Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

CIA Invests In Semantic Search, Wireless Networking

In-Q-Tel is partnering with NetBase and Connectify to make semantic search and virtual VPN technology available to the U.S. intelligence community.

Government Innovators
Slideshow: Government Innovators
(clickimage for larger view and for full slideshow)
The CIA is investing in next-generation search and remote wireless networking technologies that will enhance the technological capability of the U.S. intelligence community.

In-Q-Tel, a CIA-based nonprofit that identifies emerging technologies, is partnering with NetBase and Connectify to add semantic search and technology that turns PCs into Wi-Fi networks, respectively, to the cache of technologies available to intelligence agencies.

NetBase offers software as a service that can search by sentence to identify contextual meanings of words, and organize searches in the context of a specific set of questions relevant to a discipline or a particular audience, according to In-Q-Tel. This type of search is seen as a game changer for how people search for information, although it is used alongside rather than to replace conventional search methods.

The CIA and other intelligence agencies can use NetBase's technology to streamline how they search for information internally, according to In-Q-Tel. They also can integrate it into existing search techniques already used by the intelligence community to add a new layer of search capability for the agencies and partners that need to access intelligence information.

[ The CIA needs all the tech help it can get. Read LulzSec Claims Credit For CIA Site Takedown. ]

Philadelphia-based Connectify will leverage an In-Q-Tel's investment to further develop its virtual VPN software, which allows users to turn PCs into secure Wi-Fi hotspots with one click, according to the nonprofit.

Once a PC is enabled as a Connectify Hotspot, other users with security access to it can leverage the connection from laptops, tablets, or smartphones while working remotely or traveling, according to In-Q-Tel.

In-Q-Tel's interest in helping Connectify further develop its technology comes after it already has garnered great interest by private-sector companies, said In-Q-Tel CTO William Strecker in a statement.

The CIA launched In-Q-Tel in 1999 as an independent entity to find useful new technologies to support the intelligence community's mission. The nonprofit has made a flurry of investments lately, including partnerships with vendors that provide computer-screen security, cloud computing-based storage and secure virtualization technology.

The vendors, contractors, and other outside parties with which you do business can create a serious security risk. Here's how to keep this threat in check. Also in the new, all-digital issue of Dark Reading: Why focusing solely on your own company's security ignores the bigger picture. Download it now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/28/2020
How an Industry Consortium Can Reinvent Security Solution Testing
Henry Harrison, Co-founder & Chief Technology Officer, Garrison,  5/21/2020
10 iOS Security Tips to Lock Down Your iPhone
Kelly Sheridan, Staff Editor, Dark Reading,  5/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11949
PUBLISHED: 2020-05-28
testserver.cgi of the web service on VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to obtain arbitrary files from a camera's local filesystem. For example, this affects IT9388-HT devices.
CVE-2020-11950
PUBLISHED: 2020-05-28
VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands). For example, this affects IT9388-HT devices.
CVE-2020-13645
PUBLISHED: 2020-05-28
In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate verificat...
CVE-2020-13643
PUBLISHED: 2020-05-28
An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The live editor feature did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The live_editor_panels_data $_POST variable allows for malicious JavaScript to be e...
CVE-2020-13644
PUBLISHED: 2020-05-28
An issue was discovered in the Accordion plugin before 2.2.9 for WordPress. The unprotected AJAX wp_ajax_accordions_ajax_import_json action allowed any authenticated user with Subscriber or higher permissions the ability to import a new accordion and inject malicious JavaScript as part of the accord...