The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.
Global Advance Of ADS-B - Aviation Week
In the not-too-distant future, it will be possible to fly anywhere over the planet in an Automatic Dependent Surveillance-Broadcast environment affording benefits equally to flight crews, operators and air traffic controllers.
DARPA on the Hunt for ‘Early Warning’ Cyberattack Detection Technology - Fierce Government IT
The Defense Advanced Research Projects Agency will bring together potential proposers on Dec. 14 to give industry more information on its cyber threat monitoring needs in advance of forthcoming solicitations under a broad agency announcement known as the Rapid Attack Detection, Isolation and Characterization, or RADICS, program.
A Republican-backed bill overhauling federal energy policy that passed the House on Thursday includes several significant provisions aimed at defending the nation's power supply against cyberattacks.
The Department of Homeland Security (DHS) is peppering U.S. businesses - mostly banks and energy firms with cyberattacks to test their digital defenses. The little-known program, offered to companies free of charge, is part of an ongoing effort to help critical infrastructure companies bolster their cybersecurity.
As the threat posed by terrorists and criminal groups continue to go grow in the cyber realm, the Department of Defense is expanding its cyber forces to deal with emerging threats.
A Russia-linked cyber espionage group has been using new tools in attacks against defense contractors and other high profile targets, Kaspersky Lab reported.
The Air Force is finalizing a $49.5 million plan to hire private sector coders who, by developing software, can sabotage adversary computer systems and thwart incoming hack attacks.
Australian Government Hit by Massive Cyber Attack - E-Security Planet
A major cyber attack on Australia's Bureau of Meteorology (BoM) recently compromised sensitive computer systems throughout the country's Federal Government, the Australian Broadcasting Corporation reports.
Of the $3 billion the Air Force Space Command spent last fiscal year on cybersecurity, not a single penny went to defending software vulnerabilities in weapons systems that Pentagon officials have said are at great risk.
OPM Creates Verification Center for Breach Victims who Haven’t Received Notification Yet - Fierce Government IT
The Office of Personnel Management announced Tuesday the establishment of a verification center for victims of the recent data breaches on its systems discovered this summer.
China arrested hackers it says were responsible for OPM breach in September.
The LinkedIn request seemed ordinary enough. A technology journalist named "Jenifer Lawrence" had asked to connect to me. I clicked OK without thinking. Then I took a closer look at her profile.
A gigantic botnet has been hiding in the shadows since 2006, and security researchers at Fox-IT are estimating that the botnet that currently has around 500,000 active bots has infected around 15 million machines during the last nine years.
CERT/CC sounded the alarm on users of the Cardio Server ECG Management System, a broad-scope healthcare data management system used in many medical units, from small clinics to large city hospitals.
Hacker-Friendly Search Engine that Lists Every Internet-Connected Device - The Hacker News
At the end of last month, security researchers from SEC Consult found that the lazy manufacturers of home routers and Internet of Things (IoT) devices have been re-using the same set of hard-coded cryptographic keys, leaving around 3 millions of IoT devices open to mass hijacking.
Lawmakers have resurrected legislation that would require tech companies to report online terrorist activity following the mass shooting in San Bernardino last week.
French authorities are considering a new law that would ban Tor and restrict access to public WiFi networks across the country, as a result of the ISIS attacks in Paris.
A proposed law meant to encourage companies to share information about cyberthreats with the U.S. government includes measures that could significantly limit what details, if any, the public can review about the program through federal and state public records laws.
A new Trojan is stealing information from Android devices after gaining root access on them by using a commercial root tool and is affecting users around the world, researchers at Palo Alto Networks warn.
Unpatched Flaws Allow Hackers to Compromise Belkin Routers - Security Week
A researcher has published the details and proof-of-concept (PoC) code for several unpatched vulnerabilities affecting Belkin's N150 wireless home routers.
Popular Mobile Modems Plagued by Zero-Day Flaws - Security Week
Researchers have conducted an analysis of popular mobile broadband modems and routers from various vendors and discovered that the devices are plagued by serious vulnerabilities that can be leveraged in malicious attacks.
The grant comes after IBM made a big breakthrough in correcting errors that come in the quantum computing process.
Critical Flaw Found in AVG, McAfee, Kaspersky Products - Security Week
A serious vulnerability found in several security products could have been exploited by malicious actors to bypass Windows protection features, data exfiltration prevention firm enSilo reported.
Microsoft Warns of Imminent end of Support for all but the Latest Internet Explorer Versions - Net-Security
Windows users who still prefer Internet Explorer to all other browsers have been urged by Microsoft to update to the latest (and last) version of the browser (v11), as the company plans to end support for all previous versions in January.
The CSIAC has produced a short follow-up on recent cybersecurity headlines. Recent advances and speculation in Quantum Computing have created many questions. A look at the NSA's Suite B cryptographic algorithms resource provides a sound reference for understanding the current state of the industry. However, scientific breakthroughs continue to be a driving force in the Quantum Computing realm.
Air University Update - CSIAC
This podcast is an update to previously popular CS Digest articles on Air University's cyber curriculum. Topics cover how this new cyber curriculum assists the Air Force in achieving many of their newly announced immediate and long-term mission goals. Additionally, Lt. General Steven Kwast speaks on a panel that provides additional insight for education and training objectives for future Airmen as leaders.
The Pentagon has quietly put out a call for vendors to bid on a contract to develop, execute and manage its new cyber weaponry and defense program.
Analytics code deeply hidden in popular Google Chrome extensions is being used to track users across the Web, in different browser tabs, and without user consent.
Samy Kamkar, the inventor of numerous hacking tools, has created another mind-blowing device, one that can accurately read and predict credit card numbers, and bypass chip & PIN safeguards embedded within modern cards.
The Cyber COI engages in multiple activities and forums for coordinating cyber S&T strategies, sharing innovative ideas and technical approaches, promoting technology transfer and upcoming business opportunities, and in jointly planning programs across the Department of Defense and other government agencies. Membership is based upon approval by the Cyber COI group administrator.
The Cyber Shield Newsletter - New Mexico Counterintelligence Working Group (NMCIWG)
The Cyber Shield is a Cyber Newsletter for Counterintelligence, IT and Security Professionals associated with DoD and USG agencies. There are no distribution constraints. If you would like to subscribe, please contact Paul Losiewicz at email@example.com
The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.