The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.
Popular cloud storage services such as Google Drive and Dropbox can be abused by malicious actors in what experts call "Man-in-the-Cloud" (MITC) attacks.
Researchers at Black Hat USA have disclosed critical SCADA/ICS vulnerabilities in switches actively used in industrial control management systems, such as substations, factories, refineries, ports, and other areas of industrial automation.
Tags: Critical Infrastructure Protection (CIP)
A group of China-linked hackers that has mowed through the databanks of major American health insurers and stolen personnel records of U.S. military and intelligence agencies has struck at the heart of the nation's air-travel system, say people familiar with investigations of the attacks.
U.S. Suspects Russia in Hack of Pentagon Computer Network - Washington Post
U.S. military officials said Thursday that they suspect Russian hackers infiltrated an unclassified Pentagon e-mail system used by employees of the Joint Chiefs of Staff, the latest in a series of state-sponsored attacks on sensitive U.S. government computer networks.
A key military email system remains offline, one week after a cyberattack that one Defense Department official described as "serious."
Fake “Windows 10 Free Upgrade” Emails Deliver Ransomware - Net-Security
Cisco's Talos Group has spotted an email campaign impersonating Microsoft, offering potential victims an attachment that is supposedly a Windows 10 installer.
Just How Deep is the HPC, Hadoop Chasm? - The Platform
The basic assumption is that if powerful high performance computing hardware can be harnessed to pull Hadoop and MapReduce workloads, it might do so at far greater speed-opening the door for far faster analytics.
Gone in Less Than a Second - Threat Post
Kamkar has built a new device that is about the size of a wallet and can intercept the codes used to unlock most cars and many garage doors.
More Sophisticated, Autonomous Unmanned Aircraft on the Horizon - National Defense Magazine
In the future, unmanned aerial systems will hold even more utility as they become faster, stealthier and more autonomous, experts said. At the same time, they will become more accessible to foreign countries and terrorist groups around the world.
Tags: Autonomy and Autonomous Systems
Senate Majority Whip John Cornyn (R-Texas) on Tuesday said the upper chamber is unlikely to move on a stalled cybersecurity bill before the August recess.
Check Point's mobile security research team discovered a vulnerability in Android that affects phones, tablets and devices made by major manufacturers including LG, Samsung, HTC and ZTE. The team disclosed its findings during a briefing session at Black Hat USA 2015.
During this year's Black Hat USA 2015 conference in Las Vegas, Secunia, a leading provider of IT security solutions, has released a report detailing security vulnerability trends for the first seven months of 2015.
Hacking Team compromised non-jailbroken iOS devices using a variant of last year's Masque Attack, in which Apple devices were infected via emails and text messages.
Google and its main Android partners have vowed to fix the haphazard approach to patching the world's most widely used mobile OS.
Corporate Networks can be Compromised via Windows Updates - Net-Security
Researchers from UK-based Context Information Security demonstrated how Windows Update can be abused for internal attacks on corporate networks by exploiting insecurely configured enterprise implementations of Windows Server Update Services (WSUS).
US Attorney Ed McAndrew recently spoke to CSO Online and offered some unique insight into the federal side of incident response and what organizations can to do better prepare for law enforcement involvement.
The White House wants to establish strict, consistent rules for how government contractors should lock down sensitive data.
The DOD will renew its contract with the SoftwareEngineering Institute for five more years, with the option of extending to 10.
Business Needs to Prioritise Cyberattack Detection, says Cisco - Computer Weekly
Early detection of malicious activity is a top priority to defend against cyber attacks by highly motivated threat actors, says Cisco's latest security report.
Pentagon Unclassified Email System Down - Military Times
Officials are working to determine the cybersecurity risks that may have affected an unclassified email system at the Pentagon.
A team of researchers claim to have developed secure, quantum computing-proof encryption that can be practically implemented today.
Design Flaw in Intel Processors Opens Door to Rootkits - Network World
A design flaw in the x86 processor architecture dating back almost two decades could allow attackers to install a rootkit in the low-level firmware of computers.
Two researchers have found that several known vulnerabilities affecting the firmware of all the top PC makers can also hit the firmware of MACs.
The Cyber COI engages in multiple activities and forums for coordinating cyber S&T strategies, sharing innovative ideas and technical approaches, promoting technology transfer and upcoming business opportunities, and in jointly planning programs across the Department of Defense and other government agencies. Membership is based upon approval by the Cyber COI group administrator.
The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.