The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.

CSIAC ANNOUNCEMENTS:

CSIAC Podcast: Cybersecurity Simplified - CSIAC

This short video attempts to simplify a number of cybersecurity concepts and practices to help individuals prevent many common and avoidable cybersecurity pitfalls.
Tags: CSIAC Podcast

CSIAC Webinar: Highly Secured Blockchain Technology for Strategic Supply Chain Management - CSIAC

The blockchain technology is a game changer to enhance the security of our supply chain, and smart manufacturing. The technology enables the tracking and recording of the history of each transaction in a ledger stored in the cloud that cannot be altered, and when combined with digital signatures, verifies the identity of the participants with its non-repudiation capabilities. Dr. Bertrand Cambo will present the prototypes developed at Northern Arizona University (NAU) demonstrating the feasibility of the schemes, and discuss the challenges to deploy this blockchain technology to established manufacturing subcontractors.
Tags: Blockchain, Supply Chain Management

RECENT HEADLINES:

DOD to Require Cybersecurity Certification in Some Contract Bids - Defense.gov

DOD released its new Cybersecurity Maturity Model Certification (CMMC) on January 31st, billed by the undersecretary of defense for acquisition and sustainment as "Version 1.0." By the end of September, the Defense Department will require at least some companies bidding on defense contracts to certify that they meet at least a basic level of cybersecurity standards when responding to a request for proposals.
Tags: CMMC, Defense Contractors, Reform

US Army Sleuths Seek Social-Media Search Services - Defense One

The Army's Criminal Investigation Command conducts extensive probes into threats against the military branch and its personnel. This week, insiders unveiled their intent to glean new mission-relevant evidence through the forensic analysis of social media posts.
Tags: Criminal Investigation Command, Social Media

Pentagon weapons tester hones in on cyber tools - Fifth Domain

The Pentagon's weapons tester has bolstered its focus on cyber capabilities pursued by the department through U.S. Cyber Command and its service acquisition executives, according to its annual report.
Tags: Director Operational Test and Evaluation (DOT&E), Joint Cyber Warfighting Architecture

Pentagon Finds Flaws in New F-35 Amid Increasing Orders: Report - The Hill

The Defense Department has discovered new problems associated with Lockheed Martin's F-35 fighter jet in its annual review, including issues with the accuracy of its 25mm gun, Bloomberg reports.
Tags: Department of Defense (DoD), F-35, Pentagon

Researcher Finds Over 60 Vulnerabilities in Physical Security Systems - Security Week

A researcher has discovered more than 60 vulnerabilities across 20 physical security products, including critical flaws that can be exploited remotely to take complete control of a device.
Tags: Physical Security Systems, Vulnerabilities

Facebook Agrees to $550 Million Settlement in Facial Recognition Class Action Lawsuit - TechXplore

Facebook has agreed to pay $550 million to settle a class-action lawsuit over its use of facial recognition technology in Illinois.
Tags: Biometric Information Privacy Act, Facial Recognition

Presidential Advisers Expected to Push Software-Defined Networking for Secure Comms - NextGov

An upcoming meeting of presidential advisers promises an update on the importance of software-defined networking to national security and emergency preparedness as pressure builds for the administration to support coordinated investment in the technology.
Tags: Cyber Legislation, Software Defined Network (SDN)

NY Proposes Outlawing Ransomware Payments - GCN

Nothing encourages ransomware attacks like victims who pay up.
Tags: Legislation, Ransomware

Burn, Drown, or Smash Your Phone: Forensics Can Extract Data Anyway - ZDNet

Even if criminals try to destroy the evidence, NIST finds forensic experts can still extract data from a damaged phone. This is how they do it.
Tags: Chip-off, JTAG, Mobile Forensics

Firefox Now Shows What Telemetry Data it’s Collecting About You - ZDNet

There is now a special page in the Firefox browser where users can see what telemetry data Mozilla is collecting from their browser.
Tags: Firefox, Telemetry Data

Imperiled Information – Students Find Website Data Leaks Pose Greater Risks Than Most People Realize - Harvard SEAS

It turns out data leaks pose much greater threats than most people realize, and a hacker could easily find and exploit sensitive information on not only a person's virtual identity, but also his or her real identity.
Tags: Data Leaks, Personally Identifiable Information (PII)

CSIAC Supported Communities

CSIAC supports several communities of practice, such as the Cyber Community of Interest (COI) Group and research & development working groups.

Technical Resources, Policy and Guidance

This list of related sites provides additional sources to pursue the topic of Cybersecurity. The sites include Government organizations, including federal agencies, Department of Defense and military service agencies, commercial organizations, and academic institutions.

The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.