• Home
  • Resources
    • Find Resources by Topic Tags
    • Cybersecurity Policy Chart
    • CSIAC Reports
    • Webinars
    • Podcasts
    • Cybersecurity Digest
    • Standards & Reference Docs
    • Journals
    • Certifications
    • Acronym DB
    • Cybersecurity Related Websites
  • Services
    • Free Technical Inquiry
    • Core Analysis Task (CAT) Program
    • Subject Matter Expert (SME) Network
    • Training
    • Contact Us
  • Community
    • Upcoming Events
    • Cybersecurity
    • Modeling & Simulation
    • Knowledge Management
    • Software Engineering
    • Cyber COI
  • About
    • About the CSIAC
    • The CSIAC Team
    • Subject Matter Expert (SME) Support
    • DTIC’s IAC Program
    • DTIC’s R&E Gateway
    • DTIC STI Program
    • FAQs
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Login / Register

CSIAC

Cyber Security and Information Systems Information Analysis Center

  • Resources
    • Find Resources by Topic Tags
    • Cybersecurity Policy Chart
    • CSIAC Reports
    • Webinars
    • Podcasts
    • Cybersecurity Digest
    • Standards & Reference Docs
    • Journals
    • Certifications
    • Acronym DB
    • Cybersecurity Websites
  • Services
    • Free Technical Inquiry
    • Core Analysis Task (CAT) Program
    • Subject Matter Expert (SME) Network
    • Training
    • Contact
  • Community
    • Upcoming Events
    • Cybersecurity
    • Modeling & Simulation
    • Knowledge Management
    • Software Engineering
    • Cyber COI
  • About
    • About the CSIAC
    • The CSIAC Team
    • Subject Matter Expert (SME) Support
    • DTIC’s IAC Program
    • DTIC’s R&E Gateway
    • DTIC STI Program
    • FAQs
  • Cybersecurity
  • Modeling & Simulation
  • Knowledge Management
  • Software Engineering
  • Cyber COI
/ CS Digests / 20 Mar 2018

CS Digest: 20 Mar 2018

Posted: 03/20/2018 | Leave a Comment

The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.

CSIAC ANNOUNCEMENTS:

Reminder: Free CSIAC Webinar Thursday Mar 22 @ 12:00 pm EDT – Autonomic Cyber Security (ACS) - CSIAC

This webinar will provide an overview of cutting-edge research efforts being conducted at the University of Arizona’s National Science Foundation (NSF) Cloud and Autonomic Computing Center (CAC) along with one of their affiliate members, AVIRTEK Inc.

New Cyber Awareness Videos – Theme: Critical Infrastructure - CSIAC

CSIAC announces the releases of 3 new Cyber Awareness videos: Challenges to Critical Infrastructure, Emerging Concepts to Critical Infrastructure, and Cyber Physical Security!

RECENT HEADLINES:

Critical Infrastructure:

Cyberattacks Put Russian Fingers on the Switch at Power Plants, U.S. Says - NY Times

The Trump administration accused Russia on Thursday of engineering a series of cyberattacks that targeted American and European nuclear power plants and water and electric systems, and could have sabotaged or shut power plants off at will.

Cyberwarfare:

Trump Administration Sanctions Russians for 2016 Election Interference, Other Cyber Attacks - ABC News

The Trump administration on Thursday imposed fresh sanctions on Russian government hackers and spy agencies to punish Moscow for interfering in the 2016 presidential election and for a cyberattack against Ukraine and other countries last year that officials have characterized as "the most destructive and costly" in history.

Chinese Intelligence Agencies Are Doctoring the Country’s Vulnerability Database - Bleeping Computer

Chinese intelligence agencies are doctoring the Chinese National Vulnerabilities Database (CNNVD) to hide security flaws that government hackers might have an interest in, according to a report released on Friday by US threat intelligence firm Recorded Future.

