATING IN CYBERSPACE" July 2011
• Defeating UCI: Building Stealthy and Malicious Hardware
• Cybertalking in the United Kingdom
• Department of Homeland Security Office of Inspector General: "Planning, Management, and Systems Issues Hinder DHS' Efforts To Protect Cyberspace and the Nation's Cyber Infrastructure" June 2011
• United Kingdom, Security Service: UK threat level lowered to "SUBSTANTIAL" 11 July 2011
• Facebook Forensics
• PCI Secutiry Standards Council publishes PCI DSS Virtualization Guidelines
• Information Supplement: PCI DSS Virtualization Guidelines
• CNET Hacking Chart
• Is it possible to calculate the Return on Security Investment (ROSI)?
• 2011 CWE/SANS Top 25 Most Dangerous Software Errors
• IRM (Incident Response Methodologies)
• Congressional Research Service: The Smart Grid and Cybersecurity- Regulatory Policy and Issues
• OWASP Mantra - Security Framework
• Know Your Rights!
• 10 Days of Rain: denial-of-service (DDoS) activity against targets in South Korea
• International Cyber Security Protection Alliance
• Issue 61: May/June 2011 NIPP News
• Preparing for the 2011 Hurricane Season

June 2011

• OECD Reviews of Risk Management Policies: Future Global Shocks IMPROVING RISK GOVERNANCE
• Securelist
• STRATEGIC CYBER SECURITY
• Influenza Vaccine: Federal Investments in Alternative Technologies and Challenges to Development and Licensure. GAO-11-435, June 27 | Highlights
• Influenza Pandemic: Lessons from the H1N1 Pandemic Should Be Incorporated into Future Planning. GAO-11-632, June 27 | Highlights
• Critical Infrastructure Protection
• German cyber-defense center to launch in 2011
• [ATO-TF] White Paper ANNOUNCEMENT - Account Take Over and Online Fraud Response
• Council of the European Union's Results
• Sex, Lies and Cybercrime Surveys
• Blueprint for a Science of Cybersecurity, Schneider
• Doctrine for Cybersecurity - Mulligan and Schneider
• Consequence Management
• CYBERSECURITY, INNOVATION AND THE INTERNET ECONOMY
• America’s Cyber Future: Security and Prosperity in the Information Age: volume 1
• NLE 2011 Newsletter
• INFORMATION ASSURANCE IA ALERT
• Recommended Actions for SecurID Users in Response to RSA Cyber Intrusion
• CPNI VIEWPOINT: CYBER SECURITY ASSESSMENTS OF INDUSTRIAL CONTROL SYSTEMS
• CYBER SECURITY ASSESSMENTS OF INDUSTRIAL CONTROL SYSTEMS: A GOOD PRACTICE GUIDE
• NATO Parliamentary Assembly, 074 CDS 11 E - INFORMATION AND NATIONAL SECURITY
• Country Reports
• Cyber Security Agency ENISA Maps Good Practice in Europe
• NEW ZEALAND'S CYBER SECURITY STRATEGY
• An Investigation into Chinese Cybercrime
• FBI Releases Bank Crime Statistics for First Quarter of 2011
• Bank Crime Statistics (BCS)
• An Open Letter from RSA
• McAfee Threats Report: First Quarter 2011
• tartetatintools: experimental pintools for malware analysis
• A Preliminary Model of Insider Theft of Intellectual Property
• Insider Threat Analysis of Case Based System Dynamics
• Who sends the most spam?
• Fighting Spam to Build Trust
• 2011 Atlantic Hurricane Season Outlook
• United Kingdom - Cyber Security Challenge UK
• United Kingdom – Ministry of Defence  - "Armed Forces Minister - Responding to Cyber War" 1 June 2011

May 2011

• The Underground in 2011
• Cyber Cheat Sheets
• Identifying Malware Distribution Relationships Using ETags
• Hacking and Securing Next Generation iPhone and iPad Apps
• Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on fon-iks
• How banks use Twitter to combat fraud
• Security and Other Technical Concerns Raised by the DNS Filtering Requirements in the PROTECT IP Bill
• Incident Response Tools
• PDF Tools
• PDF Stream Dumper
• Jsunpack-n
• Peepdf
• Origami
• MalObjClass
• IARC CLASSIFIES RADIOFREQUENCY ELECTROMAGNETIC FIELDS AS POSSIBLY CARCINOGENIC TO HUMANS
• ALTERED FINGERPRINTS
• WinMHR (beta)
• Malware Hash Registry
• IP to ASN Mapping
• TC Console
• Team Cymru ‘Who and Why’ episodes on security tools
• Windows Intrusion Cheatsheet
• FinCEN/FBI Alert on Social Engineering Attacks Against FI Employees
• Monitoring Social Media for Security References to Your Organization | Monitor
• Decaptcha: Breaking 75\% of eBay Audio CAPTCHAs
• CYBERCRIMINALS TAKE A VACATION ON THE HOSPITALITY AND AIRLINE INDUSTRY
• Protecting Europe from large scale cyber-attacks and disruptions: enhancing preparedness, security and resilience
• Achievements and next steps: towards global cyber-security
• SECURE SOFTWARE ENGINEERING INITIATIVES: LISTING SSE INITIATIVES ACROSS EUROPE AND ABROAD
• ENISA ad hoc Working Group on National Risk Management Preparedness
• Free Automated Malware Analysis Services
• RTIR incident handling work-flow
• Click Trajectories: End-to-End Analysis of the Spam Value Chain
• The State of Data Security Defending Against New Risks and Staying Compliant
• All About Password Management
• Advancing Cloud Computing: What to Do Now? Priorities for Industry and Governments
• "26 Tbit s·1 line-rate super-channel transmission utilizing all-optical fast Fourier transform processing" Nature Photonics, 22 May 2011
• NSA Operating system guidance
• Behind Today’s Crimeware Installation Lifecycle
• Unix Intrusion
• Windows Intrusion
• Worm Infection
• Distributed Denial of Services
• The Common Vulnerability Reporting Framework
• Free Automated Malware Analysis Services
• Click Trajectories: End-to-End Analysis of the Spam Value Chain
• Digital Opportunities
• Security of Cloud Computing Providers Study
• Catching AuthTokens in the Wild
• International Strategy for Cyberspace
• MISJUDGING RISK: CAUSES OF THE SYSTEMIC BANKING CRISIS IN IRELAND
• Information Assurance
• Mac OS X Security Configuration Guides
• TorrentFreak
• Microsoft Security Intelligence Report
• Control System Notice
• Web-Hacking-Incident-Database
• The White House Blog
• National Strategy for Critical Infrastructure Protection(CIP Strategy)
• Fact-sheet-cybersecurity-legislative-proposal
• Fact-sheet-administrations-cybersecurity-accomplishments
• International Charter - Space and Major Disasters - Organisation
• 2010 Data Mining Report
• United Kingdom – Information Commissioner's Office "Changes to the rules on using cookies and similar technologies for storing information"
• Guide to Telework in the Federal Government | PDF
• Norton Unveils Global Initiative to Combat Cybercrime
• Respected--but still restrained
• TalkTalk serves up website blocking to users
• Child Identity Theft
• NLE 2011 Newsletter
• Secure VoIP Discussion and Tips
• Tornados
• Flooding
• USGS Continues to Monitor Historic Flooding on Mississippi and Ohio Rivers
• For Your Awareness - Save the Date: JCIP Regional Symposiums
• Clearinghouse for Incident Handling Tools
• Coreflood Highlights Security Challenges with Service Providers
• How to Extract Flash Objects from Malicious PDF Files
• Chat Log: What It Looks Like When Hackers Sell Your Credit Card Online
• Survey of Characteristics of Internet Carrier Interconnection Agreements
• EU Organized Crime Threat Assessment
• Combating CyberCrime
• Prosecution says NK behind Nonghyup's network breakdown
• Cyber Security Assessments of Industrial Control Systems
• 2 MAY 2011 - 1400: Osama Bin Laden - Themed Phishing
• Exercises
• Worm Infection Response: Guidelines to handle information system Worm infections
• DNB Loving the Cyber Bomb? The Dangers of Threat Inflation in Cybersecurity Policy
• Russia US Bilateral on Cybersecurity: Critial Terminology Foundation
• Remarks by the President on Osama Bin Laden
• World Wide Travel Alert

April 2011

• Summary of the Amazon EC2 and Amazon RDS Service Disruption in the US East Region
• Issue 60: April 2011 NIPP News
• Consumer Rights in the ICT Sector in Eastern & Southern Africa
• Empowering Regulators to Protect Consumer Rights In the ICT Sector
• Consumer Best Practices in the Telecomms Sector
• Accessing Consumer Activity in the Telecom's and Internet Sectors in Africa
• Best Practices for Web Hosting Providers
• FBI Address The NSC Intrusion Threat
• China Wire Transfer Fraud Alert
• "State and trends of the "Russian" computer crime market in 2010" Group-IB (in English)
• "State and trends of the Russian" computer crime market in 2010" Group-IB (in Russian)
• "Flu Warning" by Helen Epstein
• Critical Terminology Foundations
• Hand Sanitizers Carry Unproven Claims to Prevent MRSA Infections
• Cyber Security Newsletter Tip - April 2011 - Epsilon Data Breach
• NTAS Guide
• Secretary Napolitano Announces Implementaion of National Terrorism Advisory System
• Factsheet Secure on Social Networks
• What is FISMApedia
• In the Dark: Crucial Industries Confront Cyberattacks” Center for Strategic and International Studies & McAfee
• Verizon 2011 Data Breach Investigations Report
• Best Practices for Securing your Home Network - IA Guidance
• NSTIC
• Department of Justice Takes Action to Disable International Botnet
• Feds commandeer botnet, issue 'stop' command, 13 April, 2011
• Phishing Advisory
• Tax-related ID theft to the OnGuardOnline.gov site
• Phishing/Epsilon posts: Businesses | Home users
• FBI Bank Crime statistics - Reports and Publications
• FBI Bank Crime statistics
• 2011 Business Banking Trust Study - Guardian Analytics
• Two-Factor Authentication Compromise
• Mitigation Measures for Two Factor Authentication Compromise
• Early Warning and Indicator Notice(EWIN)-11-077-01A UPDATE
• Update on LizaMoon mass-injection and Q&A
• LizaMoon mass injection hits over 226,000 URLs (was 28,000)

