The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.
CSIAC ANNOUNCEMENTS:
In Case You Missed It: CSIAC Webinar – STIR SHAKE’N SIP to Stop Robocalling - CSIAC
In this webinar Daksha Bhasker will provide an overview of the problem at hand, walk through the STIR/SHAKEN architecture, its components, and discuss security architecture considerations that will bolster the implementation. As international regulatory bodies move towards driving security measures against robocalling, this webinar will enable security professionals partner with voice engineering and operations teams where implementation maybe upcoming, be able to partner and support work underway by their telephony providers and be able to ask their suppliers and vendors pertinent security questions that will enable secure architectures and implementation of STIR/SHAKEN.
Tags: Robocall, STIR/SHAKEN Architecture
RECENT HEADLINES:
Inside the West’s Failed Fight Against China’s ‘Cloud Hopper’ Hackers - Reuters
Eight of the world's biggest technology service providers were hacked by Chinese cyber spies in an elaborate and years-long invasion, Reuters found. The invasion exploited weaknesses in those companies, their customers, and the Western system of technological defense.
Tags: Cyberwarfare, Navy Contractors
FBI, ICE Plunder DMV Driver Database ‘Gold Mine’ for Facial Recognition Scans - ZDNet
The Federal Bureau of Investigation (FBI) and Immigration and Customs Enforcement (ICE) are exploiting state DMV records for facial recognition data without the knowledge or permission of drivers.
Tags: Artificial Intelligence (AI), Facial Recognition, Machine Learning (ML)
Coast Guard Calls for Ships to Update Their Systems After Malware Attack - The Hill
The U.S. Coast Guard recommended on Monday that ships update their cybersecurity in the wake of a malware attack on a "deep draft vessel" in February that "significantly degraded" its computer system.
Tags: Coast Guard, Deep Draft Vessel, Malware
Mac Malware Pushed via Google Search Results, Masquerades as Flash Installer - Threat Post
A new malware is targeting Macs with new tactics to sniff out antivirus and virtual machines.
Tags: Google Search, Mac OS, Trojan
British Airways Hit With 183M Pound GDPR Fine – Could Your Business Be Next? - Tech Republic
British Airways is facing a 183.39 million Pound (about $229.72 million USD) fine for failure to comply with the EU's General Data Protection Regulation (GDPR) - the largest such fine levied so far.
Tags: British Airways, Data Privacy, General Data Protection Regulation (GDPR)
Amazon Confirms It Keeps Alexa Transcripts You Can’t Delete - Gizmodo
Next time you use Amazon Alexa to message a friend or order a pizza, know that the record could be stored indefinitely, even if you ask to delete it.
Tags: Amazon Alexa, Data Privacy
DOD’s Artificial Intelligence Center Wants Pitches From Industry This Fall - Fedscoop
The Department of Defense's Joint Artificial Intelligence Center will take pitches on a range of cybersecurity and AI-related initiatives from select private sector companies in the coming months.
Tags: Artificial Intelligence (AI), Department of Defense
More Than 1,000 Android Apps Harvest Data Even After You Deny Permissions - CNET
The apps gather information such as location, even after owners explicitly say no. Google says a fix won't come until Android Q.
Tags: Data Privacy, Mobile Security
OMB Issues Guidance on NARA’s Transition to Electronic Record Keeping - Fedscoop
The National Archives and Records Administration (NARA) is set to stop accepting paper-based records at the end of 2022, and the White House Office of Management and Budget has a new guidance out to help agencies meet this deadline.
Tags: Guidance, NARA, OMB
Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers - KrebsonSecurity
It might be difficult to fathom how this isn't already mandatory, but Microsoft Corp. says it will soon force all Cloud Solution Providers (CSPs) that help companies manage their Office365 accounts to use multi-factor authentication. The move comes amid a noticeable uptick in phishing and malware attacks targeting CSP employees and contractors.
Tags: Microsoft Azure, Multifactor Authentication
Microsoft Issues Warning For 50M Windows 10 Users - Forbes
Windows 10 continues to be a danger zone. Not only have problems been piling up in recent weeks, Microsoft has also been worryingly deceptive about the operation of key services. And now the company has warned millions about another problem.
Tags: Microsoft, VPN, WIndows 10
US Cyber Command Issues Alert About Hackers Exploiting Outlook Vulnerability - ZDNet
US Cyber Command has issued an alert via Twitter today about threat actors abusing an Outlook vulnerability to plant malware on government networks.
Tags: Microsoft, Outlook, US Cyber Command
CSIAC Supported Communities
CSIAC supports several communities of practice, such as the Cyber Community of Interest (COI) Group and research & development working groups.
Technical Resources, Policy and Guidance
This list of related sites provides additional sources to pursue the topic of Cybersecurity. The sites include Government organizations, including federal agencies, Department of Defense and military service agencies, commercial organizations, and academic institutions.
The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.
Leave a Comment
You must be logged in to post a comment.