Data Security:

Cambridge Analytica Took 50M Facebook Users’ Data – And Both Companies Owe Answers - Wired

Cambridge Analytica, a data analysis firm that worked on President Trump's 2016 campaign, and its related company, Strategic Communications Laboratories, pilfered data on 50 million Facebook users and secretly kept it, according to two reports in The New York Times and The Guardian. The apparent misuse of Facebook data-and the social media giant's failure to police it-leave both companies with plenty still to answer for.

Machine Learning and Artificial Intelligence:

Police Say Uber Is Likely Not at Fault for Its Self-Driving Car Fatality in Arizona - Fortune

The police chief of Tempe, Arizona, where a woman was struck and killed by one of Uber's self-driving cars Sunday, says the ride-sharing company is likely not at fault for the accident, following a preliminary investigation.

Microsoft Announces Breakthrough in Chinese-to-English Machine Translation - TechCrunch

A team of Microsoft researchers announced on Wednesday they've created the first machine translation system that's capable of translating news articles from Chinese to English with the same accuracy as a person. The company says it's tested the system repeatedly on a sample of around 2,000 sentences from various online newspapers, comparing the result to a person's translation in the process - and even hiring outside bilingual language consultants to further verify the machine's accuracy.

Mobile Security:

Calendar 2 Made $2K in 3 Days Mining Cryptocurrency, but Apple Says it Violated Mac App Store Guidelines - 9to5 Mac

"Yesterday, we reported on a macOS app called Calendar 2 that seemingly added cryptocurrency mining as an alternative to paying for premium features. At the time, the app's developers, Qbix, had made the decision to remove the feature from the app. The company now tells us, however, that Apple ended up pulling the app from the Mac App Store for violating its guidelines..."

Network Security:

MOSQUITO Attack Allows to Exfiltrates Data From Air-Gapped Computers Via Leverage Connected Speakers - Security Affairs

MOSQUITO is new technique devised by a team of researchers at Israel's Ben Gurion University, led by the expert Mordechai Guri, to exfiltrate data from an air-gapped network.

Cavalry Riding to the Rescue of DDoS-deluged Memcached Users - The Register

DDoS attacks taking advantage of ill-advised use of memcached have begun to decline, either because sysadmins are securing the process, or because people are using a potentially-troublesome "kill switch."

Potent Malware That Hid for Six Years Spread Through Routers - ArsTechnica

Researchers have discovered malware so stealthy it remained hidden for six years despite infecting at least 100 computers worldwide.

Private Sector:

Chinese Hackers Hit U.S. Firms Linked to South China Sea Dispute - Bloomberg

Chinese hackers have launched a wave of attacks on mainly U.S. engineering and defense companies linked to the disputed South China Sea, the cybersecurity firm FireEye Inc. said.

Software Security:

AMD Flaws Pose No Immediate Risk of Exploitation, Says Independent Reviewer - Bleeping Computer

A third-party company that was paid to review the validity of the recent AMD flaws -RyzenFall, MasterKey, Fallout, and Chimera- has confirmed that these vulnerabilities are real, but that regular users shouldn't panic for the time being.

Intel Announces Hardware Fixes for Spectre and Meltdown on Upcoming Chips - TechCrunch

When the Spectre and Meltdown bugs hit, it became clear that they wouldn't be fixed with a few quick patches - the problem runs deeper than that. Fortunately, Intel has had plenty of time to work on it, and new chips coming out later this year will include improvements at the hardware/architecture level that protect against the flaws. Well, two out of three, anyway.

CSIAC Supported Communities

CSIAC supports several communities of practice, such as the Cyber Community of Interest (COI) Group and research & development working groups.

Technical Resources, Policy and Guidance

This list of related sites provides additional sources to pursue the topic of Cybersecurity. The sites include Government organizations, including federal agencies, Department of Defense and military service agencies, commercial organizations, and academic institutions.


The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.

« 06 Mar 2018
03 Apr 2018 »

Reader Interactions

Leave a Comment Cancel

You must be logged in to post a comment.

sidebar

Blog Sidebar

Featured Content

The DoD Cybersecurity Policy Chart

The DoD Cybersecurity Policy Chart

This chart captures the tremendous breadth of applicable policies, some of which many cybersecurity professionals may not even be aware, in a helpful organizational scheme.