March 2011

• NSA IA Advisory
• Cyber Security Newsletter Tip - March 2011 - Safeguarding Your Data
• China - Information Office of the State Council - "China's National Defense in 2010"
• Underground Economies
• NSA IA Advisory
• Hackers log in to federal MPs' emails: Sydney Daily Telegraph, March 29, 2011
• EWIN for broad distribution
• Federal Nuclear Emergency Plan
• National Emergency Plan for Nuclear Accidents
• The public and a radiological or nuclear Emergency event
• Atomic Energy Council, Taiwan
• EPA's RadNet Air Monitoring Data
• Radiation Emergency Medical Management
• Fukushima Nuclear Accident
• NRC Actions on Japan's Emergency
• Responding to a Nuclear Emergency
• "THE AFTERMATH OF NATURAL DISASTERS: BEYOND DESTRUCTION" - Eduardo Cavallo and Ilan Noy
• Iranian hackers obtain fraudulent HTTPS certificates: How close to a Web security meltdown did we get?
• RSA SecurID Mitigations
• Crisis In Japan: Official Measurements of Radiation in Tokyo
• US-CERT EWIN
• System Integrity Best Practices
• RSA SECURCARE ONLINE NOTE
• Open Letter to RSA Customers
• IOSCOPD350.pdf FYI on international Financial Market Infrastructure Principles
• Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems, by Gregory C. Wilshusen, director, information security issues, before the Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies, House Committee on Homeland Security. GAO-11-463T, March 16
• Tsunami Update Doc | PDF
• 2010 Annual Study: Cost Of Data Breaches Up Again
• Issue 58: February 2011 NIPP News
• European Union – Eurostat - "Nearly one third of internet users in the EU27 caught a computer virus": February 8, 2011
• "Defending Planet Earth: Near-Earth Object Surveys and Hazard Mitigation Strategies" National Academies Press

February 2011

• FBI/National White Collar Crime Center's Internet Crime Complaint Center (IC3) 2010 Internet Crime Report
• Canada: Cyberattack defences in place
• Federal Cloud Computing Strategy
• Symantec: W32.Stuxnet Dossier
• Global Energy Cyberattacks: "Night Dragon"
• CSIS: Cybersecurity Two Years Later
• EWIN
• First Joint Russian-U.S. report on Cyber Conflict
• Munich Security Conference 2011
• EastWest Institute "Second Worldwide Cybersecurity Summit, London, UK"
• Kaspersky Lab Spam report: December 2010
• CSIA: CSIS Report
• Closing proclamations
• Issue 57: December 2010 - January 2011 NIPP News
• Arbor Networks' Sixth Annual Worldwide Infrastructure Security Report
• India -- Reserve Bank of India: Working Group on Information Security, Electronic Banking, Technology Risk Management and Cyber Frauds: Report and Recommendations

January 2011

• January NLE 2011 Newsletter
• New National Terrorism Advisory System
• Conficker Working Group: Lessons Learned
• Fraudulent Identity Document Intelligence Group
• Cisco 2010 Annual Security Report
• U.S. Mission to the Organization for Economic Cooperation & Development "Cyber Security"
• Organization for Economic Cooperation & Development: "Reducing Systemic Cybersecurity Risk"
• Pandemic Preparedness: USCDC Flu Posters
• U.S.-China Economic and Security Review Commission Staff Report
• GAO Electricity Grid Modernization and Cybersecurity report
• "Broadly cross-reactive antibodies dominate the human B cell response against 2009 pandemic H1N1 influenza virus infection" Journal of Experimental Medicine
• Spam Volumes Drop As Rustock, Other Botnets Go Quiet
• "Decrypting GSM phone calls" Security Research Labs GmbH
• Photo / Location Geotagging Safety

December 2010

• ICSJWG December Newsletter
• Der Spiegel "Bundesregierung plant Cyber-Abwehrzentrum" 27.12.2010
• Germany - Federal Interior Ministry - "Impuls für sichere Infrastruktur"
• North American Air Defense Command Seasonal Message
• Observations on Developments in Risk Appetite Frameworks and IT Infrastructure
• Distributed Denial of Service Attacks Against Independent Media and Human Rights Sites
• United Kingdom -- House of Lords -- "Lords to Question Europol on Security, Cyber Security and International Cooperation"
• DHS Open Source Digest - December 2010
• Had flu? The next pandemic could hit you harder
• For Your Awareness: December NLE 2011 Newsletter
• An Empirical Study of Privacy-Violating Information Flows in JavaScript Web Applications
• Additional Information: Sick leave allowed for Federal Employees to care for pandemic flu-stricken
• Release - IID releases its top 10 enterprise IT security predictions for the coming year
• PERSONNEL SECURITY CLEARANCES
• Issue 56: November NIPP News
• Information Security: Federal Agencies Have Taken Steps to Secure Wireless Networks, but Further Actions Can Mitigate Risk

November 2010

• U.S. Embassy Seoul: Artillery firing into Northwest Islands off the coast of Korea
• Worst Offending IP Addresses For Sending Viruses And Spam
• Organisation for Economic Co-operation and Development "THE ROLE OF INTERNET SERVICE PROVIDERS IN BOTNET MITIGATION: AN EMPIRICAL ANALYSIS BASED ON SPAM DATA"
• November NLE 2011 Newsletter
• Press Release, United States Secret Service, November 18, 2010 "UNITED STATES SECRET SERVICE LEADS INTERNATIONAL INVESTIGATION OF HACKING INTO FEDERAL RESERVE BANK"
• Eastern District of New York, Indictment, US v. Lin Mun Poo, November 18, 2010
• 2010 REPORT TO CONGRESS
• For Your Awareness: Speech by Assistant Secretary Keil
• McAfee Warns of "The Twelve Scams of Christmas"
• Organised gangs deceive web users into downloading malicious 'anti-virus software'
• State of Spam & Phishing :A Monthly Report
• Save the Date - "The Evolving Threat: What You Can Do" Webinar- November 17, 2010
• European Union - European Network and Information Security Agency - "Q&As on the first, pan-European Cyber Security Exercise 'CYBER EUROPE 2010'"
• Safe Mail Handling
• Physical Review E "Relativistic statistical arbitrage"
• First EU Cyber Security Exercise:"Cyber Europe 2010"
• Hacker "compromises" Royal Navy website, the Ministry of Defence confirms
• Attack Severs Burma Internet
• Google Confronts China's "Three Warfares"
• Issue 55: October NIPP News

October 2010

• 800 North Korean Hackers Preparing Global Cyber Attacks
• "United Kingdom - Secret Intelligence Service "Britain's Secret Frontline" 28 October 2010"
• Netherlands "Wanted botnet mastermind held in Armenia"
• Netherlands "Dutch National Crime Squad announces takedown of dangerous botnet"
• New Global Study by Juniper Networks
• DOJ - Virginia Man Arrested for Plotting Attacks on DC Area Metro | PDF
• "Mapping the Mal Web" by McAfee
• Application Modernization Driving Growth in the Financial Services Sector
• Critical Infrastructure Protection: DHS Efforts to Assess and Promote Resiliency Are Evolving but Program Management Could Be Strengthened GAO-10-772, September 23 | Highlights
• The National Academies Press
• US-CERT Cyber Security Bulletin SB10-298 -- Vulnerability Summary for the Week of October 18, 2010
• 2010 Ten-Year NERC Electricity Reliability Assessment
• Global Phishing Survey
• Global Fraud Report
• United Kingdom - Speech by Secretary of State for Defence The Right Honourable Dr. Liam Fox MP before the First Annual World Summit on Infrastructure Security, September 20, 2010
• ATOTF Advisories
• National Cybersecurity Awareness Campaign
• A Strong Britain in an Age of Uncertainty: The National Security Strategy
• United Kingdom House of Commons Public Administration Select Committee "Who does UK National Strategy?" 18 October 2010
• An Updated Assessment of Copper Wire Thefts from Electric Utilities
• DirectorDisaster PreparednessSummit 2010
• A Partnership Delivering Value Regionally and Nationally
• RPC first Fourth Annual Conference
• Developing a Regional Resilience Roadmap
• Regional Consortium Coordinating Council
• Chicago Critical Infrastructure Resilience Task Force Project List - August 2010
• Press Release and Cyber Memo between DoD and DHS | PDF
• Emerging Cyber Threats Report -2011
• Financial Services Digests for September 2010
• Cyber Digests for September 2010
• TechCrunch October 12, 2010
• United Kingdom GCHQ Speech Director Iain Lobban October 12, 2010
• Microsoft Security Intelligence Report Volume 9
• Cyber Threats and Security
• Telecommunications: National Broadband Plan Reflects the Experiences of Leading Countries, but Implementation Will Be Challenging. GAO-10-825, September 14 | Highlights
• Tom Glocer's Blog CEO of Thomson Reuters "Cyber Defense -- A Call to Action"
• Anti-Malware Testing Standards Organization
• Seasonal Flu Information for Businesses & Employees
• GAO: "CYBERSPACE POLICY: Executive Branch Is Making Progress Implementing 2009 Policy Review Recommendations, but Sustained Leadership Is Needed" October 2010
• Half of Critical Information Infrastructure Providers Have Experienced Perceived Politically Motivated Cyber Attacks
• Popsci, October 6, 2010 "Biometric Voice-Identification Technology Leads to Arrests of Terrorist Suspects in Europe"
• Symantec 2010 Critical Infrastructure Protection Study Global Results October 2010
• VERIZON 2010 Payment Card Industry Compliance Report
• Cyberspace Policy: Executive Branch Is Making Progress Implementing 2009 Policy Review Recommendations, but Sustained Leadership Is Needed. GAO-11-24, October 6 | Highlights
• Collective Defense
• Control Systems Security Program (CSSP)
• Sweden "Changed threat level" October 1, 2010
• Sweden - "Swedish Security Service 2009"
• Washington Post "Terror warnings" October 5, 2010
• Online Passwords Could Be a Map
• At CYBERCOM deadline, Pentagon still reviewing 'full operating' status
• British government updated travel advice: Travel Alert for Germany | France
• U.S. DEPARTMENT OF STATE Bureau of Consular Affairs: Travel Alert for Europe
• FINDINGS REGARDING THE MARKET EVENTS OF MAY 6, 2010

