• Home
  • Resources
    • Find Resources by Topic Tags
    • Cybersecurity Policy Chart
    • CSIAC Reports
    • Webinars
    • Podcasts
    • Cybersecurity Digest
    • Standards & Reference Docs
    • Journals
    • Certifications
    • Acronym DB
    • Cybersecurity Related Websites
  • Services
    • Free Technical Inquiry
    • Core Analysis Task (CAT) Program
    • Subject Matter Expert (SME) Network
    • Training
    • Contact Us
  • Community
    • Upcoming Events
    • Cybersecurity
    • Modeling & Simulation
    • Knowledge Management
    • Software Engineering
  • About
    • About the CSIAC
    • The CSIAC Team
    • Subject Matter Expert (SME) Support
    • DTIC’s IAC Program
    • DTIC’s R&E Gateway
    • DTIC STI Program
    • FAQs
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Login / Register

CSIAC

Cyber Security and Information Systems Information Analysis Center

  • Resources
    • Find Resources by Topic Tags
    • Cybersecurity Policy Chart
    • CSIAC Reports
    • Webinars
    • Podcasts
    • Cybersecurity Digest
    • Standards & Reference Docs
    • Journals
    • Certifications
    • Acronym DB
    • Cybersecurity Websites
  • Services
    • Free Technical Inquiry
    • Core Analysis Task (CAT) Program
    • Subject Matter Expert (SME) Network
    • Training
    • Contact
  • Community
    • Upcoming Events
    • Cybersecurity
    • Modeling & Simulation
    • Knowledge Management
    • Software Engineering
  • About
    • About the CSIAC
    • The CSIAC Team
    • Subject Matter Expert (SME) Support
    • DTIC’s IAC Program
    • DTIC’s R&E Gateway
    • DTIC STI Program
    • FAQs
  • Cybersecurity
  • Modeling & Simulation
  • Knowledge Management
  • Software Engineering
/ CS Digests / 03 Oct 2017

CS Digest: 03 Oct 2017

Posted: 10/03/2017 | Leave a Comment

The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.

CSIAC ANNOUNCEMENTS:

Free CSIAC Webinar – Thursday, October 26 @ 12:00 pm EDT – Applying the 20 Critical Controls for Risk Assessment - CSIAC

This webinar will introduce attendees to the Center for Internet Security (CIS) Top 20 Critical Security Controls. Tools and techniques to implement the controls will be discussed. With the uncertainty and risks associated with the Internet of Things (IoT), it is essential to understand how to assess a system or a business network and implement controls to eliminate, minimize, mitigate or manage risk. The "Top 20" is an industry accepted framework for cyber security managers to address all elements within and threats to a network. The incorporation of these controls provides learners with real world skills and experiences.

National Cyber Security Awareness Month – Week 1: Simple Steps to Online Safety - CSIAC

All members of the public can take some simple actions to protect themselves online and to recover in the event a cyber incident occurs. This week’s topic is simple steps that an individual or organization can take to improve their online safety. CSIAC has a substantial repository of information available to its users. We will highlight a few topics we feel are critical to protecting yourself and point you to both CSIAC and external resources we feel can assist you.

RECENT HEADLINES:

Cloud Computing:

Cut Cord: How Viacom’s Master Controls Were Left Exposed - Up Guard

The UpGuard Cyber Risk Team can now disclose that Viacom Inc, the Fortune 500 corporation that owns Paramount Pictures, as well as cable channels like MTV, Comedy Central, and Nickelodeon, exposed a vast array of internal access credentials and critical data that could be used to cause immense harm to the multinational corporation's business operations.

