The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.
In Case You Missed It – CSIAC Webinar : Learning to Win: Making the Case for Autonomous Cyber Security Solutions - CSIAC
This webinar describes the benefits of machine learning based approaches for autonomous control in the cyber domain. We discuss emerging autonomous machine learning technologies and their recent successes, technical and non-technical challenges to overcome, and potential near-term applications to cyber security.
CSIAC Webinar Companion Document - CSIAC
The purpose of this article is to make the case for increased research and development of autonomous control machine learning approaches in the cyber domain. In it, we discuss emerging autonomous machine learning technologies and their recent successes, technical and non-technical challenges that still need to be overcome for practical autonomous applications of machine learning, and finally some thoughts on potential near-term applications of autonomous machine learning to cyber security.
Today the FBI is launching a webpage on combating foreign influence. This information is provided to educate the public about the threats faced from disinformation campaigns, cyber attacks, and the overall impact of foreign influence on society. The FBI is the lead federal agency responsible for investigating foreign influence operations.
President Donald Trump has eliminated rules governing the process for launching cyberattacks, giving the military freer rein to deploy its advanced hacking tools without pushback from the State Department and the intelligence community, an administration official told POLITICO.
Will Russian Hackers Affect This Year’s US Election? - Security Week
Nearly a year after Russian government hackers meddled in the 2016 U.S. election, researchers at cybersecurity firm Trend Micro zeroed in on a new sign of trouble: a group of suspect websites.
Microsoft has thwarted newly attempted cyberattacks by Russian hackers targeting U.S. political campaigns before the midterm elections, the company alleged Monday.
Temporary Patch Available for Recent Windows Task Scheduler ALPC Zero-Day - Bleeping Computer
Earlier this week a security researcher released exploit code for a Windows zero-day affecting the Task Scheduler ALPC interface. Today, cyber-security firm Acros Security published a temporary fix (called a micropatch) that prevents exploitation of that particular zero-day.
Critical Vulnerability Patched in PHP Package Repository - Security Week
A critical remote code execution vulnerability was recently addressed in packagist.org, a large PHP package repository, a security researcher reveals.
The "Five Eyes" intelligence alliance wants tech companies to give them access to data and communications, saying "privacy is not absolute."
T-Mobile has revealed that hackers may have stolen the personal information of some of its customers.
Three Ways of Looking at Security Operations - Security Week
The term "security operations" is often interpreted to be synonymous with a security operations center (SOC). In fact, a web search on security operations results mostly in links to SOC content. But that's a narrow view. How you view security operations will make a difference in how fast your organization can deliver software and mitigate breach damage. A bigger-picture view that includes IT operations is necessary to address the agile threat environment that exists today.
Attorneys general from 20 states celebrated on Monday when a district court judge in Seattle extended an injunction against the sharing of 3-D printed gun blueprints online. But their victory lap was short-lived. On Tuesday afternoon, Cody Wilson, founder of the open-source gun-printing advocacy group Defense Distributed, announced he would begin selling the blueprints directly to people who want them.
Banking Trojans and Shady Apps Galore In Google Play - Bleeping Computer
Despite Google's defenses for protecting Android's official marketplace, cybercriminals still manage to sneak in a banking Trojan, or two, or three, security researchers have discovered.
Sensitive Data Exposure via WiFi Broadcasts in Android OS [CVE-2018-9489] - Nightwatch Cybersecurity
System broadcasts by Android OS expose information about the user's device to all applications running on the device. This includes the WiFi network name, BSSID, local IP addresses, DNS server information and the MAC address.
It’s Official: TLS 1.3 Approved as Standard While Spies Weep - The Register
An overhaul of a critical internet security protocol has been completed, with TLS 1.3 becoming an official standard late last week.
US Government Takes Steps to Bolster CVE Program - Bleeping Computer
The US government is taking steps to fix the Common Vulnerabilities and Exposures (CVE) system that's been plagued by various problems in recent years. reade test.
CSIAC supports several communities of practice, such as the Cyber Community of Interest (COI) Group and research & development working groups.
This list of related sites provides additional sources to pursue the topic of Cybersecurity. The sites include Government organizations, including federal agencies, Department of Defense and military service agencies, commercial organizations, and academic institutions.
The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.