The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.
The CSIAC Podcast – CS Digest Roundtable #1: Emotet Trojan, Cryptojacking, and User Data Exposure - CSIAC
This is the first CS Digest show of the CSIAC Podcast. In today's show we here at the CSIAC take the most important articles in a past CS Digest and discuss the articles' importance in the world of technology and cyber security.
Free CSIAC Webinar Wednesday Apr 25 @ 12:00 pm EDT – Cybersecurity of DoD Critical Infrastructure - CSIAC
The substantial cyber threat to the nation’s Critical Infrastructure is the context for this discussion on DoD policy concerns and current R&D efforts. Topics will include Weasel Board being developed at Sandia National Laboratory, More Situational Awareness for Industrial Control Systems (MOSAICS), sponsored by PACOM and NORTHCOM, and recent policy concerns relating to cyber security and Utilities Privatization of Critical Infrastructure. This webinar will also report the results of a panel discussion from the DHS Industrial Control System Joint Working Group (ICSJWG) meeting April 9-11 at Albuquerque NM.
Google is Pursuing the Pentagon’s Giant Cloud Contract Quietly, Fearing An Employee Revolt - Defense One
A fierce internal debate may undermine the company's bid for the JEDI program.
A new tool will enable grid operators to better detect not only a brutal physical attack, but also a hacker probing for vulnerabilities.
The City of Atlanta's 8,000 employees got the word on Tuesday that they had been waiting for: It was O.K. to turn their computers on. But as the city government's desktops, hard drives and printers flickered back to life for the first time in five days, residents still could not pay their traffic tickets or water bills online, or report potholes or graffiti on a city website. Travelers at the world's busiest airport still could not use the free Wi-Fi.
A pioneering fingerprint technique used to convict a drugs gang from a WhatsApp message "is the future" of how police approach evidence to catch criminals.
The Russian military has been jamming some U.S. military drones operating in the skies over Syria, seriously affecting American military operations, according to four U.S. officials.
Researchers Create Malware That Steals Data via Power Lines - Bleeping Computer
A team of academics has successfully developed and tested malware that can exfiltrate data from air-gapped computers via power lines. The team - from the Ben-Gurion University of the Negev in Israel- named their data exfiltration technique PowerHammer.
P.F. Chang's Rewards website contained a serious flaw dealing with 2 APIs - a "conductor" API to retrieve Rewards member records and "Soil" API giving access to restaurant location data and mostly public information.
Windows Servers Targeted for Cryptocurrency Mining via IIS Flaw - Bleeping Computer
Hackers are leveraging an IIS 6.0 vulnerability to take over Windows servers and install a malware strain that mines the Electroneum cryptocurrency.
The Federal Communications Commission on Thursday approved an application by Elon Musk's SpaceX, allowing the aerospace company to provide broadband services using satellites in the U.S. and worldwide.
U.S. lawmakers demonstrated an increased appetite for regulating technology giants when they grilled Facebook chief executive Mark Zuckerberg about privacy last week. But the future of Facebook's relationship with its 2 billion users is less likely to be determined from the halls of Congress than it is from an unassuming 18th-century townhouse in Ireland’s capital packed with lawyers, technology experts and gumshoe investigators.
US Congress Passes CLOUD Act Hidden in Budget Spending Bill - Bleeping Computer
The United States Congress passed late last night a $1.3 trillion budget spending bill that also contained a piece of legislation that allows internal and foreign law enforcement access to user data stored online without a search warrant or probable cause.
The U.S. Department of Commerce has banned American companies from selling components to leading Chinese telecom equipment maker ZTE Corp for seven years for violating the terms of a sanctions violation case, U.S. officials said on Monday.
Hackers pushing nation-state-style surveillance malware recently scored a major coup by getting three advanced malicious applications hosted in Google's official Play marketplace, researchers said. Google removed the apps after receiving notification of their presence.
US, UK Accuse Russia of Hacking Home Routers and ISPs to Conduct MitM Attacks - Bleeping Computer
A joint alert issued by the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and the United Kingdom's National Cyber Security Centre (NCSC) warns that Russian state-sponsored cyber actors are actively targeting home and enterprise routers.
Microsoft’s Windows 7 Meltdown Patch Created ‘Worse’ Flaw - Naked Security
Microsoft's updates for the Meltdown microprocessor mega-flaw inadvertently left users running Windows 7 64-bit systems open to a "way worse" flaw, a researcher has claimed.
CSIAC supports several communities of practice, such as the Cyber Community of Interest (COI) Group and research & development working groups.
This list of related sites provides additional sources to pursue the topic of Cybersecurity. The sites include Government organizations, including federal agencies, Department of Defense and military service agencies, commercial organizations, and academic institutions.
The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.