NIST invites comments on Draft Special Publication (SP) 800-207, Zero Trust Architecture, which discusses the core logical components that make up a zero trust architecture (ZTA) network strategy.
CS Digest Section: RECENT HEADLINES
Microsoft will Offer Free Windows 7 Support for Election Officials Through 2020
Microsoft said Friday it will offer state and local election officials free security support for Windows 7 operating systems used in voting systems through 2020.
https://www.cyberscoop.com/microsoft-windows-7-elections-2020/
Cybercrooks Target U.S. Veterans with Fake Hiring Website
A known threat actor, Tortoiseshell, is targeting U.S. military veterans with a fake veteran hiring website that hosts malware.
https://threatpost.com/fake-us-veteran-hiring-website-malware/148644/
Organizations Warned of Dual Threat Posed by RDP and Disruptive Ransomware
In a paper warning about the evolution of what it calls 'disruptionware', the Institute for Critical Infrastructure Technology (ICIT) highlights ransomware and RDP access as the current focus of a new development that "sees adversaries disrupting business continuity" posing "an existential threat to critical infrastructure operators."
https://www.securityweek.com/organizations-warned-dual-threat-posed-rdp-and-disruptive-ransomware
POISON CARP Threat Actor Targets Tibetan Groups
A threat actor referred to as POISON CARP has targeted senior members of Tibetan groups via WhatsApp for around six months, Citizen Lab reveals.
https://www.securityweek.com/poison-carp-threat-actor-targets-tibetan-groups
27 Countries Sign Cybersecurity Pledge with Digs at China and Russia
New York (CNN)Twenty-seven countries have signed a joint agreement on what constitutes fair and foul play in cyberspace - with a nod toward condemning China and Russia.
https://edition.cnn.com/2019/09/23/politics/united-nations-cyber-condemns-russia-china/index.html
Senate Panel Passes Grid Security Bills
The Senate Committee on Energy and Natural Resources approved a pair of bills designed to improve the cyber and physical security for the energy grid at a Sept. 25 meeting.
https://fcw.com/articles/2019/09/27/grid-security-bills-senate.aspx?admgarea=TC_Security
Linux to Get kernel ‘Lockdown’ Feature
New Linux kernel "lockdown" module to limit high-privileged users -- even root -- from tampering with some kernel functionality.
https://www.zdnet.com/article/linux-to-get-kernel-lockdown-feature/
Reinventing the Network Stack for Compute-Intensive Applications
DARPA seeks to create new networking approaches to accelerate distributed application performance by 100x.
Google Reportedly Under Antitrust Scrutiny for New Internet Encryption Protocol
The new standard aims to improve security and privacy by encrypting internet traffic.
https://www.cnet.com/news/google-reportedly-under-antitrust-scrutiny-for-new-internet-protocol/