September 2010

• ICSA-10-272-01 - Primary Stuxnet Indicators
• Secretary Chu Announces Latest Efforts to Address Cybersecurity
• National Cyber Alert System
• Information Sharing: Federal Agencies Are Helping Fusion Centers Build and Sustain Capabilities and Protect Privacy, but Could Better Measure Results. GAO-10-972, September 29
• Stuxnet worm can re-infect scrubbed PCs
• Out-Of-Band Microsoft Update ASP.NET Vulnerability
• CS_III_Press_Release
• September 2010ZeuS Mitmo: Man-in-the-mobile
• Zombie cookie wars: evil tracking API meant to "raise awareness"
• Partnering for Critical Infrastructure Preparedness Webinar Announcement
• WhiteHat Website Security Statistic Report
• Cisco 2Q 2010 Global Threat
• Cisco Mid-Year 2010 Security Report
• Le Figaro "Why is France a terror target?" September 22, 2010
• NCTC Congressional Testimony: Statement for the Record by NCTC Director Mr. Michael Leiter 09/22/10
• NPR "Extending The Law Of War To Cyberspace, by Tom Gjelten" September 22, 2010
• United Kingdom "History of the Secret Intelligence Service published"
• NCSD Information For Resilient Accord 20100310
• Canvassing The cyber Security Landsca pe 5-18-2010
• Resilient Accord Cyber Security Tabletop Exercises: - September 28/29/30
• Resilient Accord Cyber Security Tabletop Exercises: Albany - September 28/29/30
• Resilient Accord Cyber Security Tabletop Exercises: Buffalo - September 28/29/30
• Resilient Accord Cyber Security Tabletop Exercises: Syracuse - September 28/29/30
• CS Monitor "Stuxnet malware is 'weapon' out to destroy ... Iran's Bushehr nuclear plant" September 21, 2010
• Journal of Applied Microbiology "Comparative evaluation of the hygienic efficacy of an ultra-rapid hand dryer vs conventional warm air hand dryers"
• Global Positioning System: Challenges in Sustaining and Upgrading Capabilities Persist, GAO-10-636, September 15
• Cyber Security Newsletter Tip - September 2010 - Fake AV Software
• Before Disaster Strikes
• BBC News "Fake website 'takes seconds' to set up" 20 September 2010
• PC Magazine "HDCP Master Key Confirmed; Blu-ray Content Vulnerable"
• Reminder: 2010 Critical Infrastructure Partnership Advisory Council (CIPAC) Plenary Save the Date
• "The Threat to National Security"
• Information Security
• Before Disaster Strikes
• Financial Services Sector Open Source Digest
• Monthly Cyber Digest
• Program Announcement the Fifth JTF CAPMED NCR Emergency Management Conference
• Russia, The United States, And Cyber Diplomacy
• GETS Guides Wallet
• GETS Guides
• DHS OIG Report "DHS Needs to Improve the Security Posture of Its Cybersecurity Program Systems"
• National Preparedness Month, 2010
• Launch of Challenge.gov: Press Release | Fact Sheet | White House Blog Posting | Website
• $9m RBS WorldPay hack mastermind avoids jail
• Film industry hires cyber hitmen to take down internet pirates
• Cyber Crime Intelligence
• NIST Computer Security Resource Center Draft Publications
• NIST Computer Security Resource Center Special Publications
• NIST Computer Security Resource Center Reports
• Final SERC Security Roadmap
• Anti-Cyber Crime Contest
• Hurricane EARL Public Advisory Number 32A
• Hurricane Information and updates
• NRL Monterey Marine Meteorology Division report
• Stormpulse report
• Research experiment disrupts Internet, for some
• United Nations International Strategy for Disaster Reduction Secretariat (UNISDR)
• UNISDR "Global assessment report on disaster risk reduction (2009)"
• UNISDR "Platform for the Promotion of Early Warning"
• Experimental Security Analysis of a Modern Automobile
• ENISA "National Exercises Good Practice Guide"
• ENISA "FAQs to ENISA's Good Practice Guide on National Exercises"
• Centers for Disease Control & Prevention "Hurricanes"

August 2010

• ENISA "National Exercises Good Practice Guide"
• ENISA "FAQs to ENISA's Good Practice Guide on National Exercises"
• Centers for Disease Control & Prevention "Hurricanes"
• ENISA Quarterly Review
• National Institute of Standards and Technology "Secure Domain Name System (DNS) Deployment Guide"
• International Conference on Critical Information Infrastructure Security
• Bank Information Security Articles
• Monthly Cyber Security Tip - August 2010 - Protecting Children Online
• National Academies of Science "Severe Space Weather Events--Understanding Societal and Economic Impacts: A Workshop Report"
• National Academies of Science "Severe Space Weather Events--Understanding Societal and Economic Impacts: A Workshop Report - Extended Summary"
• 1-in-4 worms spread through infected USB devices
• Executive Order--Classified National Security Information Programs for State, Local, Tribal, and Private Sector Entities
• Foreign Affairs “Defending a New Domain” by William J. Lynn III, Deputy Secretary of Defense
• Department of Defense “Military and Security Developments Involving the People’s Republic of China 2010”
• Cyber Conflict Studies Association conference agenda for September 21, 2010
• GMU: The CIP Report, August 2010
• State of the Web--Q2 2010. A View of the Web from an End User's Perspective
• Hacker's Arrest Offers Peek Into Crime in Russia
• U.S.-Canada Power System Outage Task Force: Final Report on the August 14th, 2003 Blackout in the United States and Canada
• Pentagon Says Chinese Cyber Attacks Target US Government And Companies
• Netherlands "Nationaal Adviescentrum Vitale Infrastructuur"
• European Network and Information Security Agency "Country Reports"
• Spain "Centro Nacional para la Protección de las Infraestructuras Críticas"
• European Commission "An open discussion on intelligent control and security of Critical Infrastructure Systems with key players from academia and industry"
• European Commission "EU and US discuss Critical Infrastructure Protection"
• United Kingdom "Personnel security measures"
• United Kingdom "Phishing and Pharming"
• United Kingdom "Improving the resilience of critical infrastructure to disruption from natural hazards"
• United Kingdom "National Risk Register of Civil Emergencies 2010"
• Canada "Public Safety Canada Daily Infrastructure Report"
• "Canada-United States Action Plan for Critical Infrastructure"
• Australia "Trusted Information Sharing Network for Critical Infrastructure Resilience"
• Australia "2010 CRITICAL INFRASTRUCTURE RESILIENCE STRATEGY"
• Hardening and Resiliency: U.S. Energy Industry Response to Recent Hurricanes Seasons
• 2010 Data Breach Timeline
• Secure Web Browser Recommendations
• Email Sender Authentication Deployment
• BBB handbook, "Data Security Made Simple"
• Wi-Fi Aerial Surveillance Platform, WASP drone
• USENIX Security '10 Symposium
• GAO: “Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to be Consistently Addressed”
• Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed. GAO-10-628, July 15
• ATM Crime: Overview of the European situation and golden rules on how to avoid it
• Issue 54: July-August 2010 NIPP News
• Teraflop Troubles: The Power of Graphics Processing Units May Threaten the World’s Password Security System
• Reports to Congress on VA Data Breaches
• French arrest cyber-crime suspect for U.S.
• Cybercriminals Target Online Banking Customers
• Department of Defense Cyber Crime Center
• Black Hat and Defcon Founder Jeff Moss: What Is the 'Hacker Mindset?'
• World Health Organization: H1N1 in post-pandemic period
• Operations Management Best Practice
• Financial Services and Cyber Monthly Digests
• The Armed Forces Communications and Electronics Association: Past Events (presentations)
• An Analysis of Private Browsing Modes in Modern Browsers
• United States - Financial System Stability Assessment
• US Secret Service Contact Locations
• US Secret Service Contact Lists
• United Kingdom Police Central e-crime Unit
• Trusteer uncovers Zeus botnet that plunders UK Internet user credentials
• Chronology of Changes to the Homeland Security Advisory System
• Cyberspace: United States Faces Challenges in Addressing Global Cybersecurity and Governance
• NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses, Idaho National Laboratory, May 2010
• Cybersecurity, Innovation and the Internet Economy, Notice of Inquiry, Comments due September 13, 2010
• Microsoft Out of Band Security Update

