Cyber Security and Information Systems Information Analysis Center
Apple today released a supplemental update to macOS High Sierra 10.13, the first update to the macOS High Sierra operating system that was released to the public in late September. The macOS High Sierra 10.13 update comes just over one week after the release of macOS High Sierra.
https://www.macrumors.com/2017/10/05/apple-releases-macos-high-sierra-10-13-supplemental-update/
In today's post, we are publishing research showing a coordinated effort by the same spammer that targeted WordPress plugins over a 4.5-year period. In some cases, site owners opted in to a vague agreement that didn’t make it clear that their sites would be serving spam; in other cases, plugins were simply "backdoored" to allow posting without a site owner's
https://www.wordfence.com/blog/2017/09/coordinated-plugin-spam/
The FBI's goal is to have U.S. firms push Kaspersky out of their systems as soon as possible or refrain from using them in new products or other efforts, the current and former officials say. The FBI's counterintelligence section has been giving briefings since beginning of the year on a priority basis, prioritizing companies in the energy sector and
https://www.cyberscoop.com/fbi-kaspersky-private-sector-briefings-yarovaya-laws/
As part of this month's Patch Tuesday, Microsoft has released security patches for a serious privilege escalation vulnerability which affect all versions of its Windows operating system for enterprises released since 2007.
A new feature added in test snapshots for OpenBSD releases will create a unique kernel every time an OpenBSD user reboots or upgrades their computer.
Western technology companies, including Cisco, IBM and SAP, are acceding to demands by Moscow for access to closely guarded product security secrets, at a time when Russia has been accused of a growing number of cyber attacks on the West, a Reuters investigation has found.
http://www.reuters.com/article/us-usa-russia-tech-idUSKBN19E0XB
A new trend in adware and unwanted program purveyors is to install protection software that makes it more difficult for Windows users to run their security programs and clean infections. This was seen with the SmartService rootkit that blocked AV software from running and now with a protection program being called CertLock.
Security researchers have spotted a booby-trapped PowerPoint file that will download malware to a computer whenever a victim hovers a link, no macro scripts required.
DoD is working with GitHub, an open source platform, to experiment with fostering more collaboration between private sector software developers and federal employees on software projects built within the DoD. The Code.mil URL redirects users to an online repository that will house code written for a range of projects across DoD for individuals to review and
Engineering-based approaches to solutions are essential to managing the growing complexity and interconnectedness of today’s systems—as exemplified by cyber-physical systems, systems-of-systems, and the Internet of Things.
The CSIAC is a DoD-sponsored Center of Excellence in the fields of Cybersecurity, Information Assurance, Software Engineering, Modeling & Simulation, and Knowledge Management & Information Sharing.Learn More
| Phone: | 800-214-7921 |
| Email: | i...@csiac.org |
| Address: | 266 Genesee St. Utica, NY 13502 |