Critical Infrastructure:

INL to Host National Conversation in Delaware on Protecting Critical Infrastructure - KMVT News

Millions of people were affected by wide-spread power outages in the days following hurricanes Harvey and Irma. Utilities worked to get the power on, and smart meters were credited with helping with response and restoration efforts. As the water recedes, there are lingering questions about the critical attributes of a robust and resilient power grid. Join the conversation on this topic, and others at the 10th annual Resilience Week symposium in Wilmington, Delaware, Sept. 18-22. This symposium is dedicated to advancing the resiliency of critical cyber-physical infrastructures from unexpected and malicious threats, with a particular focus on industrial control systems (ICS), supervisory control and data acquisition (SCADA), and cybersecurity.
Tags: Critical Infrastructure Protection (CIP), Cyber Physical Systems (CPSs)

Cyber Crime:

Deloitte Hit by Cyber-attack Revealing Clients’ Secret Emails - The Guardian

One of the world's "big four" accountancy firms has been targeted by a sophisticated hack that compromised the confidential emails and plans of some of its blue-chip clients, the Guardian can reveal. Deloitte, which is registered in London and has its global headquarters in New York, was the victim of a cybersecurity attack that went unnoticed for months.

Hackers Using iCloud’s Find My iPhone Feature to Remotely Lock Macs and Demand Ransom Payments - Mac Rumors

Over the last day or two, several Mac users appear to have been locked out of their machines after hackers signed into their iCloud accounts and initiated a remote lock using Find My iPhone. With access to an iCloud user's username and password, Find My iPhone on iCloud.com can be used to "lock" a Mac with a passcode even with two-factor authentication turned on, and that's what's going on here.

Cyberwarfare:

Insights into Iranian Cyber Espionage: APT33 Targets Aerospace and Energy Sectors and has Ties to Destructive Malware - Fire Eye

When discussing suspected Middle Eastern hacker groups with destructive capabilities, many automatically think of the suspected Iranian group that previously used SHAMOON - aka Disttrack - to target organizations in the Persian Gulf. However, over the past few years, we have been tracking a separate, less widely known suspected Iranian group with potential destructive capabilities, whom we call APT33. Our analysis reveals that APT33 is a capable group that has carried out cyber espionage operations since at least 2013. We assess APT33 works at the behest of the Iranian government.

Cyber Threat Analysis in Complex Adaptive Systems - Help Net Security

The use of wartime analogies in cybersecurity is common in our industry. Sun Tzu is often quoted in presentations and papers to emphasize an author’s key point. I will spare you that in this article; however, I would like to introduce the idea of applying a rigorous framework derived from kinetic warfare to the cyber realm. The notion of complex adaptive systems (CAS) as introduced by Brigadier General Wayne Michael Hall and Dr. Gary Citrenbaum in their book on intelligence collection provides such a framework.

Data Security:

Additional Information Regarding the Recent CCleaner APT Security Incident - Avast

We would like to update our customers and the general public on the latest findings regarding the investigation of the recent CCleaner security incident. As published in our previous blog posts, analysis of the CnC server showed that the incident was in fact an Advanced Persistent Threat (APT) attack, targeting specific high-tech and telecommunications companies. That is, despite the fact that CCleaner is a consumer product, the purpose of the attack was not to attack consumers and their data; instead, the CCleaner customers were used to gain access to corporate networks of select large enterprises.

Tech Support Scammers Abuse Native Ad and Content Provider Taboola to Serve Malvertising - Malwarebytes

A large number of publishers – big and small – are monetizing their sites by selling space for companies that provide so-called native advertising, cited as more effective and engaging than traditional banner ads.

SEC Discloses Cybersecurity Breach - Politico

The Securities and Exchange Commission on Wednesday said its "EDGAR" public-company filing system had been hacked. SEC Chairman Jay Clayton said in a statement that last month "the Commission learned that an incident previously detected in 2016 may have provided the basis for illicit gain through trading." "Specifically, a software vulnerability in the test filing component of our EDGAR system, which was patched promptly after discovery, was exploited and resulted in access to nonpublic information," Clayton said.

CCleaner Malware Infects Big Tech Companies With Second Backdoor - TheHackerNews

According to the researchers from Kaspersky, the CCleaner malware shares some code with the hacking tools used by a sophisticated Chinese hacking group called Axiom, also known as APT17, Group 72, DeputyDog, Tailgater Team, Hidden Lynx or AuroraPanda. "The malware injected into CCleaner has shared code with several tools used by one of the APT groups from the Axiom APT 'umbrella'," tweeted director of Global Research and Analysis Team at Kaspersky Lab. Cisco researchers also note that one configuration file on the attacker's server was set for China's time zone, which suggests China could be the source of the CCleaner attack. However, this evidence alone is not enough for attribution.

