The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.
Read the Latest CSIAC Journal – Design and Development Process for Assured Software – Volume 1 - CSIAC
This edition explores different aspects of developing, deploying and training on how to build assured software. Articles are contributed by software assurance practitioners from the DoD and civil government that are devoted to the advancement of secure development principles in U.S government critical systems.
This webinar will talk about some of the industry guidelines that exist, how they are related, which ones need to be created, and how an assessment framework can be created that is standards based for consistent risk assessment results.
Veracity Industrial Networks said it has delivered on the first phase of its contract with the Department of Energy to provide SDN-based network infrastructure designed to help the U.S. industry, including power utilities, defend against cyberattacks. After several recent hacking events that many security analysts believe were instances of cyberwarfare, protecting utilities and other industries is certainly a timely issue.
Hacker Steals $7 Million in Ethereum From CoinDash - Securityweek
An actor managed to hack the CoinDash official website during the company's ICO (Initial Coin Offering) and diverted over $7 million worth of Ethereum by replacing the official wallet address with their own. The incident took place on Monday, just minutes after the company launched its ICO in an attempt to raise funds in the form of Ethereum crypto-currency. Similar to an (IPO) Initial Public Offering, an ICO happens when a company is looking to gather funds and issue tokens in return. According to CoinDash, the hacker managed to take over the official website only three minutes after the ICO started. They replaced the official Ethereum wallet address with their own, which resulted in people sending over $7 million to the fradulent address.
Apple will reportedly open its first ever Chinese data center in order to comply with China's new controversial and stringent cybersecurity laws. The tech giant's new data center is set to be located in the south-western Guizhou province and will be operated in partnership with a local data management firm called Guizhou-Cloud Big Data Industry Co Ltd (GCBD).
A black market hacking tool has the potential to rapidly conduct website scans for SQL injection vulnerabilities at a large scale, all managed from a smartphone through the Telegram messenger. The Katyusha Scanner is a relative newcomer available to black hats that surfaced in early April. It's a blend of the Arachni Scanner open source penetration testing tool and Telegram; it has already been updated seven times since its introduction, and now Pro and Lite versions are available for between $250 and $500.
Verizon, the major telecommunications provider, has suffered a data security breach with over 14 million US customers' personal details exposed on the Internet after NICE Systems, a third-party vendor, mistakenly left the sensitive users’ details open on a server.
Info Ops Officer Offers Artificial Intelligence Roadmap - BreakingDefense
Artificial intelligence is to be the crown jewel of the Defense Department's much-discussed Third Offset, the US military's effort to prepare for the next 20 years. Unfortunately, "joint collaborative human-machine battle networks" are off to a slow, even stumbling, start. Recognizing that today's AI is different from the robots that have come before, the Pentagon must seize what may be just a fleeting opportunity to get ahead on the adoption curve. Adapting the military to the coming radical change requires some simultaneous baby steps to learn first and buy second while growing leaders who can wield the tools of the fourth industrial revolution.
Aetna Replacing Security Passwords With Machine Learning Tools - Healthcare IT News
In 2016, more than three billion passwords were harvested from breaches by criminals in the U.S., according to Shape Security."Criminals exchange passwords on the Dark Web and use a technique called credential stuffing to apply passwords to targeted web domains and automatically attempt authentication for tens of thousands of compromised passwords," Routh explained. "Criminals are able to achieve a two percent hit ratio of account takeover using credential stuffing, helped by the fact that consumers reuse passwords across sites."
Intelligent Machines AI Fight Club Could Help Save Us from a Future of Super-Smart Cyberattacks - MIT
A new competition heralds what is likely to become the future of cybersecurity and cyberwarfare, with offensive and defensive AI algorithms doing battle. The contest, which will play out over the next five months, is run by Kaggle, a platform for data science competitions. It will pit researchers' algorithms against one another in attempts to confuse and trick each other, the hope being that this combat will yield insights into how to harden machine-learning systems against future attacks.
We recently found on Google Play a type of mobile ransomware that does not encrypt files. This malware extorts a payment to prevent the attacker from spreading a victim's private information. LeakerLocker claims to have made an unauthorized backup of a phone's sensitive information that could be leaked to a user's contacts unless it receives "a modest ransom."
Security researchers have discovered a new method to decrypt satellite phone communications encrypted with the GMR-2 cipher in "real time" -- that too in mere fractions of a second in some cases.
Another Day, Another Mass Domain Hijacking - The Register
More than 750 domain names were hijacked through the internet's own systems, registrar Gandi has admitted. Late last week, an unknown individual managed to get hold of the company's login to one of its technical providers, which then connects to no fewer than 27 other top-level domains, including .asia, .au, .ch, .jp and .se. Using that login, the attacker managed to change the domain details on the official nameservers for 751 domains on a range of top-level domains, and redirect them all to a specific website serving up malware.
FedEx Says Some Damage From NotPetya Ransomware May Be Permanent - Bleepingcomputer
US-based and international courier delivery service FedEx admitted on Monday that some of its systems were significantly affected by the NotPetya ransomware, and some of the damage may be permanent. FedEx was just one of the many businesses across the world hit by the NotPetya ransomware, a cyber-weapon designed to attack organizations in the Ukraine, but which spread to other countries via VPNs and internal networks.