July 2010

• Approved and Released: Continuity Guidance Circular 2 (CGC 2), Effective July 22, 2010
• 5/1 Security Project
• Mariposa Botnet Press Release
• "State of the Internet" Akamai
• "Mariposa Botnet Analysis" Defence Intelligence
• IMPORTANT: CTICG's second joint advisory
• United Kingdom "A new approach to financial regulation: judgement, focus and stability"
• 2010 Data Breach Investigations Report
• European ATM Security Team
• Top 5 Fraud Threats
• Vital Records brochure
• United Kingdom Cyber Security Challenge
• Black Hat Abu Dhabi -- 8th and 11th November 2010
• Visa Best Practices - Tokenization Version 1.0
• Information Management: Challenges In Federal Agencies' Use of Web 2.0 Technologies
• "An infrared invisibility cloak composed of glass" - Applied Physics Letters
• Deloitte's 2010 Financial Services Global Security Study: The Faceless Threat
• ODNI PROVIDES DETAILED FACTS ABOUT THE IC POST-9/11: Truth about Contractors
• ODNI PROVIDES DETAILED FACTS ABOUT THE IC POST-9/11: Questions & Answers
• Recommendations for Measuring and Reporting Overall Data Center Efficiency
• Acting Director of National Intelligence, David C. Gompert, reaction to the Washington Post series
• Washington Post, July 19: "Top Secret America"
• July 15 “Planning for the Future of Cyber Attack Attribution” House Committee on Science and Technology; Subcommittee on Technology & Innovation
• Trojan-Spy.0485 And Malware-Cryptor.Win32.Inject.gen.2 Review
• Commodity Futures Trading Commission Notice of Proposed Rulemaking
• CIKR Monthly Open Source Cyber Digest (OSCD)
• FINANCIAL SERVICES SECTOR OPEN SOURCE DIGEST
• 2010 CyLab Report: Governance of Enterprise Security
• Wired Magazine, July 13 2010, "Hacking the Electric Grid? You and What Army?"
• NERC Report on High Impact Low Frequency Events on the Power Grid
• Homeland Security: June 2010 NIPP News
• Clarifying Cybersecurity Responsibilities and Activities of the Executive Office of the President and the Department of Homeland Security (DHS)
• Impact of New Madrid Seismic Zone Earthquakes on the Central USA
• Key Challenges Need to Be Addressed to Improve Research and Development. GAO-10-466, June 3
• Incident Handling: Preparing for Incident Analysis
• MS-ISAC Cyber Security Tips Newsletter June 2010: Home Personal Computer (PC) Maintenance for Windows Operating Systems
• The Information Office of the State Council, or China's cabinet, White paper: The Internet in China

June 2010

• Information Security: Federal Guidance Needed to Address Control Issues with Implementing Cloud Computing. GAO-10-513, May 27
• Information Security: Governmentwide Guidance Needed to Assist Agencies in Implementing Cloud Computing, by Gregory C. Wilshusen, director, information security issues, before the Subcommittee on Government Management, Organization, and Procurement, House Committee on Oversight and Government Reform. GAO-10-855T, July 1
• Texas Banking Department Issues Proclamation to Texas State Chartered Banks for Tropical Storm Alex
• National Strategy for Trusted Identities in Cyberspace: Blog
• National Strategy for Trusted Identities in Cyberspace: Comments
• National Strategy for Trusted Identities in Cyberspace
• United Kingdom Dedicated Cheque and Plastic Crime Unit “Card fraud gang sentenced to 15 years” June 21, 2010
• COOP Planning at Your Agency: Keep Systems Running During Disaster
• Remarks and Q&A by Dawn Meyerriecks: Deputy Director of Acquisition and Technology, Office of the Director of National Intelligence
• Internet Fraud Alert
• Federal Trade Commission v. CyberSpy Software, LLC, and Tracer R. Spence
• Estonia Ministry of Foreign Affairs, Cyber Defence
• Estonian President Ilves Opens Conference on Cyber Conflict, June 16, 2010
• Statement of Richard Skinner Regarding the Department of Homeland Security’s US Computer Emergency Readiness Team, June 16, 2010
• Information Security Breaches Survey 2010: technical report
• Remote working poses threat to corporate security
• Cybercrime victim every 7 seconds in the UK: June 15, 2010
• Cybersecurity: Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats, by Gregory C. Wilshusen, director, information security issues, before the House Committee on Homeland Security. GAO-10-834T, June 16 | Highlights
• Internet Engineering Task Force
• DNS Security Extensions
• Spain National Police Corps - “Desarticulado un complejo grupo organizado de clonadores de tarjetas bancarias con conexiones a nivel mundial” June 15, 2010
• Clickjacking
• "Honeybot, Your Man in the Middle for Automated Social Engineering"
• International Secure System Lab Paper on Online Industry
• Survey Finds Cyberattacks and Cybersecurity to Be Top Security Priorities
• Department of Homeland Security "Stronger Security Controls Needed on Active Directory Systems" May 2010
• ICSJWG May Newsletter
• Cyber Digest
• Financial Services Open Source Digest
• NTIA report on safety online for children
• The Plight of the Targeted Attacker in a World of Scale
• China, Information Office of the State Council of the People's Republic of China, "The Internet in China" June 8, 2010
• The handling of the H1N1 pandemic: more transparency needed
• Conflicts of interest -- WHO and the pandemic flu "conspiracies"
• CSIS CYBERSECURITY POLICY DEBATE SERIES: U.S. CYBERSECURITY POLICY AND THE ROLE OF U.S. CYBERCOM
• U.S. Department of Justice – "Review of the Department's Preparation to Respond to a WMD Incident May 2010"
• National Institute of Standards and Technology - Continuous Monitoring FAQ
• Dereck Orr, National Institute of Standards and Technology, May 27, 2010: "Interoperability in Public Safety Communications Equipment"
• Times of London "Log-ins strengthened to thwart hackers" May 29, 2010
• Interview with EOP CTO Aneesh Chopra
• Canada's National CI Plan: Action Plan
• Canada's National CI Plan: National Strategy
• Canada's National CI Plan: News Release

May 2010

• Stratcom Cyber Symposium: Deputy Secretary of Defense William J. Lynn, III, Omaha, Nebraska, Wednesday, May 26, 2010
• DHS Private Sector Resource Catalog
• National Security Strategy: BLOG | PDF
• United Kingdom Defence Science and Technology Laboratory
• European Commission – Information Society – Digital Agenda for Europe 2010-2020
• Software Assurance
• Monthly Activity Summary - April 2010
• Disturbance liability: The reason for WLAN restrictions in Germany
• BBC News: First human 'infected with computer virus'
• Cyber Security Newsletter Tip - May 2010 - Identity Theft
• A Numerical Optimization-based Methodology for Application Robustification
• Experimental Security Analysis of a Modern Automobile
• Cyber and Finance Weekly #20 - 5/19/10
• FTC Permanently Shuts Down Notorious Rogue Internet Service Provider
• Further Technical Information for Mitigating Targeted Cyber Intrusions HTML | PDF
• Technical Information for Mitigating Targeted Cyber Intrusions HTML | PDF
• RAND Report: Jihadist Radicalization in the U.S.
• Portrait of a year-old pandemic
• Extended Range Forecast for 2010
• What Do You Learn at Terrorist Training Camp?
• Cyber and Finance Weekly #19 - 5/12/10
• Private-Public Partnerships
• ICSJWG April Newsletter
• Swiss Federal Institute of Technology Zurich "Critical (Information) Infrastructure Protection"
• Swiss Federal Institute of Technology Zurich "Governance of Information Security"
• BBC News – Tsunami Alerts
• United Nations "58/199. Creation of a global culture of cybersecurity and the protection of critical information infrastructures"
• CANN "First IDN ccTLDs Available"
• European Network and Information Security Agency: "Priorities for Research on Current and Emerging Network Technologies"
• Business Software Alliance: "2010 BSA GLOBAL CYBERSECURITY FRAMEWORK"
• Infosecurity Europe "Information Security Breaches Survey 2010: technical report"
• East West Institute: "First Worldwide Cybersecurity Summit"
• IntelCenter STER on NYC Times Square Attack
• NYPD SHIELD Brief: Times Square Car Bomb

