The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.
CSIAC SME and member of the American Bar Association's Information Security Committee, Richard "Rick" Aldrich, gives a snapshot of the recent developments in cyberlaw, policy, standards, court cases and industry legal frameworks.
Tags: Cyberlaw, Policy
In this webinar Daksha Bhasker will provide an overview of the problem at hand, walk through the STIR/SHAKEN architecture, its components, and discuss security architecture considerations that will bolster the implementation. As international regulatory bodies move towards driving security measures against robocalling, this webinar will enable security professionals partner with voice engineering and operations teams where implementation maybe upcoming, be able to partner and support work underway by their telephony providers and be able to ask their suppliers and vendors pertinent security questions that will enable secure architectures and implementation of STIR/SHAKEN.
Tags: Robocall, STIR/SHAKEN Architecture
Chinese Spies Have Been Sucking Up Call Records at Multinational Telecoms, Researchers Say - Cyber Scoop
Chinese hackers have hit the soft underbelly of global telecommunications companies to siphon off hundreds of gigabytes of data, according to an investigation by security company Cybereason.
Tags: Data Security, Mobile Security
US Struck Iranian Military Computers This Week - Fifth Domain
U.S. military cyber forces launched a strike against Iranian military computer systems on Thursday as President Donald Trump backed away from plans for a more conventional military strike in response to Iran's downing of a U.S. surveillance drone, U.S. officials said Saturday.
U.S. Sen. Wyden Asks NIST to Create Secure File Sharing Guide - Bleeping Computer
U.S. Senator Ron Wyden sent a letter to the National Institute of Standards and Technology (NIST) Director Walter G. Copan urging the agency to develop and issue standards as part of a guidance framework for securely sharing sensitive documents over the Internet.
Tags: NIST, Secure File Sharing Guide
The OpenSSH project is getting protection against side-channel attacks that are known to leak data from a computer's memory, and allow malicious threat actors to steal sensitive information.
Tags: OpenSSH, Side-Channel Attacks
A draft version of that new guidance publicly released June 19 lays out 31 new recommendations for contractors to harden their defenses and protect unclassified (but still sensitive) government data that resides on their networks from advanced persistent threats (APT) or government-sponsored hackers.
Tags: Defense Contractors, NIST, Protecting Controlled Unclassified Information (CUI)
A report published this week by the NASA Office of Inspector General reveals that in April 2018 hackers breached the agency's network and stole approximately 500 MB of data related to Mars missions.
Tags: Data Security, NASA, Raspberry Pi
Healthcare.gov ID Verification Process is Insecure, and There’s no Plan to Fix it, Warns Watchdog - Fifth Domain
Identity verification for enrollment in Healthcare.gov is prone to identity fraud and its administrator has no plan to fix it, a government watchdog said.
Tags: Data Security
Several provisions in the Senate's version of the annual defense policy bill aim to increase oversight of cyber activities in the Department of Defense, including a new two-star general officer to serve as the senior military adviser to cyber policy.
Tags: Cyber Threats, Pentagon
Facebook unveiled plans Tuesday for a new global cryptocurrency called Libra, pledging to deliver a stable virtual money that lives on smartphones and could bring over a billion "unbanked" people into the financial system.
Tags: Cryptocurrency, Facebook, Libra
SACK TCP Flaws Can Crash, Slow Down Linux-based Systems - HelpNetSecurity
An engineering manager at Netflix has unearthed several TCP networking vulnerabilities in Linux and FreeBSD kernels that could lead to systems crashing or consuming too many resources and (consequently) slowing down.
Tags: Linux OS, SACK, TCP Flaw
A newly uncovered espionage campaign in the Middle East has infected more than 660 Android phones, and much of the stolen data appears to be "military-related," researchers from cybersecurity company Trend Micro said Tuesday.
Tags: Mobile Security
CSIAC supports several communities of practice, such as the Cyber Community of Interest (COI) Group and research & development working groups.
This list of related sites provides additional sources to pursue the topic of Cybersecurity. The sites include Government organizations, including federal agencies, Department of Defense and military service agencies, commercial organizations, and academic institutions.
The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.