DARPA has awarded contracts to five research organizations and one company that will support the Neural Engineering System Design (NESD) program: Brown University; Columbia University; Fondation Voir et Entendre (The Seeing and Hearing Foundation); John B. Pierce Laboratory; Paradromics, Inc.; and the University of California, Berkeley. These organizations have formed teams to develop the fundamental research and component technologies required to pursue the NESD vision of a high-resolution neural interface and integrate them to create and demonstrate working systems able to support potential future therapies for sensory restoration. Four of the teams will focus on vision and two will focus on aspects of hearing and speech.
Last year, a Long March 2D rocket took off from the Jiuquan Satellite Launch Centre in the Gobi Desert carrying a satellite called Micius, named after an ancient Chinese philosopher who died in 391 B.C. The rocket placed Micius in a Sun-synchronous orbit so that it passes over the same point on Earth at the same time each day. Micius is a highly sensitive photon receiver that can detect the quantum states of single photons fired from the ground. That’s important because it should allow scientists to test the technological building blocks for various quantum feats such as entanglement, cryptography, and teleportation.
As part of this month's Patch Tuesday, Microsoft has released security patches for a serious privilege escalation vulnerability which affect all versions of its Windows operating system for enterprises released since 2007.
Security researchers confirmed on Monday that a vicious new cyberattack has compromised the computer systems of over 1,000 organizations in 84 countries. Dubbed "Energetic Bear," the Stuxnet-like malware is largely targeting energy and utility companies. It's almost certainly from Russia.
In the wake of recent devastating global ransomware outbreaks, Microsoft has finally realized that its Windows operating system is deadly vulnerable to ransomware and other emerging threats that specifically targets its platform. To tackle this serious issue, the tech giant has introduced a new anti-ransomware feature in its latest Windows 10 Insider Preview Build (16232) yesterday evening, along with several other security features. Microsoft is planning to introduce these security features in Windows 10 Creator Update (also known as RedStone 3), which is expected to release sometime between September and October 2017.
The targets included the Wolf Creek nuclear facility in Kansas, according to several reports. An urgent Department of Homeland Security (DHS) report indicated a foreign power, possibly Russia, was responsible, the New York Times said. The DHS document carried the second-highest threat rating, the Times said.
Cyber Security of Critical Infrastructure - Department of Homeland Security
CSIAC serves on the EO 13636/PPD-21 Research & Development (R&D) Working Group (WG) run by DHS S&T. If you would like further information, contact Dr. Paul Losiewicz at firstname.lastname@example.org
The Cyber COI engages in multiple activities and forums for coordinating cyber S&T strategies, sharing innovative ideas and technical approaches, promoting technology transfer and upcoming business opportunities, and in jointly planning programs across the Department of Defense and other government agencies. Membership is based upon approval by the Cyber COI group administrator.
The Cyber Shield Newsletter - New Mexico Counterintelligence Working Group (NMCIWG)
The Cyber Shield is a Cyber Newsletter for Counterintelligence, IT and Security Professionals associated with DoD and USG agencies. There are no distribution constraints. If you would like to subscribe, please contact Paul Losiewicz at email@example.com
DOD OSBP officials acknowledged that cybersecurity is an important and timely issue for small businesses -and therefore the office is considering incorporating cybersecurity into its existing outreach and education efforts. During the review, GAO identified 15 existing federal cybersecurity resources that DOD OSBP could disseminate to defense small businesses.
DHS S&T Collaboration Community - Ideascale
The National Conversation is intended to bring together everyone to play a role in shaping the future of homeland security technology. This means responders, operational users, citizens, academia, and industry.
The Department of Defense Cyber Strategy - Department of Defense
The purpose of this strategy is to guide the development of DoD's cyber forces and strengthen our cyber defense and cyber deterrence posture. It focuses on building cyber capabilities and organizations for DoD's three primary cyber missions.
The Information Sharing Environment (ISE) broadly refers to the people, projects, systems, and agencies that enable responsible information sharing for national security.
Standards & Reference Documents - CSIAC
View all Best Practices and Reference Documents on the CSIAC website.
DoD Cyber Domain Resources - Department of Defense
DHS Cyber Security Strategy (“Blueprint for a Secure Cyber Future”, 2011) - Department of Homeland Defense
DIB CS/IA Voluntary Information Sharing Program - DoD DIBNet
DoD's DIB CS/IA program is a voluntary program to enhance and supplement DIB participants' capabilities to safeguard DoD information that resides on, or transits, DIB unclassified information systems.
US-CERT Bulletins - Department of Homeland Security
Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available.
US-CERT Alerts - Department of Homeland Security
Alerts provide timely information about current security issues, vulnerabilities, and exploits.
NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. NVD includes databases of security checklists, security related software flaws, misconfigurations, product names, and impact metrics.
Trustworthy CyberSpace: Strategic Plan For The Federal Cybersecurity Research and Development Program - NITRD
Committee on National Security Systems (CNSS) - Committee on National Security Systems
The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.