Attackers can Pull Data From Air-gapped Networks’ Surveillance Cameras - SC Magazine

Researchers have demonstrated a way for remote attackers to exfiltrate data from and send malicious commands to air-gapped networks, using infrared surveillance cameras that ironically are supposed to make the organizations using them more secure.

We Tested Equifax’s Data Breach Checker — And It’s Basically Useless - ZDNet

In case you missed it: The credit rating giant admitted hackers had targeted the company in the past few months, stealing records on as many as 143 million consumers. The company went into disaster management mode (albeit with a six-week head start) and flubbed the incident response. Not only did the company botch the roll out of the support site, it also threw potential victims into legalistic chaos with nobody knowing for sure for hours whether or not the site was automatically opting out customers from a future class action suit. Add one more thing to the dumpster fire of this incident response "omni-shambles." The checker, hosted by TrustedID (a subsidiary of Equifax) that millions of users are checking to see if their private information has been stolen doesn't appear to be properly validating entries. In other words: it is giving out incorrect answers.

Equifax Data Breach: What You Need to Know - CNN

Unlike other data breaches, those affected by the breach may not even know they're customers of the company. Equifax (EFX) is one of three nationwide credit-reporting agencies that track and rate the financial history of consumers. The company gets its data from credit card companies, banks, retailers and lenders -- sometimes without you knowing.

Blockchain and Digital Currency:

Over 1.65 Million Computers Infected With Cryptocurrency Miners in 2017 So Far - Bleeping Computer

Telemetry data collected by Kaspersky Lab shows that in the first nine months of 2017, malware that mines for various types of cryptocurrencies has infected more than 1.65 million endpoints. According to Kaspersky, detections for cryptocurrency mining trojans rose from a lowly 205,000 infections in 2013 to nearly 1.8 million in 2016, and 2017 looks like it will easily surpass that number.

High Performance Computing:

Los Alamos Gains Role in High-Performance Computing for Materials Program - HPC Wire

A new high-performance computing (HPC) initiative announced this week by the U.S. Department of Energy will help U.S. industry accelerate the development of new or improved materials for use in severe environments. Los Alamos National Laboratory, with a strong history in the materials science field, will be taking an active role in the initiative.

Machine Learning and Artificial Intelligence:

Google Reveals Android Robocop AI to Spot and Destroy Malware - The Register

In its ongoing quest to trap and kill Android malware, Google has, as usual, turned to machine learning - and is reporting some success.

Microsoft Launches New Machine Learning Tools - Tech Crunch

Microsoft, just like many of its competitors, has gone all in on machine learning. That emphasis is on full display at the company's Ignite conference, where the company today announced a number of new tools for developers who want to build new A.I. models and users who simply want to make use of these pre-existing models - either from their own teams or from Microsoft.

Neuromorphic Computing:

Intel Unveils Loihi Self-learning Neuromorphic Chip - Bit-Tech

Intel has announced it is doubling down in the field of artificial intelligence, launching a test platform dubbed Loihi which it describes as a self-learning neuromorphic chip aimed at allowing machines to think and learn more like people.

Public Sector:

Special Report: HP Enterprise let Russia scrutinize cyberdefense system used by Pentagon - Reuters

Hewlett Packard Enterprise allowed a Russian defense agency to review the inner workings of cyber defense software used by the Pentagon to guard its computer networks, according to Russian regulatory records and interviews with people with direct knowledge of the issue.

President Donald J. Trump Proclaims October 2017 as National Cybersecurity Awareness Month - White House

All Americans are affected by threats to our Nation's cybersecurity. In recent years, bad actors in cyberspace have launched attacks on a cross-section of America: businesses both small and large, State and local governments, schoolhouses, hospitals, and infrastructure critical to public safety and national security. My Administration is committed to protecting Americans against these threats. During Cybersecurity Awareness Month, we reflect on our Nation's increasing reliance on technology and the internet and raise awareness about the importance of cybersecurity. Keeping our Nation secure in the face of cyber threats is our shared responsibility. Our agility and resilience in responding to these threats will improve as our collective awareness about their nature improves.

