The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.
CSIAC Webinar, Tuesday, Dec 17th @ 12:00 EST: Publishing Domain Specific Source Code for Reuse and Maintenance - CSIAC
This webinar focuses on enabling better reuse for specific domains. First reuse is defined; and the essential means to support it are identified That leads to a discussion of an example website and repository, configured, and currently under construction, to support developer's code reuse within a specific domain.
Tags: Reuse, Source Code, Webinar
FBI Classifies FaceApp as Counterintelligence Threat, Citing Ties to Russian Intelligence - The Hill
The FBI has classified FaceApp as a counterintelligence threat due to its ties to Russia, with the FBI emphasizing that it will take action if it assesses the face-editing app is involved in election interference efforts.
Tags: Mobile Security, Russia
Can a $10M Pentagon Project Enhance AI Cyber Operations? - Fifth Domain
A new agreement between a civilian government agency and the private sector will assist the Department of Defense's Joint Artificial Intelligence Center in "further enhancing cyber operations," according to a new release.
Tags: AI, JIAC, Pentagon
DHS Chooses Bryan Ware, Former AI Entrepreneur, as Assistant Director for Cybersecurity - Cyberscoop
Department of Homeland Security officials have selected Bryan S. Ware, a tech-savvy entrepreneur and holder of multiple patents, to be the department's most senior official focused exclusively on cybersecurity, according to multiple people familiar with the matter.
Tags: Department of Homeland Security (DHS), Director of Cybersecurity
A draft directive would require civilian agencies to find and fix network vulnerabilities spotted by public security researchers.
Tags: Department of Homeland Security (DHS), Information Sharing, Vulnerability Disclosure Program
Public SSH Keys can Leak your Private Infrastructure - Rushter Blog
This article describes a minor security flaw in the SSH authentication protocol that can lead to unexpected private infrastructure disclosure. It also provides a PoC written in Python.
Tags: Secure Shell (SSH)
A class action lawsuit in the US claims the popular video-sharing app comes pre-installed with "Chinese surveillance software" that violates privacy, data and consumer protection laws.
Tags: China, Spyware, TikTok
Malicious Python Package Available in PyPI Repo for a Year - Bleeping Computer
Two malicious versions of two Python packages were introduced in the Python Package Index (PyPI) with the purpose of stealing SSH and GPG keys from Python developers' projects.
Tags: Python, Python-PIP, Vulnerability
Evil Corp Hackers Charged For Stealing Over $100 Million - Bleeping Computer
The U.S. Department of Justice (DoJ) charged Russian citizens Maksim V. Yakubets and Igor Turashev for deploying the Dridex malware (aka Bugat and Cridex), and for their involvement in international bank fraud and computer hacking schemes.
Tags: Cyber Crime, Dridex, Malware
Scammers Dupe Chinese Venture Capitalists Out of $1 Million With the ‘Ultimate’ BEC Heist - Cyber Scoop
Scammers fleeced a Chinese venture capital firm out of a $1 million payment meant for a startup by using malicious emails to steal the cash, according to new findings from Check Point Technologies.
CSIAC supports several communities of practice, such as the Cyber Community of Interest (COI) Group and research & development working groups.
This list of related sites provides additional sources to pursue the topic of Cybersecurity. The sites include Government organizations, including federal agencies, Department of Defense and military service agencies, commercial organizations, and academic institutions.
The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.