View the Policy Chart

Featured Subject Matter Expert (SME): Richard "Rick" Aldrich

CSIAC SME and member of the American Bar Association's Information Security Committee, Richard "Rick" Aldrich, gives updated snapshots of evolving developments in cyberlaw, policy, standards, court cases and industry legal frameworks. His latest work discusses cybersecurity issues of interest to security managers.

Read SME's Contributed Content

CSIAC Journal - Resilient Industrial Control Systems (ICS) & Cyber Physical Systems (CPS)

CSIAC Journal Cover Volume 7 Number 2

This edition of the CSIAC Journal focuses on the topic of cybersecurity of Cyber-Physical Systems (CPS), particularly those that make up Critical Infrastructure (CI).

Read the Journal

CSIAC Journal - Artificial Intelligence

CSIAC Journal Cover Volume 7 Number 1

This edition of the CSIAC Journal highlights three very different views of complex situations where AI might, should, and does intersect with our ability to use AI effectively.

Read the Journal

Recent Video Podcasts

  • Publishing Domain Specific Source Code for Reuse and Maintenance Series: CSIAC Webinars
  • 5 Best Practices for Software Security Series: The CSIAC Podcast
  • Authenticating Devices in Fog Multi-Access Computing Environments through a Wireless Grid Resource Sharing Protocol Series: The CSIAC Podcast
  • Machine-Learning Techniques to Protect Critical Infrastructure From Cybersecurity Incidents or Equipment Incidents Series: CSIAC Webinars
  • Cyber Deconflicted: Understanding the Layers of Cyberspace Series: CSIAC Webinars
View all Podcasts

Upcoming Events

Feb 12

DeveloperWeek SF Bay Area

February 12, 2020 - February 16, 2020
San Francisco CA
United States
Feb 23

BSidesSF

February 23, 2020 - February 24, 2020
San Francisco CA
United States
Feb 29

BSidesTampa

February 29, 2020
Tampa FL
United States
Jun 15

QCon New York

June 15, 2020 - June 19, 2020
New York City NY
United States
Jul 13

OSCON

July 13, 2020 - July 16, 2020
Portland OR
United States
View all Events

Recently Active Members

Profile picture of jrice
Profile picture of Thomas7219
Profile picture of Rvnth
Profile picture of cclassen@2u.com
Profile picture of Mimy
Profile picture of khunearylikethebird
Profile picture of jdbutt2b
Profile picture of anatoliaa
Profile picture of poornima
Profile picture of rr1315
Profile picture of Nedboro
Profile picture of Boomer42
Profile picture of Ty1906
Profile picture of StarlitDarkness
Profile picture of CSIACAdmin
Profile picture of gjohnson1968
Profile picture of femia.d.mcelveen
Profile picture of nmaida

Footer

CSIAC Products & Services

  • Free Technical Inquiry
  • Core Analysis Tasks (CATs)
  • Resources
  • Events Calendar
  • Frequently Asked Questions
  • Product Feedback Form

About CSIAC

The CSIAC is a DoD-sponsored Center of Excellence in the fields of Cybersecurity, Software Engineering, Modeling & Simulation, and Knowledge Management & Information Sharing.Learn More

Contact Us

Phone:800-214-7921
Email:info@csiac.org
Address:   266 Genesee St.
Utica, NY 13502
Send us a Message
USD(R&E) LogoUS Department of Defense LogoDoD IACs LogoDTIC LogoTEMS Logo

Copyright 2019, Quanterion Solutions Incorporated

Sitemap | Privacy Policy | Terms of Use | Accessibility Information

This website uses cookies to provide our services and to improve your experience. By using this site, you consent to the use of our cookies. To read more about the use of our site, please click "Read More". Otherwise, click "Dismiss" to hide this notice. Dismiss Read More
Privacy & Cookies Policy

Necessary Always Enabled