The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.
In Case you Missed it: CSIAC Webinar – The National Security Agency’s Science of Security and Privacy Initiative - CSIAC
The Science of Security and Privacy (SoS) Initiative, sponsored by the National Security Agency Research Directorate, fosters a self-sustaining, open, and public security science research community to discover key cyber principles necessary to support improved explanations, predictions and confirmation or validation of predicted outcomes. The discipline of Science of Security and Privacy draws on the bases from multiple disciplines including: Computer Science, Engineering, Mathematics, and Psychology. SoS is advancing the technical aspects of security along with an understanding the human elements involved.
Tags: National Security Agency (NSA), SoS, Webinar
Researchers have devised a simple attack that might cause a Tesla to automatically steer into oncoming traffic under certain conditions. The proof-of-concept exploit works not by hacking into the car's onboard computing system, but by using small, inconspicuous stickers that trick the Enhanced Autopilot of a Model S 75 into detecting and then following a change in the current lane.
Tags: Artificial Intelligence (AI), Exploit, Tesla Autopilot
NIST’s Ron Ross on the State of Cyber: ‘We Literally are Hemorrhaging Critical Information’ - Fifth Domain
After Chinese hackers infiltrated a Navy subcontractor's computer network and stole a trove of highly sensitive data on submarine warfare, it spurred the government to revise the standards that contractors must follow to ensure government data is properly protected data.
Tags: Information Sharing, National Institute of Standards and Technology (NIST)
The Department of Homeland Security is trying to replicate a strategy used by the Department of Defense to protect and defend its networks, and the plan could soon be used across the entire federal government.
Tags: Cyber Strategy, Department of Homeland Security (DHS), DoD
Hundreds of millions of Facebook users had their account passwords stored in plain text and searchable by thousands of Facebook employees - in some cases going back to 2012, KrebsOnSecurity has learned. Facebook says an ongoing investigation has so far found no indication that employees have abused access to this data.
Tags: Data Security, Facebook, Password Security
Striking a balance between mobile device security and user needs is a constant challenge for the Defense Information Systems Agency's (DISA) DOD Mobility Unclassified Capability program management office (DMUC PMO).
Tags: Defense Information Systems Agency (DISA), Mobile Security
A new Android banking trojan is starting to gain popularity on the cybercriminal underworld. Named Gustuff, the trojan has been around for almost a year, during which time it slowly received updates over updates, becoming a powerhouse in terms of features and targeting capabilities.
Tags: Gustuff Trojan, Mobile Application Security, Mobile Security
The federal government wants to hold defense contractors accountable for the cybersecurity of their supply chains but that's no easy feat, experts said Tuesday.
Tags: Cyber Accountabality, Cyber Supply Chain
A new Army unit will help the service operate against enemies such as Russia and China on a daily basis but will do so below the level of conflict. In addition, the new group could help set the stage for more traditional kinetic battles.
Tags: I2CEWS, U.S. Army
IoT Attacks Escalating with a 217.5% Increase in Volume - Bleeping Computer
Attacks against Internet of Things (IoT) devices and networks have been escalating throughout 2018 with 32.7 million IoT attacks having been detected during last year by SonicWall, while phishing saw a decrease in volume with most of the attacks being targeted.
Tags: Cyber Attack, Internet of Things (IoT)
FBI, Retooling Once Again, Sets Sights on Expanding Cyber Threats - The Wall Street Journal
The FBI has launched its biggest transformation since the 2001 terror attacks to retrain and refocus thousands of special agents to combat cyber criminals, whose threats to lives, property and critical infrastructure has outstripped U.S. efforts to thwart them.
Tags: Cyber Threats, FBI
CSIAC supports several communities of practice, such as the Cyber Community of Interest (COI) Group and research & development working groups.
This list of related sites provides additional sources to pursue the topic of Cybersecurity. The sites include Government organizations, including federal agencies, Department of Defense and military service agencies, commercial organizations, and academic institutions.
The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.