The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.

RECENT HEADLINES:

Cloud Computing:

Navy Looks to Float ‘Tactical Cloud’ - Enterprise Tech

As government agencies edge closer to cloud adoption, one of the military services is attempting to take a more proactive approach to leveraging cloud technology to deliver tactical applications needed to handle growing volumes of sensor and targeting data in real time.

Cisco Aggressively Works With Red Hat to Make Cloud Computing Services Cheaper - Great Responder

The partnership between two giants to make cloud computing services cheaper would unleash the power of Internet of Things (IoT).

Cyberwarfare:

iOS Phone Phlaw Can Unmask Anonymous Users on Social Media - The Register

Apple iThing users can be identified, images of their faces captured and their phones forced to call numbers – all thanks to coding schemes affecting Facebook, Google, and Twitter, among other sites and services, security researchers say.

NATO Nations ‘Will Respond To A Cyber Attack On One As Though It Were On All’ - The Register

NATO is set to agree a new cyber defence policy that would mean any severe cyber attack on a NATO member could be considered tantamount to a traditional military attack and invoke the alliance's collective defence provisions.

Data Security:

Five Million Gmail Addresses and Passwords Dumped Online - Network World

An archive containing nearly 5 million Gmail addresses and plain text passwords was posted Tuesday on an online forum, but the data is old and likely sourced from multiple data breaches according to one security firm.

Hackers Make Drive-by Download Attacks Stealthier with Fileless Infections - Network World

Cybercriminals are increasingly infecting computers with malware that resides only in memory in order to make their attacks harder to detect.

Mining, Logistics, Utilities Least Ready to Face Threats - Zdnet

What do the mining industry, logistics, and utilities have in common, apart from being vital to Australia's modern industrial economy? They're the sectors with the least well-developed understanding of managing IT security risk as part of a broader operational and technology risk management process.

Computers for Hire Send JPMorgan Data to Russia - Bloomberg

JPMorgan Chase & Co.’s own investigators have found clues that a global network of computers available for hire by sophisticated criminals was used to reroute data stolen from the bank to a major Russian city, according to people familiar with the probe.

Cybersecurity is a Severe and Growing Challenge for Government Contractors - Forbes

Government contractors are attractive targets for cyber attacks because the U.S. federal government – the largest producer, collector, consumer, and disseminator of data in the world – entrusts sensitive information to these private companies. This includes everything from national security secrets, to information on the nation’s military and critical infrastructure, to the personal information of all U.S. citizens and residents.

Healthcare Security:

Understanding the NIST Cybersecurity Framework in Healthcare - Health IT Security

The Community Health Systems, Inc. breach involving 4.5 million patient records is part of an alarming trend in healthcare.

Mobile Security:

Verizon Failed to Tell 2 Million People It Was Using Their Personal Info for Marketing - Washington Post

Verizon has agreed to pay a $7.4 million penalty after the company failed to tell 2 million customers they could opt out of having their personal information used for marketing purposes, according to federal regulators.

Network Security:

Syrian Malware Team Makes Use of Enhanced BlackWorm RAT - SC Magazine

A hacking group, believed to have ties to the Syrian Electronic Army (SEA), has made use of an enhanced version of BlackWorm, a remote access trojan (RAT) used to infiltrate organizations.

Michael Daniel: Cybersecurity’s Many Moving Parts - Federal Times

Michael Daniel was a long-time national security budget official at the Office of Management and Budget before being tapped in 2012 to oversee the interagency development and implementation of national cybersecurity strategy and policy, leading to President Obama's 2013 milestone signing of Executive Order 13636, entitled "Improving Critical Infrastructure Cybersecurity."

Public Sector:

Former HHS Cybersecurity Head Guilty of Child Porn Charges - NextGov

Timothy DeFoggi, the former acting director of cyber security for the Department of Health and Human Services, was convicted of three charges of viewing and promoting child pornography.

The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.