The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.
Report Suggests Most DoD Networks Susceptible to Mid-Grade Cyber Threats - Federal News Radio
A new Pentagon report on the Defense Department's major systems includes some worrying assessments of DoD's overall cybersecurity posture.
Cyberwarfare: Capitol Staffers Aren’t Ready - Politico
Congressional staffers are the gateway to all lawmaking on the Hill, but they also may be unwittingly opening the door to hackers.
A variant of Curve-Tor-Bitcoin (CTB) Locker ransomware - also known as Critroni - being distributed in a spam campaign now offers victims additional time to pay the ransom, but also requires them to pay a whole lot more than previously.
Drone Incident at White House Highlights Long Studied, Still Unsolved Security Gap - Washington Post
The intrusion by a recreational drone early Monday onto the White House lawn exposed a security gap at the compound that the Secret Service has spent years studying but has so far been unable to fix.
Obama to Congress: Enact Cybersecurity Laws - Gov Info Security
President Warns of a Nation Vulnerable Without New Statutes.
A software developer has analyzed the way the newly released Microsoft Outlook for iOS functions and discovered that it does not align to the best security practices, presenting a serious risk if used for company email communication.
A security vulnerability that allows a potential attacker to execute arbitrary code on the system has been uncovered in the iPass Open Mobile Windows Client.
Amit Bareket calls it a "cat-and-mouse" game. In this instance, his company is the mouse, and the Chinese government is a giant cat.
The DNS settings of some router models from D-Link can be modified without authorization via their web-based administration console.
Cyber vulnerabilities in the private sector pose a serious threat to national security, the chairman of the Joint Chiefs of Staff said.
A critical vulnerability has been found in glibc, the GNU C library, that affects all Linux systems dating back to 2000. Attackers can use this flaw to execute code and remotely gain control of Linux machines.
Oracle released new security updates for Java to fix 19 vulnerabilities and disable default support for SSL 3.0.
Security Advisory for Adobe Flash Player - US-Cert
Adobe has released Flash Player desktop version 22.214.171.1246 to address a critical vulnerability (CVE-2015-0311) in 126.96.36.1997 and earlier versions for Windows and Macintosh.
Three OS X Vulnerabilities Disclosed by Google - Security Week
The details of three high-severity vulnerabilities affecting Apple's OS X operating system have been disclosed over the past two days by Google.
The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.