April 2010

• 31st IEEE Symposium on Security & Privacy Advance Program, May 16-19, 2010 | Highlights
• U.S. Tsunami Preparedness: NOAA Has Expanded Its Tsunami Programs, but Improved Planning Could Enhance Effectiveness. GAO-10-490, April 28 | Highlights
• Transmissibility and geographic spread of the 1889 influenza pandemic
• United Kingdom: Cyber Security Challenge
• The Future Of Passports And Money Movements In The Undreground Economy
• FY 2010 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management
• Secretary Napolitano Remarks on Resilience
• Fault-Based Attack of RSA Authentication
• Gordon M. Snow Named Assistant Director of FBI Cyber Division 4-26-10
• Priorities for Research on Current and Emerging Network Technologies
• Active Shooter Guide Poster
• April 2010 - Cloud Computing
• Federal Reserve Banks: Areas for Improvement in Information Security Controls. GAO-10-640R, April 21.
• Preliminary Estimates of Mortality and Years of Life Lost Associated with the 2009 A/H1N1 Pandemic in the US and Comparison with Past Influenza Seasons
• Speech by Secretary of Defense Gates on April 20, 2010
• Background Report: On the Fifteenth Anniversary of the Oklahoma City Bombing
• Symantec "Internet Security Threat Report: Volume XV: April 2010"
• India – Cyber Laws and Security
• "Global Cyber Deterrence" – East West Institute
• "What do Senior Leaders Need to Know About Cyberspace?" by Jeffrey Caton
• Trend Micro Blog
• Cybercrime and Hacktivism
• Large-Scale Automatic Classification of Phishing Pages
• Shadowserver Foundation "Shadows in the Cloud: Investigating Cyber Espionage 2.0"
• CRITICAL INFRASTRUCTURE PROTECTION: Update to National Infrastructure Protection Plan Includes Increased Emphasis on Risk Management and Resilience

March 2010

• Issue 50: March 2010 NIPP News
• Home Grown Terrorism
• Network and Distributed System Security Symposium 2010 -- Papers
• CCIP eBulletin - Issue 94
• New Card and Banking Fraud Figures
• Germany Computer Emergency Response Team
• Germany Citizens Computer Emergency Response Team
• European Governments CERTs Group
• Asia Pacific Computer Emergency Response Team
• Ruhr-University of Bochum Institute for E-Business Security
• Ruhr-University of Bochum Horst Görtz Institute for IT Security
• An updated description of the intelligence function of the Department of Homeland Security was produced last week by the Congressional Research Service
• Homeland Security Intelligence: Its Relevance and Limitations
• Germany Federal Office for Information Security
• Center for Complex Network Research at Northeastern University "Spreading Patterns of Mobile Phone Viruses"
• The Policing Cyberspace International Conference 2010 Organized in Cooperation with the Council of Europe
• Society for the Policing of Cyberspace
• United Kingdom House of Lords "Protecting Europe against large-scale cyber-attacks"
• US Department of Defense "Joint Operating Environment 2010"
• National Broadband Plan
• Flooding What to Know
• Flood Awareness
• Financial Services Sector Open Source Digest February 2010
• Ricoh Secure Document Governance - Safeguarding confidential information
• Australian Government -- Internet Service Provider (ISP) Filtering 'Live' Pilot
• National Defense University “Regional Collaboration in Cybersecurity: Securing the Cloud, Web, and Virtual Networks” Singapore July 13-14, 2010
• International Institute for Strategic Studies “17 Mar 2010 - IISS-US Discussion Meeting - China and ‘Cyber Power’”
• Bank of Japan Business Continuity Planning Documents
• 2009 Internet Crime Report
• Best Practice Document on Wire Transfer precautions
• BBC News “Inside the mind of a Russian hacker”
• United Kingdom Dedicated Cheque and Plastic Crime Unit
• United Kingdom National Fraud Authority
• United Kingdom National Fraud Strategy
• United Kingdom National Fraud Authority Annual Fraud Indicator January 2010
• United Kingdom Cards Association “New Card and Banking Fraud Figures”
• Financial Fraud Action United Kingdom
• United Kingdom Intelligence and Security Committee
• United Kingdom Intelligence Community
• British Standard for Business Continuity Management: BS 25999
• United Kingdom Emergency Planning College
• “What's in a Name? Evaluating Statistical Attacks on Personal Knowledge Questions” by Joseph Bonneau, Mike Just, Greg Matthews
• International Financial Cryptography Association
• Newsmap
• CYBERSECURITY Progress Made but Challenges Remain in Defining and Coordinating the Comprehensive National Initiative
• Remarks by Howard Schmidt, White House Cybersecurity Coordinator, National Security Council, Executive Office of the President
• RSA Conference Panel "Dealing with Sophisticated Threats in Cyberspace without Creating Big Brother"
• Ross Anderson "Security Engineering"
• Edward Wilding "Information Risk and Security"
• Adam Shostack and Andrew Stewart "The New School of Information Security"
• Dorothy E. Denning "Information warfare and security"
• Andrew Jaquith "Security Metrics"
• Richard Bejtlich "Extrusion Detection: Security Monitoring for Internal Intrusions"
• C. Warren Axelrod "Outsourcing Information Security"
• Department of Homeland Security "Secretary Napolitano Launches National Cybersecurity Awareness Campaign Challenge"
• CCIP eBulletin - Issue 93
• Spain Grupo de Delitos Telemáticos (Computer Crime Unit)
• Spain Oficina de Seguridad del Internauta
• El Mundo “Tres españoles dirigían una de las mayores redes de ordenadores "zombis"
• Cloud Security Alliance “Top Threats to Cloud Computing V1.0”
• CNCI Description
• Cracking Down on Botnets
• University of Bath - Software sniffs out criminals by the shape of their nose Document : PDF
• Human Factors in the Design and Evaluation of Central Control Room Operations
• United Kingdom Serious Organised Crime Agency “DarkMarket mastermind jailed”
• “Draft Report for the Study of the Accuracy of WHOIS Registrant Contact Information”

February 2010

• Latvian 'Robin Hood' hacker leaks bank details to TV
• GPS Jamming & Interference –A Clear and Present Danger
• Widespread Data Breaches Uncovered by FTC Probe
• New Report on Cybersecurity 2-22-10
• Fact Sheets
• France National Assembly – Proposed Legislation Concerning inter alia Cyber Security
• United Kingdom National Audit Office "Staying Safe Online"
• United Kingdom Market-Wide Exercise 2009 Report
• Chip and PIN is Broken
• National Cyber Defense Financial Services Workshop Final Report
• Disasters and Emergencies Newsroom
• CYBER STORM II Final Report 2-1-10
• Social Media - FINRA Regulatory Notice
• Annual Threat Assessment of the US Intelligence Community for the Senate Select Committee on Intelligence
• "The quick and the dead: when reaction beats intention" Proceedings of the Royal Society
• Quadrennial Homeland Security Review - Final Report
• United Kingdom Office of Fair Trading – Scamnesty
• City of London Police Joint warning with FSA over boiler rooms

January 2010

• Issue 48: January 2010 NIPP News
• In the Crossfire: Critical Infrastructure in the Age of Cyber War
• How not to design an authentication protocol
• Cyber crime : A clear and present danger
• Prevention of WMD Proliferation and Terrorism Report Card
• (BN) U.K. Terror Threat Level System Raised to Severe, MI5 Says
• National Security Threats in Cyberspace
• United Kingdom Communications Electronics Security Group
• RSA Global Survey
• National Energy Sector Cyber Organization
• China-linked cyberattack: What you need to know | Article
• Useful guidance on administering FEMA disaster funds properly
• PandaLabs 2009 Report
• Release of the Security Review Conducted After the Failed Christmas Terrorist Attack : Summary
• Major Management Challenges Facing the Department of Homeland Security
• Who Regulates Whom? An Overview of U.S. Financial Supervision
• ICSJWG Newsletter

December 2009

• Executive Order : Classified National Security Information
• Promoting Openness and Accountability by Making Classification a Two-Way Street
• Issue 47: November/December 2009 NIPP Newsletter
• Priorities for the National Vaccine Plan
• How Much Information? 2009 Report on American Consumers
• CCIP eBulletin 90
• Influenza Pandemic: Monitoring and Assessing the Status of the National Pandemic Implementation Plan Needs Improvement. GAO-10-73, November 24 | Highlights
• Pop-Up Security Warnings Pose Threats
• Redacting with Confidence: How to Safely Publish Sanitized Reports Converted From Word to PDF
• Community Emergency Response Teams (CERT)
• Measuring the Effectiveness of In-the-Wild Phishing Attacks
• Presidential Proclamation - Critical Infrastructure Protection Month
• Mapping the Mal Web

November 2009

• 2009 Report To Congress of the U.S.-China Economic and Security Review Commission
• Bird Flu Study
• GAO report
• Cybersecurity:Preventing Terrorist Attacks and Protecting Privacy in Cyberspace
• Critical Infrastructure Protection
• Virtual Criminology Report 2009
• Secretary Timothy Geithner Remarks at the Financial Fraud Enforcement Task Force Event As Prepared for Delivery
• CCIP eBulletin 89
• The New England Journal of Medicine H1N1 Publications
• Application Usage and Risk Report: Fall 2009
• ALLEGED INTERNATIONAL HACKING RING CAUGHT IN $9 MILLION FRAUD
• RISEPTIS Report
• National Cybersecurity and Communications Integration Center
• Emergency Public Notice
• Hurricane Ida - Proclamation
• Royal Canadian Mounted Police “Internet Security”
• Canadian Cyber Incident Response Centre
• Canadian Security Intelligence Service
• Japan INFORMATION-TECHNOLOGY PROMOTION AGENCY
• Japan National Police Agency
• Japan Computer Emergency Response Team
• Korea Internet Security Center
• Australian Internet Security Initiative
• Australian Government online security and fraud awareness initiatives
• Australian High Tech Crime Centre
• Australia Computer Emergency Response Team
• Australia Stay Smart Online Initiative
• New Zealand Centre for Critical Infrastructure Protection
• Monetary Authority of Singapore “INTERNET BANKING &TECHNOLOGY RISK MANAGEMENT GUIDELINES VERSION 3.0”
• UK Police Secured by Design Initiative
• INTERPOL : IT security and crime prevention methods
• INTERPOL : Company Information Technology (IT) crime prevention checklist
• THE UNITED KINGDOM THREAT ASSESSMENT OF ORGANISED CRIME : (pp 52-55; 58-60 and "Technology-enabled Crime") speak to cybercrime
• UK Contactless mobile phone payments - Best practice guidelines
• Garlik UK Cybercrime Report 2009
• Fast Track Process for Internationalized Domain Names Launches Nov 16
• U.S. Department of Homeland Security Channel

