The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.

RECENT HEADLINES:

Cloud Computing:

IBM to Invest $3 Billion in Cloud Computing, Big Data Research - Washington Post

IBM is investing $3 billion in research that could benefit its cloud computing and big data services, the company announced Thursday.

Critical Infrastructure:

Unisys Survey Reveals Nearly 70% of Critical Infrastructure Providers Have Been Breached in the Past Year - Unisys

Utility, oil and gas, energy and manufacturing organizations unprepared for both internal and external threats, according to survey from Unisys and Ponemon Institute.

Cyberwarfare:

UK Boosts Spending on Cyber-Warfare - Zdnet

We don't need more tanks, we need the latest in cyber warfare, says UK PM David Cameron.

Data Security:

The Case of Gyges, the Invisible Malware, Government-Grade Now in the Hands of Cybercriminals - Sentinel Labs

Malware originally developed for government espionage is now in use by criminals, who are bolting it onto their rootkits and ransomware.

Pushdo Trojan outbreak: 11 THOUSAND systems infected in just 24 hours - The Register

A wave of attacks by cybercrooks pushing a new variant of the resilient Pushdo Trojan has compromised more than 11,000 systems in just 24 hours.

“Gameover” Malware Returns From the Dead - Naked Security

So far, SophosLabs has only seen a few samples of the new version, but it has been distributed through widespread spam campaigns, so the number of infections may already be large.

Security Firms Team Up and Take Down Shylock Malware - Symantec

Trojan.Shylock is designed to intercept online banking transactions and steal victims’ credentials.

Zeus PIF – The Evolving Strain Looking to Defeat Your Security Software - Websense

Websense Security Lab have identified a Zeus strain that implements information stealing procedures that appear to be an evolution of the 'DNA' of previous emerging Zeus variants.

U.S. Charges Chinese Businessman with Hacking Military Data - Zdnet

As the cybersecurity row between the US and China escalates, another Chinese man has been arrested on hacking and data theft charges.

Legislation and Regulation:

Senate Intelligence Committee Approves Cybersecurity Bill - Feinstein Senate

Senate Intelligence Committee Chairman Dianne Feinstein (D-Calif.) and Vice Chairman Saxby Chambliss (R-Ga.) today announced committee approval of the Cybersecurity Information Sharing Act, a bill to improve the nation's cybersecurity. The vote was 12-3.

Network Security:

Netgear Switches Exposed to Attacks From Hardcoded Credentials - Cert

A remote attacker could log into certain NETGEAR switches and execute arbitrary code because of hardcoded credentials installed within the firmware used on the devices.

FBI Found U.S. Military Aircraft Intel During Raid on Alleged Chinese Hacker - The Register

A Chinese entrepreneur has been arrested for attempting to steal information on the United States' Lockheed F-22 and F-35 aircraft and Boeing's C-17 cargo plane.

Anatomy of the Attack: Zombie Zero - Forbes

Malware hidden in Chinese inventory scanners targeted logistics, shipping firms.

Chinese Hackers Pursue Key Data on U.S. Workers - NY Times

Chinese hackers in March broke into the computer networks of the United States government agency that houses the personal information of all federal employees, according to senior American officials.

The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.