The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.
Army to Test Commercially-Run Cloud Services on Military Bases - Federal News Radio
The military would provide physical and cyber security, the firms would bring the cost and scalability benefits of cloud technology.
WD My Cloud NAS Devices can be Hijacked by Attackers - Net-Security
Researchers with security consultancy VerSprite have unearthed several vulnerabilities in Western Digital's My Cloud NAS product, which can be exploited by local and remote attackers to achieve root access to the device.
Cyberthreat Information Sharing in the Energy Sector - Security Intelligence
Information sharing about cyberthreats and cybersecurity is a key element of protection for every industry. Malicious attackers share information, and their intended victims also benefit from sharing what they learn about ongoing and potential threats.
A pair of cyber security sleuths discovered the identity of a Chinese military hacker.
White House: No Cyber Attack Pact with China, For Now - Defense One
During his visit to Washington, D.C., this week, Chinese President Xi Jinping was expected to sign an historic "cyber arms agreement" with the United States, under which each would agree to adhere to U.N.-established norms of online behavior.
A new report from Palo Alto Networks confirms Chinese cyber attacks on a U.S. government entity and a European media company.
"The greatest threat I face as a brigade commander on the battlefield is not [enemy] tanks, snipers or IEDs," said Col. Chuck Masaracchia. "It's defending the network."
An infamous advanced persistent threat hacking group known as Naikon is actually China's PLA Unit 78020 and a military intelligence expert there, traced to the attacks via his social media and other activity.
The federal government is finally getting around to notifying the 21.5 million people whose personal data may have been stolen in a massive data breach at the Office of Personnel Management, several months after the agency first revealed it had been targeted by hackers.
With their vast stores of personal data and expensive research, universities are prime targets for hackers looking to graduate from swiping credit card numbers.
Stolen data is a hot commodity in the Internet underground - but how much it goes for might be a surprise.
Tags: Dark Web
OPM says 5.6 million Fingerprints Stolen in Cyberattack, Five Times as Many as Previously Thought - Washington Post
The agency now says 5.6 million people's fingerprints were stolen as part of the hacks.
There's a new round of Stagefright vulnerabilities that allows attackers to execute malicious code on more than one billion phones running ancient as well as much more recent versions of Google's Android operating system.
Cisco Releases Tool for Detecting Malicious Router Implants - Net-Security
Cisco Systems has provided a tool that allows enterprise users to scan their networks and discover if their routers have been compromised with malicious SYNful Knock implants.
The Department of Defense announced that it will soon require all of its contractors to report any major cybersecurity breaches.
Raytheon Wins $1 billion Cybersecurity Contract to Battle Attacks on U.S. Agencies - Washington Post
The Department of Homeland Security has awarded a massive cybersecurity contract, worth up to $1 billion, to Raytheon, which it hopes will shore up the federal government's defenses against the increasing onslaught of attacks.
The chief of naval operations last month established the Navy Cybersecurity Division, a 40-person office responsible for evaluating big cyber investments and ensuring policy requirements.
The CIA pulled a number of officers from the U.S. Embassy in Beijing as a precautionary measure in the wake of the massive cybertheft of the personal data of federal employees.
Nearly three quarters of the federal government's $80 billion budget for information technology goes toward maintaining existing and in some cases, archaic systems.
The space agency and the web company entered into a new deal with quantum computer maker D-Wave Systems.
New U.S. Military Chip Self Destructs on Command - Spectrum IEEE
A new chip built on strained glass can shatter within 10 seconds when remotely triggered.
Newly Found TrueCrypt Flaw Allows Full System Compromise - Network World
Windows users who rely on TrueCrypt to encrypt their hard drives have a security problem: a researcher has discovered two serious flaws in the program.
Vulnerabilities Found in Several SCADA Products - Security Week
ICS-CERT published advisories this week for a series of vulnerabilities affecting SCADA products from Resource Data Management, IBC Solar and EasyIO.
Tags: Critical Infrastructure Protection (CIP)
The Cyber COI engages in multiple activities and forums for coordinating cyber S&T strategies, sharing innovative ideas and technical approaches, promoting technology transfer and upcoming business opportunities, and in jointly planning programs across the Department of Defense and other government agencies. Membership is based upon approval by the Cyber COI group administrator.
The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.