October 2009

• Critical Infrastructure Protection
• President Obama Signs Emergency Declaration for H1N1 Flu
• Critical Infrastructure Protection
• Influenza Pandemic
• Special Alerts
• USDA confirms H1N1 in Minnesota pigs
• Symantec Report on Rogue Security Software July 2008 - June 2009
• On guard On-line
• FBI-DHS Private Sector Advisory : Document | PDF
• Telecommunications: Current Broadband Measures Have Limitations and New Measures Are Promising but Need Improvement | Highlights
• OSHA statement on H1N1 Inspections
• POTUS Video
• FINRA Guidance on Pandemic Preparedness
• Updated Guidance on Pandemic Preparedness in the Workplace from the U.S. Equal Employment Opportunity Commission
• FBI-DHS Suspicious Behavior Indicators (UNCLASSIFIED)
• IRS Disaster Relief for American Samoa

September 2009

• Third and Final QHSR National Dialogue Begins on September 28
• Monthly Activity Summary - August 2009
• Updated Interim Recommendations for the Use of Antiviral Medications in the Treatment and Prevention of Influenza for the 2009-2010 Season
• Good Practice Guide Network Security Information Exchanges
• Ccip-ebulletin
• National Cyber Leap Year Summit reports
• Our Intelligence makes your decisions
• Guidelines for Secure Use of Social Media by Federal Departments and Agencies
• H1N1 Preparedness Webcast for Small Businesses
• HSAS 60 Day Review Report
• New Guidance for Small Business
• National Preparedness Month
• ATM crime
• Ability to Avoid Severe Operational Problems.from Reduced Workforce for 2 Weeks.Comparison by Size of Firm
• Business Preraredness: Novel Influenza A (H1N1)
• The Challenges of the 2009-H1N1 Influenza and its Potential Impact on Small Businesses and Healthcare Providers
• Be Ready DC Publication
• Questions & Answers: Revised Recommendations for the Use of Influenza Antiviral Drugs
• Updated Interim Recommendations for the Use of Antiviral Medications in the Treatment and Prevention of Influenza for the 2009-2010 Season
• The 2009 Influenza Pandemic: Selected Legal Issues | Abstract
• FEMA Course: IS-520 Introduction to Continuity of Operations Planning for Pandemic Influenzas
• Framework for Dealing with Disasters and Related Interdependencies Final Report | Transmittal Letter
• Monthly Activity Summary - July 2009
• GAO-09-811 Disaster Recovery: Experiences from Past Disasters Offer Insights for Effective Collaboration after Catastrophic Events - Adobe Acrobat Professional
• 2009 Breaches Involving U.S. Financial Institutions
• Second Quadrennial Homeland Security Review National Dialogue

August 2009

• Presentation of Richard Hatchett, Director of Medical Preparedness Policy over at the Resiliency Directorate
• OCC News Release: OCC Allows National Bank Offices Affected by California Fires to Close : Proclamation | OCC Bulletin 2008-26
• CBP Border Search of Electronic Devices Containing Information
• ICE Border Searches of Electronic Media
• Privacy Impact Assessment: Border Searches of Electronic Information
• Flu : Planning Checklists
• Issue 45: August 2009 NIPP Newsletter
• Information Technology Sector Baseline Risk Assessment
• Global Plans
• UK Guide on H1N1
• President's Council of Advisors on Science and Technology REPORT TO THE PRESIDENTON U.S. PREPARATIONS FOR 2009-H1N1 INFLUENZA
• Working Paper No 374 : How do different models of foreign exchange settlement influence the risks and benefits of global liquidity management?
• WHO Guidelines for Pharmacological Management of Pandemic (H1N1) 2009 Influenza and other Influenza Viruses
• A risk-based methodology for payment systems oversight
• CDC Guidance for Responses to Influenza for Institutions of Higher Education during the 2009-2010 Academic Year
• Preparing for the Flu: A Communication Toolkit for Institutions of Higher Education
• Guidance for Businesses and Employers to Plan and Respond to the 2009 - 2010 Influenza Season
• Preparing for the Flu: A Communication Toolkit for Businesses and Employers
• Contaminated banknotes
• Alleged International Hacker Indicted for Massive Attack on U.S. Retail and Banking Networks
• An accurate and nondestructive GC method for determination of cocaine on US paper currency
• Recommended Security Controls for Federal Information Systems and Organizations
• Updated Federal Guidelines for 2009 H1N1 Influenza in Schools Offer Many Options
• Contaminated Currency and Coin
• OMB-OSTP S&T Priorities Policy Statement

July 2009

• A Quantitative Assessment of the Efficacy of Surgical and N95 Masks to Filter Influenza Virus in Patients with Acute Influenza Infection

• OBP Training Fact Sheet-w-planned activities (31-07-09)

• Influenza Pandemic: Gaps in Pandemic Planning and Preparedness Need to Be Addressed, by Bernice Steinhardt, director, strategic issues, before the House Committee on Homeland Security. GAO-09-909T, July 29
• SAFECode's paper on Supply Chain Integrity Framework
• Quadrennial Homeland Security Review: Feedback Opportunity
• Cyber Security Report
• Cisco Advice on DDOS Prevention
• Proof of Concept Centers

June 2009

• GAO Reports about Information Management:CORRESPONDENCE Federal Information Security Issues. GAO-09-817R, June 30 | Reports and Testimonies | Help | E-mail Updates
• Nuclear Detonation Planning Guide
• Continued Federal Efforts Are Needed to Protect Critical Systems and Information. GAO-09-835T, June 25
• Cyber Security Strategy of the United Kingdom
• National Security Strategy of the United Kingdom - II
• National Security Strategy of the United Kingdom - I
• National Security Strategy 2009
• 2009 Payments Fraud Survey
• DHS - Bomb Threat Chart
• Pandemic Guidance
• "The Role of the Department of Defense During a Flu Pandemic," June 4, 2009
• Emerging Threats and Security Planning: How Should We Decide What Hypothetical Threats to Worry About?
• Interim Guidance to Assist Airline Flight Deck and Cabin Crew
• Security Economics and Critical National Infrastructure
• Influenza Pandemic : GAO Report
• Pandemic Flu Preparedness : LESSONS FROM THE FRONTLINES

May 2009

• 2008 Annual Report - Energy Sector Control Systems Working Group
• Classified Information and Controlled Unclassified Information Review
• 60 day Cyber Space review
• Torpig Research Paper
• U.S. Treasury Department Advice for Social Security Check Recipients
• Monthly Activity Summary - April 2009
• 1976 Swine Flu report
• Terrorism Protective Measures
• DOE's "Comparing the Impacts of the 2005 and 2008 Hurricanes on U.S. Energy Infrastructure."
• NCTC -- 2008 Report on Terrorism
• CDC Flyer: Clean Hands Save Lives
• Information Security: Cyber Threats and Vulnerabilities Place Federal Systems at Risk. GAO-09-661T, May 5 | Highlights
• Update on School (K - 12) Dismissal and Childcare Facilities: Interim CDC Guidance in Response to Human Infections with the 2009 Influenza A H1N1 Virus
• Guidance from CDC : What to Do if you get flu like symptoms
• Attorney General memoranda on Federal authority to address Pandemic Influenza
• Guidance for Preventing Transmission of H1N1 Influenza in the Workplace
• The Preparedness Report - Volume 7 Issue 9
• Update on School (K – 12) Dismissal and Childcare Facilities: Interim CDC Guidance in Response to Human Infections with the 2009 Influenza A H1N1 Virus

April 2009

• U.S. Department of Homeland Security Department Response to the H1N1 Flu Update
• H1N1 Global Outbreak Map
• Guidance on Preparing Workplaces for an Influenza Pandemic
• Department Response to H1N1 (Swine) Flu
• Video on improved map and H1N1 swine flu current and future evolution
• Secretary Napolitano's Remarks at the H1N1 Flu Outbreak Media Briefing
• Antiviral Drugs and Swine Influenza
• New York City Department of Health and Mental Hygiene ; Swine Flu Information
• THE FBIIC/FSSCC PANDEMIC FLU EXERCISE OF 2007 AFTER ACTION REPORT
• Swine Influenza information
• Interim CDC Guidance for Nonpharmaceutical Community Mitigation in Response to Human Infections with Swine Influenza (H1N1) Virus
• Swine Influenza information from U.S Department of Health & human Services
• Swine Influenza - More information
• Pandemic preparedness
• US-CERT Monthly Summary Activity - March 2009
• Melissa Hathaway's comments at RSA
• Office of Information Policy - FOIA Post
• Lessons from a Storm - Banking for Safety Video
• 2009 Data Breach Investigations Report
• Hurricane Ike in Texas and Louisiana: Mitigation Assessment Team Report, Building Performance Observations, Recommendations, and Technical Guidance
• Vulnerability Summary for the Week of April 6, 2009
• OBP Training Fact Sheet with Planned Activities
• April Newsletter - Security of Credit Card Transactions
• Electricity Grid in U.S. Penetrated By Spies

