The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.
This webinar will give a brief overview of the core ideas and discuss the basic principles behind the benefits of adopting DevOps. Following discussion of the basic ideas and principles, the foundational architectural concepts and the components that underlie existing tools will be discussed. Architectural concepts and tools including Cloud services/ecosystems, multilevel virtualization as used by Container microservices/orchestration tools, and interesting new .Net based software development technologies (such as .Net Core) are among those that will be covered.
Tags: .NET Core, Container Environment, DevOps, Orchestration Tools
Their victims have less than a half-hour before an initial breach becomes wider data theft or destruction.
Chinese and Iranian Hackers Renew Their Attacks on U.S. Companies - The New York Times
Businesses and government agencies in the United States have been targeted in aggressive attacks by Iranian and Chinese hackers who security experts believe have been energized by President Trump's withdrawal from the Iran nuclear deal last year and his trade conflicts with China.
Tags: cyberattack, Cyberwarfare
Exploit Code Published for Recent Container Escape Vulnerability - Security Week
Proof-of-concept (PoC) code is now publicly available for a recently disclosed container escape vulnerability impacting popular cloud platforms, including AWS, Google Cloud, and numerous Linux distributions.
Tags: Cloud Computing, Container Environment, Exploit
A Deep Dive on the Recent Widespread DNS Hijacking Attacks - KrebsonSecurity
The U.S. government - along with a number of leading security companies - recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy.
Tags: cyberattack, Cyberwarfare, Domain Name System (DNS)
The Scarlet Widow Gang Entraps Victims Using Romance Scams - Bleeping Computer
We often hear about sextortion, business email compromise (BEC), and inheritance scams, but the often overlooked "Romance Scams" could be the most insidious of them all. Not only do victims lose money, but the emotional entanglement ultimately leads to heartbreak.
Tags: Catfishing, Romance Scam, Scarlet Widow
Ransomware Attacks Target MSPs to Mass-Infect Customers - Bleeping Computer
Ransomware distributors have started to target managed service providers (MSPs) in order to mass-infect all of their clients in a single attack. Recent reports indicate that multiple MSPs have been hacked recently, which has led to hundreds, if not thousands, of clients being infected with the GandCrab Ransomware.
Tags: GrandCrab, Managed Service Providers, Ransomware
Trump To Feds: Prioritize Artificial Intelligence Work - Defense One
A sweeping executive order to be signed Monday will push agencies to boost funding, improve training, and propose regulations for AI-related efforts.
Tags: Artificial Intelligence (AI)
Windows App Caught Running on Mac, Installing Malware - Security Week
Why it’s Time to Make Cybersecurity a National Priority - Fifth Domain
Federal agencies possess the right combination of knowledge, capabilities and technologies to allow for the creation of a strong cyber defense system that is the gold standard for the world. We have the chance to create successful cybersecurity programs that can be used both across the government and by industry. Like Armstrong, we can plant a flag that claims our leadership in this area. To get there, we must make cybersecurity a national priority.
Tags: Cyberwarfare, National Priority
Congress has a new rising target when it comes to cyber: The Pentagon. The U.S. military last year was given the green light to start offensive cyber operations against foreign adversaries, an area that one new Democratic subcommittee chair says he will keep a close eye on in the coming months.
Tags: cyberattack, Offensive Operations, Pentagon
China and Russia are developing lasers and a host of other anti-satellite weapons, according to a new Defense Intelligence Agency report that fleshes out concerns that Pentagon leaders have been highlighting for years.
Tags: Cyberwarfare, Satellites
New Backdoor Targets Linux Servers - Security Week
A new backdoor is targeting Linux servers in East Asia and Latin America, including Amazon Web Services (AWS) hosted machines, Check Point security researchers say.
Digital-asset exchange Quadriga CX has a $200 million problem with no obvious solution -- just the latest cautionary tale in the unregulated world of cryptocurrencies.
A lack of tough cyber operators to play the role of adversary is leaving U.S. cyber defenders unprepared for today's real-world threats, according to the Pentagon's Office of the Director of Operational Test & Evaluation.
CSIAC supports several communities of practice, such as the Cyber Community of Interest (COI) Group and research & development working groups.
This list of related sites provides additional sources to pursue the topic of Cybersecurity. The sites include Government organizations, including federal agencies, Department of Defense and military service agencies, commercial organizations, and academic institutions.
The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.