The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.

RECENT HEADLINES:

Cloud Computing:

With New Policy, DOD Components Won’t Need DISA to Buy Cloud Services - Next Gov

The new policy overrides two previous memorandums that charged DISA with assessing the security of commercial cloud service offerings and cataloging them.

Cyberwarfare:

S Korea Seeks Chinese Help Over Nuclear Cyber-Attack - BBC

South Korea is seeking the help of China over a cyber-attack on its nuclear power network after the IP address of a suspected hacker was traced to a north-eastern Chinese city.

No Rules of Cyber War - Politico

U.S. in uncharted waters with 'proportionate response' on hack attacks.

Data Security:

5 Small Business Takeaways From Sony’s Hack - Fox Business

Small businesses may not be the prime target for a hack on the scale of the recent attack on Sony Pictures, but that doesn't mean it can't happen.

FBI Bulletin States Sony Hackers are Targeting Media Outlets - Maximum PC

The hacking organization that took credit for infiltrating Sony Pictures Entertainment and stealing 10TB worth of data has also threatened at least one news media organization.

Cybersecurity Firm Identifies Six In Sony Hack – One A Former Company Insider - Daily Caller

Norse, the cybersecurity firm that first identified a potential insider in the massive November hack of Sony Pictures, believes it's uncovered evidence on six individuals primarily involved in the attack.

Healthcare Security:

Medical File Hack Affected Nearly Half a Million Postal Workers - Next Gov

Network intruders compromised health information on current and former U.S. Postal Service employees who filed for workers' compensation.

High Performance Computing:

New Form of Memory Could Advance Brain-Inspired Computers - Technology Review

A new kind of computer memory could help make more capable computer chips that function more like biological brains, say IBM researchers.

Legislation and Regulation:

France Passes Online Surveillance Law That Makes It Legal to Spy on Internet Users - Softpedia

The French government can now collect data about users.

5 Key Tech Bills Passed by Congress in 2014 - Next Gov

Significant legislative efforts approved by lawmakers this year, ranging from reforming information technology acquisition to strengthening the Department of Homeland Security's role in securing federal networks from cyberattacks.

Mobile Security:

Exploit for Android Same Origin Policy Flaw Is Leveraged Against Facebook Users - Softpedia

Facebook users are targeted by attacks that exploit a same origin policy (SOP) flaw in the web browser of the Android OS lower than 4.4.

Network Security:

Majority Of 4G USB Modems Vulnerable And SIM Cards Exploitable Via SMS - Tech Worm

Security researchers from Positive Technologies have stated that almost all 4G USB modems and SIM cards contain exploitable vulnerabilities through which can give full control of the devices to which they are connected to the hackers.

Public Sector:

How a DHS Document Dump Imperiled U.S. Security - Government Executive

Homeland Security inadvertently released more than 800 pages of information about how to hack energy infrastructure.

Software Security:

Tor Responds To The Cyber Attack On Its Network - Business Insider

The Tor Project on Saturday morning acknowledged a cyber attack on this network.

The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.