March 2009

• US-CERT Cyber Security Bulletin SB09-096 -- Vulnerability Summary for the Week of March 30, 2009
• 2008 Internet Crime Report
• Information on North Dakota Severe Storms and Flooding
• Information on Minnesota Severe Storms and Flooding
• A Comprehensive Study of Financial Data Security Breaches in the United States 3-30-09
• Conficker Computer Worm Detection Tool
• Notice to ND bankers from Commissioner
• Reporting Stimulus Fraud
• Information Bulletin - April 1, 2009 - Conficker C Activation
• OCC News Release: OCC Allows National Bank Offices Affected by Floods in Upper Midwest to Close
• Issue 41: March 2009 NIPP Newsletter
• Report of the Interagency Working Group on Digital Data
• US CERT Monthly Activity Summary for February 2009
• GAO - National Cybersecurity Strategy: Key Improvements Are Needed to Strengthen the Nation's Posture.GAO-09-432T, March 10 | Highlights
• Optimised to Fail : Card Readers for Online Banking
• Influenza Pandemic: Sustaining Focus on the Nation's Planning and Preparedness Efforts. GAO-09-334, February 26 | Highlights
• DISASTER RECOVERY: Past Experiences Offer Recovery Lessons for Hurricanes Ike and Gustav and Future Disasters
• Enisa Country Reports 2009

February 2009

• RSA Online Fraud Report
• I3P National Cyber Security
• 2009 NIPP - Electronic Copy Available
• Microsoft Document for DNSSEC on the Windows Server 2008 R2 and Windows 7 operating systems
• US-CERT National Cyber Alert System Monthly Activity Summary
• Planning Guidance for Response to a Nuclear Detonation
• General Protective Measures For Vehicle Borne Improvised Explosive Devices (VBIED)

January 2009

• GAO Reports about Information Management - Information Security: Further Actions Needed to Address Risks to Bank Secrecy Act Data. GAO-09-195, January 30
• McAfee Report: Unsecured Economies: Protecting Vital Information
• North American PI Plan
• Top Private-Sector Security Concerns in 2008 : Global Security Concerns
• Issue 39: January 2009 NIPP Newsletter
• US-CERT Public Trends and Analysis Report FY08 Q4
• January 2009 Cyber Security Tips Newsletter - Challenge or Secret Questions
• Pandemic Planning Update VI
• Monthly Activity Summary
• CWE/SANS TOP 25 Most Dangerous Programming Errors
• Which? Computing
• United Kingdom : British Medical Association - "Preparing for Pandemic Influenza"
• NCTC 2009 Counterterrorism Calendar
• United Kingdom: MI5 Security Service
• Georgia
• CERT - Georgia
• CERT - Armenia
• CERT - Turkey
• CERT - Estonia
• Twitter Blog
• Learning More About the Underground Economy: A Case-Study of Keyloggers and Dropzones
• United Kingdom Ministry of Defence : Defence Science and Technology Laboratory
• Science: Stable Introduction of a Life-Shortening Wolbachia Infection into the Mosquito Aedes aegypti

December 2008

• Digital World, Digital Life - December 2008
• France Telecom -- Three undersea cables cut: traffic greatly disturbed between Europe and Asia/Near East zone
• ENISA Quarterly Review
• Cisco 2008: Annual Security Report
• Microsoft confirms that all versions of IE have critical new bug
• Microsoft Security Vulnerability Research & Defense
• Microsoft Security Response Center (MSRC)
• Pew Internet & American Life Project - "The Future of the Internet III"
• Government of Australia - Online and Communications Council "Framework for the collaborative development and use of broadband in Australia"
• Government of Australia - Communications Infrastructure and Services Availability Report 2006-07
• Federal Trade Commission Alert - "Free Security Scan" Could Cost Time and Money
• Federal Trade Commission - Court Halts Bogus Computer Scans
• Common Cold Centre
• A Report of the CSIS Commission on Cybersecurity for the 44th Presidency
• "Asteroid Threats: a Call for Global Response"
• Internet Corporation for Assigned Names and Numbers
• Commission on the Prevention of WMD Proliferation and Terrorism:The Report of the Commission on the Prevention of WMD Proliferation and Terrorism
• European Commission - "Fight against cyber crime"

November 2008

• European Commission - "Fight against cyber crime"
• The Network Topology of CHAPS Sterling
• CIIN-08-309-01-Using Caution with USB Drives
• Symantec Report on the Underground Economy July 07–June 08
• 2008 REPORT TO CONGRESS of the U.S.-CHINA ECONOMIC AND SECURITY REVIEW COMMISSION
• Future of Privacy Forum
• Issue 38: November 2008 NIPP Newsletter
• Online criminals can make £14,500 from average UK internet user
• UK Energy Infrastructure Questionnaire
• Arbor Networks - Worldwide Infrastructure Security Report Volume IV, 2008
• Spamalytics: An Empirical Analysis of Spam Marketing Conversion
• A Guide to Names and Naming Practices
• US-CERT - CIIN-08-309-01: Using Caution with USB Drives
• Reconsidering Physical Key Secrecy: Teleduplication via Optical Decoding
• Microsoft Security Intelligence Report volume 5 (January – June 2008)
• United Kingdom - "Corporate IT Forum Survey: Is organised electronic crime on the rise?"
• United Kingdom - "The Frontline In The Fight Against E-Crime: Lessons From Top Organisations"

October 2008

• Stock_taking_final_report_2008
• Garlik UK Cybercrime Report 2008
• United Kingdom Information Commissioner's Office - Speech of 29 October 2008
• Internet Watch Foundation
• Critical Infrastructure Information Notice- CIIN-08-297-01
• Microsoft Security Bulletin MS08-067
• Issue 37: October 2008 NIPP Newsletter
• Mail Handling Procedures File #1
• Mail Handling Procedures File #2
• Ecole Polytechnique Federale de Lausanne - "Compromising Electromagnetic Emanations of Keyboards"
• FBI Statement
• USPS Information on How to Handle Suspicious Mail
• USPS Poster on How to Handle Suspicious Mail
• Social Security Numbers Are Widely Available in Bulk and Online Records, but Changes to Enhance Security Are Occurring. GAO-08-1009R, September
• Social Security Numbers: Transfers and Sales of Public Records That May Contain Social Security Numbers (GAO-08-1004SP, September 2008), an E-supplement to GAO-08-1009R. GAO-08-1004SP, September 19
• SwA Community Resources and Information Clearinghouse
• Enhancing the Development Life Cycle to Produce Secure Software - Version 2, October 3, 2008
• Fundamental Practices for Secure Software Development: A Guide to the Most Effective Secure Development Practices in Use Today - Released October 8, 2008
• Software Assurance in Acquisition: Mitigating Risks to the Enterprise - Version 1.01, October 2008
• Practical Measurement Framework for Software Assurance and Information Security - Version 1.0, October 2008
• Practical Measurement Framework for Software Assurance and Information Security - Released October 1, 2008
• Engineering for System Assurance - Version 1.0, October 1, 2008
• Common Weakness Enumeration - Released October 14, 2008
• Financial Impact of Cyber Security
• United Kingdom - Speech by the Home Secretary
• Georgia Tech Information Security Center - "Emerging Cyber Threats Report for 2008"
• Risk-Based Capital: New Basel II Rules Reduced Certain Competitive Concerns, but Bank Regulators Should Address Remaining Uncertainties. GAO-08-953, September 12 | Highlights
• Business Continuity Course
• New England Journal of Medicine - "Antigenically Distinct MF59-Adjuvanted Vaccine to Boost Immunity to H5N1"
• Consumer Alert
• Information Technology: Management Improvements Needed on the Department of Homeland Security's Next Generation Information Sharing System. GAO-09-40, October 8 | Highlights
• Government Accountability Office - "GAO’s Efforts to Assist the 111th Congress"
• United Kingdom All Party Parliamentary Group on Identity Fraud - Identity Fraud Report
• 13th European Symposium on Research in Computer Security
• Radboud University Nijmegen - "Dismantling MIFARE Classic"
• Radboud University Nijmegen - "Making the Best of Mifare Classic"
• Avoiding Social Engineering and Phishing Attacks
• Recognizing and Avoiding Email Scams
• Department of Justice Press Release - October 2, 2008
• United Kingdom Home Office - "Fighting back against electronic crime"
• University of Toronto, Munk Centre for International Studies - "Breaching Trust"
• General Protective Measures For Vehicle Borne Improvised Explosive Devices (VBIED)
• Vehicle Borne IED Identification Guide: Parked Vehicles
• Update on Anthrax Preparedness
• State of Washington Attorney General - Scareware
• International Association of Chiefs of Police - “To Protect and Defend”
• Infrastructure Resiliency Guide
• Connecting Research in Security to Practice (CRISP) Report - Lost Laptops = Lost Data

September 2008

• Influenza Pandemic: HHS Needs to Continue Its Actions and Finalize Guidance for Pharmaceutical Interventions. GAO-08-671, September 30.
• 2007/2008 NIPP Update
• House Committee on Homeland Security - "Cybersecurity Recommendations for the Next Administration"
• European Commission - Second periodic review of the scope of universal service in electronic communications networks and services
• UK Border Agency, "Identity cards for foreign nationals"
• Proceedings of Human Factors and Ergonomics Society
• United Kingdom Information Commissioner's Office calls on consumers to take control of their personal information
• Federal Plan for Advanced Networking Research and Development
• FSSCC Research Agenda for the Banking and Finance Sector
• Delivering super-fast broadband in the UK
• FY08 DHS Protective Security Coordination Division Training 19 September 2008
• Issue 36: Aug/Sept 2008 NIPP Newsletter
• National Counterterrorism Center - Historical references
• US Postal Service closings related to Hurricane Ike
• Mitigation Monday - Defense Against Malicious E-mail Attachments, Release 1
• National Security Professional Development
• Shadowserver Foundation
• Louisiana Reentry Procedures
• Do Zebras get more Spam than Aardvarks?
• Ignoring the Great Firewall of China
• Sampled Traffic Analysis by Internet-Exchange-Level Adversaries