Army Initiates New Network Modernization Plan to Enhance Cyber Capabilities - Army

As the Army introduces concepts such as the multi-domain battle (MDB) into joint operations, it also examines how its current network requires modification in order to support warfighters from multiple services in varying areas of operations and with numerous network and cyber challenges.

U.K. Releases Code of Practice for Maritime Cyber Security - American shipper

The U.K. is asking vessels to use better practices in maritime cyber security, according to Transport Minister Lord Callanan. The Department for Transport (DfT) has released a new cyber security code of practice for vessels, which Callanan said will help firms develop cyber security assessments and plan, mitigation measures and manage security breaches. "Anything that threatens the reliability and performance of a shipping sector that carries 95 percent of our trade has to be taken seriously," Callanan said last week during London International Shipping Week.

Quantum Computing:

With New Microsoft Breakthroughs, General Purpose Quantum Computing Moves Closer to Reality - Microsoft

That broad charter has ended up putting Microsoft on the path to building the first topological qubit, a robust type of quantum bit that Microsoft believes will serve as the basis for a scalable, general purpose quantum computer system – and mark a profound breakthrough in the field of quantum physics.

Software Security:

9 WordPress Plugins Targeted in Coordinated 4.5-Year Spam Campaign - Word Fence

In today's post, we are publishing research showing a coordinated effort by the same spammer that targeted WordPress plugins over a 4.5-year period. In some cases, site owners opted in to a vague agreement that didn’t make it clear that their sites would be serving spam; in other cases, plugins were simply "backdoored" to allow posting without a site owner's permission.

FEEDBACK FROM PREVIOUS DIGEST:

Most Popular:

Software has a Serious Supply-chain Security Problem - Wired

On Monday, Cisco's Talos security research division revealed that hackers sabotaged the ultra-popular, free computer-cleanup tool CCleaner for at least the last month, inserting a backdoor into updates to the application that landed in millions of personal computers. That attack betrayed basic consumer trust in CCleaner-developer Avast, and software firms more broadly, by lacing a legitimate program with malware-one distributed by a security company, no less.

CSIAC Supported Communities

CSIAC supports several communities of practice, such as the Cyber Community of Interest (COI) Group and research & development working groups.

Technical Resources, Policy and Guidance

This list of related sites provides additional sources to pursue the topic of Cybersecurity. The sites include Government organizations, including federal agencies, Department of Defense and military service agencies, commercial organizations, and academic institutions.


The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.

« 19 Sep 2017
17 Oct 2017 »

Reader Interactions

Leave a Comment Cancel

You must be logged in to post a comment.

sidebar

Blog Sidebar

Featured Content

The DoD Cybersecurity Policy Chart

The DoD Cybersecurity Policy Chart

This chart captures the tremendous breadth of applicable policies, some of which many cybersecurity professionals may not even be aware, in a helpful organizational scheme.

View the Policy Chart

Featured Subject Matter Expert (SME): Cully Patch

An internal CSIAC SME with a passion for learning, teaching, and supporting the warfighter, Mr. Cully Patch has been a member of the CSIAC staff for 5 years. Cully was instrumental in leading the development and instruction of an extensive course on DoD Cybersecurity Analysis and Reporting (DoDCAR) - a threat-based approach to addressing system cybersecurity. As a senior program manager for cybersecurity and intelligence, Mr. Patch has extensive experience in providing cybersecurity training and education to both university students and military operators. Cully is a retired US Air Force military officer with career accomplishments in the fields of research, Intelligence, cybersecurity operations, planning, and technical course instruction. CSIAC is honored to have Mr. Patch as a subject matter expert, where he leads teams of technologists through problem solving, training program development, scientific and technical information generation, and analysis of complex system requirements.

