Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

CIA Invests In Semantic Search, Wireless Networking

In-Q-Tel is partnering with NetBase and Connectify to make semantic search and virtual VPN technology available to the U.S. intelligence community.

Government Innovators
Slideshow: Government Innovators
(clickimage for larger view and for full slideshow)
The CIA is investing in next-generation search and remote wireless networking technologies that will enhance the technological capability of the U.S. intelligence community.

In-Q-Tel, a CIA-based nonprofit that identifies emerging technologies, is partnering with NetBase and Connectify to add semantic search and technology that turns PCs into Wi-Fi networks, respectively, to the cache of technologies available to intelligence agencies.

NetBase offers software as a service that can search by sentence to identify contextual meanings of words, and organize searches in the context of a specific set of questions relevant to a discipline or a particular audience, according to In-Q-Tel. This type of search is seen as a game changer for how people search for information, although it is used alongside rather than to replace conventional search methods.

The CIA and other intelligence agencies can use NetBase's technology to streamline how they search for information internally, according to In-Q-Tel. They also can integrate it into existing search techniques already used by the intelligence community to add a new layer of search capability for the agencies and partners that need to access intelligence information.

[ The CIA needs all the tech help it can get. Read LulzSec Claims Credit For CIA Site Takedown. ]

Philadelphia-based Connectify will leverage an In-Q-Tel's investment to further develop its virtual VPN software, which allows users to turn PCs into secure Wi-Fi hotspots with one click, according to the nonprofit.

Once a PC is enabled as a Connectify Hotspot, other users with security access to it can leverage the connection from laptops, tablets, or smartphones while working remotely or traveling, according to In-Q-Tel.

In-Q-Tel's interest in helping Connectify further develop its technology comes after it already has garnered great interest by private-sector companies, said In-Q-Tel CTO William Strecker in a statement.

The CIA launched In-Q-Tel in 1999 as an independent entity to find useful new technologies to support the intelligence community's mission. The nonprofit has made a flurry of investments lately, including partnerships with vendors that provide computer-screen security, cloud computing-based storage and secure virtualization technology.

The vendors, contractors, and other outside parties with which you do business can create a serious security risk. Here's how to keep this threat in check. Also in the new, all-digital issue of Dark Reading: Why focusing solely on your own company's security ignores the bigger picture. Download it now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Aviation Faces Increasing Cybersecurity Scrutiny
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/22/2019
Microsoft Tops Phishers' Favorite Brands as Facebook Spikes
Kelly Sheridan, Staff Editor, Dark Reading,  8/22/2019
Capital One Breach: What Security Teams Can Do Now
Dr. Richard Gold, Head of Security Engineering at Digital Shadows,  8/23/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2016-6154
PUBLISHED: 2019-08-23
The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect).
CVE-2019-5594
PUBLISHED: 2019-08-23
An Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in Fortinet FortiNAC 8.3.0 to 8.3.6 and 8.5.0 admin webUI may allow an unauthenticated attacker to perform a reflected XSS attack via the search field in the webUI.
CVE-2019-6695
PUBLISHED: 2019-08-23
Lack of root file system integrity checking in Fortinet FortiManager VM application images of all versions below 6.2.1 may allow an attacker to implant third-party programs by recreating the image through specific methods.
CVE-2019-12400
PUBLISHED: 2019-08-23
In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this im...
CVE-2019-15092
PUBLISHED: 2019-08-23
The webtoffee "WordPress Users & WooCommerce Customers Import Export" plugin 1.3.0 for WordPress allows CSV injection in the user_url, display_name, first_name, and last_name columns in an exported CSV file created by the WF_CustomerImpExpCsv_Exporter class.