August 2008

• ILTF Brochure
• Upcoming Cyber Security Conferences
• Bulletin of the Seismological Society of America - Observations and Tectonic Setting of Historic and Instrumentally Located Earthquakes in the Greater New York City–Philadelphia Area
• FEMA OPB Future Outlook
• Unified Command Incident Situation Report 08/21/08 at 1600 hrs
• NOAA Tropical Storm Fay 1100L 08/21/08
• Unified Command Incident Situation Report 08/21/08 at 1000 hrs
• Unified Command Incident Situation Report 08/20/08
• OCC Allows National Bank Offices Affected by Hurricane Fay to Close
• Office Closing Proclamation - TS/Hurricane Fay
• WMD Radiological/Nuclear Awareness Train-the-Trainer Responder Operations
• Market-wide Exercise 2006

July 2008

• US Air Force Weather
• National Academy of Public Administration
  "Addressing the 2009 Presidential Transition at the Department of Homeland Security"
• Incorporated Research Institutions for Seismology Global Seismic Monitor
• Earthquake Safety
• Products for DNS Issue
• Homegrown Terrorist Threat Report
• U.S. Geological Survey Earthquake Hazards Program & NWS Tsunami Centers
• Japan Meteorological Agency
• Tropical Storm Dolly SITREP #1 (0600 EDT 24 Jul 08)
• HHS and DHS on Pandemic Vaccination Allocation
• LA City Readiness Report
• TX SCU update and advisory
• OCC Allows National Bank Offices Affected by Hurricane Dolly to Close
• Analyzing Websites for User-Visible Security Design Flaws
• Annual Process Control Systems Forum
• SCIENCE AND THE TERRORIST CHALLENGE – OPTIONS FOR POLICY AND THEIR IMPLICATIONS.
• REGISTER NOW for the Next National Webcast on Voice Over-IP!
• Influenza Pandemic: Federal Agencies Should Continue to Assist States to Address Gaps in Pandemic Planning. GAO-08-539, June 19
• House of Lords: Diseases Know No Frontiers: How effective are Intergovernmental Organisations in controlling their spread?
• US-CERT Advisory 08-04- BlackBerry Security Advisory
• On the State of Public Health: Annual Report of the Chief Medical Officer 2007, Chapter 5
• Data Sharing Review
• Using Wireless Technology Securely
• Swiss Federal Institute of Technology Zurich Understanding the Web browser threat: Examination of vulnerable online Web browser populations and the "insecurity iceberg"
• Midwest Flood Update
• Power of Information Task Force Competition
• Power of Information Task Force
• CIKR Pandemic Influenza Planning Update Webinar
• The President’s National Science and Technology Council, Subcommittee on Disaster Reduction
• U.S. Forest Service Fire and Aviation Management Program
• National Interagency Fire Center
• Further Efforts Needed to Integrate Planning for and Response to Disruptions on Converged Voice and Data Networks
• Methods for Sharing Dynamic IP Address Space Information with Others
• NOAA Midwest Flooding Situation and Outlook 1600L 061808
• Internet Corporation for Assigned Names and Numbers
• StopBadware.org - a partnership amongst academic and research organizations
• United Kingdom Foreign & Commonwealth Office’s Travel Advice Notices

June 2008

• Electromagnetic Interference From Radio Frequency Identification Inducing Potentially Hazardous Incidents in Critical Care Medical Equipment
• June 2008 NIPP Newsletter
• U.S. Army War College Guide to National Security Issues, Vol. II: National Security Policy and Strategy
• U.S. Army War College Guide to National Security Issues, Vol. I: Theory of War and Strategy
• Brochure - Regional Coalitions
• Federal Register Notice: Notice of Availability of Draft Guidances to Assist in Preparation for an Influenza Pandemic
• Dominant Cyber Offensive Engagement and Supporting Technology
• MWE Progress Report

May 2008

• PREPARING FOR PANDEMIC INFLUENZA:SUPPLEMENTARY GUIDANCE FOR LOCAL RESILIENCE FORUM PLANNERS
• European Union Electronic Identity Management
• CIA World Leaders Reference Guide
• TRENDS AND ANALYSIS REPORT
• Sinagapore Exercise
• Seminar on Countering Insider Threats
• Issue 33: May 2008 NIPP Newsletter
• Security Configuration Guides
• Human Security Brief 2007
• UCLA CENTER FOR INFORMATION AND COMPUTATION SECURITY
• Definitive Care for the Critically Ill During a Disaster
• 2008 Emergency Response Guidebook
• First pre-pandemic vaccine approved to help protect against pandemic influenza
• OECD Internet Address Space Report
• NATO opens new centre of excellence on cyber defence
• US Senate Violent Islamist Extremism, The Internet, and the Homegrown Terrorist Threat
• US JSSRT Security and Suitability Process Reform Initial Report 4-30-08
• US DOS Reports on Terrorism 2007
• Journal of Biological Chemistry, April 22, 2008
• Japan Meteorological Agency Earthquake of 8 May 2008
• Durham University Institute of Hazard and Risk Research
• Electronic Crime Scene Investigation: A Guide for First Responders, Second Edition
• WI-FI SECURITY
• DHS ICE Investigations Mission Roles in Multi Agency Areas of Responsibility
• Keyboards harbour harmful bacteria
• Country Reports on Terrorism
• Federal guidence to assist states in improving state-level pandemic influenza operating plans
• New 18th Sector - Federal Register Notice
• CYBER ALERT
• Report on fraud regarding non cash means of payments in the EU
• Internet Traffic Studies Site

April 2008

• Next Generation New Build: Promoting higher speed broadband in new build housing developments
• Changes in Espionage by Americans: 1947-2007
• Fact Sheet: Protecting Our Federal Networks Against Cyber Attacks
• Global Information Technology Report
• APWG's Second Annual Counter eCrime Operations Summit (CeCOS II)
• 8th Software Assurance Forum
• Director for National Intelligence Information Sharing Strategy
• International Criminal Police Organization
• Protected Critical Infrastructure Information (PCII) Program Survey
• Being Human: Human-Computer Interaction in the year 2020
• Carnegie Mellon link
• Exploring Identity Management: Global Landscape and Implications for Stakeholder Engagement Around the National Response Framework
• National Cyber-Forensics and Training Alliance

March 2008

• NIST/ITL Bulletin
• The U.S. Department of Transportation's Federal Highway Administration (FHWA)
• State Department Travel Warnings
• CYBER SOLIDARITY: Five Nations, One Mission
• Blueprint for a Modernized Financial Regulatory Structure
• National Security Strategy of the United Kingdom
• Pandemic Economics: The 1918 Influenza and Its Modern-Day Implications
• Identity Theft
• Joint Task Force - Global Network Operations
• The Center for Homeland Defense and Security
• Republic of the Philippines
  Department of Health
• 2nd International Forum Against Cybercrime - France
• SFH on class suspension in primary schools and kindergarten due to flu
• Secretariat-General for National Defense Cyber Security Portal
• Ministry for Culture and Communications Web Surf Intelligently Portal
• DHS FEMA US Fire Administration Emergency Incident Rehabilitation
• Report: Insider Threat Study: Illicit Cyber Activity in the Government Sector
• Report: Insider Threat Study: Illicit Cyber Activity in the Information Technology and Telecommunications Sector
• Podcast: Significant insider threat vulnerabilities can be introduced (and mitigated) during all phases of the software development life cycle.
• Research document on pandemic influenza and the financial services sector
• United Nations Food & Agriculture Organization
• Survey of Federal Chief Information Officers
• FFIEC Business Continuity Plan
• Australian Federal Police
• Terrorist Recognition Cards
• Research paper on cyber security
• Increase to Netherlands Terror Threat Level
• Summary of Terrorist Threat Assessment Netherlands 12
• Counterterrorism Alert System in the Netherlands

February 2008

• A study of the effects of financial crises on health
• Computer Crime Unit
• Computer Laboratory Security Group
• Earthquakes in the British Isles
• ODNI report to Congress
• Pandemic Disease
• International Telecommunications Union
• U.S. State Department's notice "Remain in Country During a Pandemic."
• Investigative Programs Cyber Investigations
• Internet Safety
• FBI warns of Valentines Day Storm Worm virus
• Submarine Cable Cut Repairs - Bulletin
• Annual Threat Assessment of the Director of National Intelligence
• FEMA RELEASES ON-LINE TRAINING COURSE FOR THE NATIONAL RESPONSE FRAMEWORK
• Update on Submarine Cable Cut Repairs
• Update on Submarine Cable Cut
• Submarine Cable Map
• Important Change in International Land and Sea Travel Document Procedures
• FBBIIC / FSSCC Pandemic Flu Exercise of 2007 After Action Report
• FERC Mandatory Reliability Standards for Critical Infrastructure Protection
• National Response Framework, Resource Center
• Important Change in International Land and Sea Travel Document Procedures
• An increase in Internet schemes purportedly from the FBI
• Preparing and Protecting Security Personnel in Emergencies
• Occupant Emergency Plan guide

What's New Archive

FBIIC looks forward to your feedback on this website.