The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.
The blockchain technology is a game changer to enhance the security of our supply chain, and smart manufacturing. The technology enables the tracking and recording of the history of each transaction in a ledger stored in the cloud that cannot be altered, and when combined with digital signatures, verifies the identity of the participants with its non-repudiation capabilities. Dr. Bertrand Cambo will present the prototypes developed at Northern Arizona University (NAU) demonstrating the feasibility of the schemes, and discuss the challenges to deploy this blockchain technology to established manufacturing subcontractors.
Tags: Blockchain, Supply Chain Management
In this video we will examine the Cybersecurity Supply Chain Risk Management (C-SCRM) and mitigation tactic using cybersecurity risk design strategies to strengthen SCRM efforts for organizations directly involved in delivery of products, services, and solutions to the Federal government and all other tiers of the global supply chain.
Tags: Cyber Supply Chain, Cybersecurity Supply Chain Risk Management (C-SCRM)
Data Privacy Day is January 28 - CSIAC.org
In honor of Data Privacy Day - an international effort held annually on Jan. 28 to generate awareness about the importance of respecting privacy, safeguarding data and enabling trust - CSIAC has been discussing the importance of safeguarding data at your organization, things to consider in protecting this information and how you can foster a culture of privacy awareness at all levels of the organization.
Tags: Data Privacy Day
By paying for the reporting of security flaws, security researchers are incentivized to spend time discovering application vulnerabilities. In just a few years bug bounty programs have evolved from obscurity to being embraced as a best practice.
Tags: Bug Bounties
DHS Tells U.S. Organizations to Clamp Down on Cybersecurity in Wake of Soleimani Killing - Cyber Scoop
The Department of Homeland Security on Monday issued guidance to U.S. companies and government agencies on securing their computer networks following the killing last week of a top Iranian general.
Tags: Cyberwarfare, Iran
FBI Flash Alert Warns of LockerGoga and MegaCortex Ransomware Attacks - Security Affairs
Starbucks Devs Leave API Key in GitHub Public Repo - Bleeping Computer
One misstep from developers at Starbucks left exposed an API key that could be used by an attacker to access internal systems and manipulate the list of authorized users.
Tags: Bug Bounties, Vulnerability
Python 2.7 Reaches End of Life After 20 Years of Development - Bleeping Computer
As of January 1st, 2020, Python 2.7 has officially reached the end of life and will no longer receive security updates, bug fixes, or other improvements going forward.
Wawa Faces Several Lawsuits following a Massive Payment Card Breach - Security Affairs
Coast Guard says Ryuk Ransomware Hit Systems that Monitor Cargo Transfers at Maritime Facility - Cyber Scoop
Hackers used Ryuk ransomware to infiltrate computer networks at a marine transportation facility, causing an outage of roughly 30 hours, the U.S. Coast Guard said in a recent security advisory.
Tags: Ransomware, Ryuk Ransomware
Microsoft has taken hold of 50 websites used by suspected North Korean hackers to bolster attempted hacks against government employees, universities and nuclear organizations, among other targets.
Tags: Microsoft, North Korea
CSIAC supports several communities of practice, such as the Cyber Community of Interest (COI) Group and research & development working groups.
This list of related sites provides additional sources to pursue the topic of Cybersecurity. The sites include Government organizations, including federal agencies, Department of Defense and military service agencies, commercial organizations, and academic institutions.
The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.