View SME's Contributed Content

CSIAC Report - Smart Cities, Smart Bases and Secure Cloud Architecture for Resiliency by Design

Integration of Smart City Technologies to create Smart Bases for DoD will require due diligence with respect to the security of the data produced by Internet of Things (IOT) and Industrial Internet of Things (IIOT). This will increase more so with the rollout of 5G and increased automation "at the edge". Commercially, data will be moving to the cloud first, and then stored for process improvement analysis by end-users. As such, implementation of Secure Cloud Architectures is a must. This report provides some use cases and a description of a risk based approach to cloud data security. Clear understanding, adaptation, and implementation of a secure cloud framework will provide the military the means to make progress in becoming a smart military.

Read the Report

CSIAC Journal - Data-Centric Environment: Rise of Internet-Based Modern Warfare “iWar”

CSIAC Journal Cover Volume 7 Number 4

This journal addresses a collection of modern security concerns that range from social media attacks and internet-connected devices to a hypothetical defense strategy for private sector entities.

Read the Journal

CSIAC Journal M&S Special Edition - M&S Applied Across Broad Spectrum Defense and Federal Endeavors

CSIAC Journal Cover Volume 7 Number 3

This Special Edition of the CSIAC Journal highlights a broad array of modeling and simulation contributions – whether in training, testing, experimentation, research, engineering, or other endeavors.

Read the Journal

CSIAC Journal - Resilient Industrial Control Systems (ICS) & Cyber Physical Systems (CPS)

CSIAC Journal Cover Volume 7 Number 2

This edition of the CSIAC Journal focuses on the topic of cybersecurity of Cyber-Physical Systems (CPS), particularly those that make up Critical Infrastructure (CI).

Read the Journal

Recent Video Podcasts

  • Cybersecurity Maturity Model Certification (CMMC): The Road to Compliance Series: The CSIAC Podcast
  • Deep Learning for Radio Frequency Target Classification Series: CSIAC Webinars
  • A Brief Side-by-Side Comparison Between C++ and Rust – Part 3 Series: Programming Language Comparisons
  • A Brief Side-by-Side Comparison Between C++ and Rust – Part 2 Series: Programming Language Comparisons
  • A Brief Side-by-Side Comparison Between C++ and Rust – Part 1 Series: Programming Language Comparisons
View all Podcasts

Upcoming Events

Tue 13

18th USENIX Symposium on Networked Systems Design and Implementation (NSDI)

April 12 - April 14
Boston MA
Organizer: USENIX
Tue 13

Identity Management Day

April 13
Organizer: Identity Defined Security Alliance (IDSA)
Thu 29

Data Connectors Phoenix Virtual Cybersecurity Summit

April 29
Organizer: Data Connectors
636-778-9495
May 17

SANS Purple Team Summit & Training 2021

May 17 - May 28
Organizer: SANS Institute
May 27

DockerCon LIVE 2021

May 27 @ 06:00 - 14:00 EDT
View all Events

Footer

CSIAC Products & Services

  • Free Technical Inquiry
  • Core Analysis Tasks (CATs)
  • Resources
  • Events Calendar
  • Frequently Asked Questions
  • Product Feedback Form

About CSIAC

The CSIAC is a DoD-sponsored Center of Excellence in the fields of Cybersecurity, Software Engineering, Modeling & Simulation, and Knowledge Management & Information Sharing.Learn More

Contact Us

Phone:800-214-7921
Email:info@csiac.org
Address:   266 Genesee St.
Utica, NY 13502
Send us a Message
US Department of Defense Logo USD(R&E) Logo DTIC Logo DoD IACs Logo

Copyright 2012-2021, Quanterion Solutions Incorporated

Sitemap | Privacy Policy | Terms of Use | Accessibility Information
Accessibility / Section 508 | FOIA | Link Disclaimer | No Fear Act | Policy Memoranda | Privacy, Security & Copyright | Recovery Act | USA.Gov

This website uses cookies to provide our services and to improve your experience. By using this site, you consent to the use of our cookies. To read more about the use of our site, please click "Read More". Otherwise, click "Dismiss" to hide this notice. Dismiss Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.

SAVE & ACCEPT