• Home
  • Resources
    • Find Resources by Topic Tags
    • Cybersecurity Policy Chart
    • CSIAC Reports
    • Webinars
    • Podcasts
    • Cybersecurity Digest
    • Standards & Reference Docs
    • Journals
    • Certifications
    • Acronym DB
    • Cybersecurity Related Websites
  • Services
    • Free Technical Inquiry
    • Core Analysis Task (CAT) Program
    • Subject Matter Expert (SME) Network
    • Training
    • Contact Us
  • Community
    • Upcoming Events
    • Cybersecurity
    • Modeling & Simulation
    • Knowledge Management
    • Software Engineering
  • About
    • About the CSIAC
    • The CSIAC Team
    • Subject Matter Expert (SME) Support
    • DTIC’s IAC Program
    • DTIC’s R&E Gateway
    • DTIC STI Program
    • FAQs
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Login / Register

CSIAC

Cyber Security and Information Systems Information Analysis Center

  • Resources
    • Find Resources by Topic Tags
    • Cybersecurity Policy Chart
    • CSIAC Reports
    • Webinars
    • Podcasts
    • Cybersecurity Digest
    • Standards & Reference Docs
    • Journals
    • Certifications
    • Acronym DB
    • Cybersecurity Websites
  • Services
    • Free Technical Inquiry
    • Core Analysis Task (CAT) Program
    • Subject Matter Expert (SME) Network
    • Training
    • Contact
  • Community
    • Upcoming Events
    • Cybersecurity
    • Modeling & Simulation
    • Knowledge Management
    • Software Engineering
  • About
    • About the CSIAC
    • The CSIAC Team
    • Subject Matter Expert (SME) Support
    • DTIC’s IAC Program
    • DTIC’s R&E Gateway
    • DTIC STI Program
    • FAQs
  • Cybersecurity
  • Modeling & Simulation
  • Knowledge Management
  • Software Engineering
/ CS Digests / 26 Jun 2018

CS Digest: 26 Jun 2018

Posted: 06/26/2018 | Leave a Comment

The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.

CSIAC ANNOUNCEMENTS:

In Case You Missed It: CSIAC Webinar – The Knowledge Temple - CSIAC

In this webinar, Neil Fitzpatrick, Senior Knowledge Manager at Quanterion Solutions Inc., uses the analogy of the construction of a Greek temple to identify the components and processes involved in the development of an efficient and effective organizational data to decision model.

Watch the Previous Webinar – Cybersecurity for Energy Systems - CSIAC

This presentation will review various Cybersecurity for Energy Delivery Systems (CEDS) R&D projects in which Schweitzer Engineering Laboratories (SEL) has been involved including an overview of Operational Technology-Software Defined Networking (OT-SDN).

RECENT HEADLINES:

Cyberwarfare:

New Fears Over Chinese Espionage Grip Washington - The Hill

Fresh concerns over Chinese espionage are gripping Washington as lawmakers fear Beijing is gaining sensitive details on U.S. technologies.

Data Security:

New SamSam Variant Requires Special Password Before Infection - Bleeping Computer

New versions of the SamSam ransomware will not execute unless the person running the malware's payload enters a special password via the command-line.

75% of Malware Uploaded on “No-Distribute” Scanners Is Unknown to Researchers - Bleeping Computer

Three-quarters of malware samples uploaded to "no-distribute scanners" are never shared on "multiscanners" like VirusTotal, and hence, they remain unknown to security firms and researchers for longer periods of time.

Equifax Reveals Full Horror of That Monstrous Cyber-heist of its Servers - The Register

Equifax has published yet more details on the personal records and sensitive information stolen by miscreants after they hacked its databases in 2017.

Legislation and Regulation:

Congress Lays Out Tech Funding in Spending Bills and Focuses on Supply Chain Threats - NextGov

The Senate Appropriations subcommittees forwarded a smorgasbord of funding bills to the full committee last week. Here's a rundown.

Supreme Court Rules that Warrants Generally Are Required to Collect Cellphone Data - NY Times

In a major statement on privacy in the digital age, the Supreme Court ruled on Friday that the government generally needs a warrant to collect troves of location data about the customers of cellphone companies.

Machine Learning and Artificial Intelligence:

A Bot Backed by Elon Musk Has Made an AI Breakthrough in Video Game World - Bloomberg

Artificial-intelligence research group OpenAI said it created software capable of beating teams of five skilled human players in the video game Dota 2, a milestone in computer science.

This Japanese AI Security Camera Shows the Future of Surveillance Will be Automated - The Verge

The world of automated surveillance is booming, with new machine learning techniques giving CCTV cameras the ability to spot troubling behavior without human supervision. And sooner or later, this tech will be coming to a store near you - as illustrated by a new AI security cam built by Japanese telecom giant NTT East and startup Earth Eyes Corp.

New IBM Robot Holds its Own in a Debate with a Human - NBC News

The human brain may be the ultimate super computer, but artificial intelligence is catching up so fast that it can now hold a substantive debate with a human.

MIT Fed an AI Data From Reddit, and Now it Only Thinks About Murder - The Verge

This week, researchers at MIT unveiled their latest creation: Norman, a disturbed AI.

Mobile Security:

Thousands of Mobile Apps Leak Data from Firebase Databases - Security Week

Thousands of mobile applications running on iOS and Android have exposed over 113 gigabytes of data from 2,300 unsecured Firebase databases, enterprise mobile security firm Appthority says in a new report.

A Volt Out of the Blue: Phone Batteries Reveal What You Typed and Read - The Register

A group of researchers has demonstrated that smartphone batteries can offer a side-channel attack vector by revealing what users do with their devices through analysis of power consumption.

Network Security:

New WPA3 Wi-Fi Standard Released - Bleeping Computer

On Monday, the Wi-Fi Alliance, the organization that manages Wi-Fi technologies, announced the official release of WPA3. WPA3 is the latest version of Wi-Fi Protected Access (WPA), a user authentication technology for Wi-Fi connections.

Public Sector:

Most Major US Agencies Are Now Feeding the Federal Cyber Threat Dashboard - Defense One

A Homeland Security Department dashboard designed to collect and analyze cybersecurity information from across the government is now receiving data from 20 out of 23 major civilian agencies, a department official said Wednesday.

Software Security:

Android P Will Encourage OEMs to Adopt Stronger Biometric Systems - Toms Hardware

Starting with Android P, device makers will have to pass new security-focused benchmarks for their biometric authentication systems if they want their customers to have a better biometric authentication experience.

Microsoft Edge Bug Exposes Content From Other Sites via HTML5 Audio Tag - Bleeping Computer

A weird Edge bug that was fixed earlier this month, allows a malicious website to retrieve content from other sites by playing audio files in a malformed manner that produces unintended consequences.

CSIAC Supported Communities

CSIAC supports several communities of practice, such as the Cyber Community of Interest (COI) Group and research & development working groups.

Technical Resources, Policy and Guidance

This list of related sites provides additional sources to pursue the topic of Cybersecurity. The sites include Government organizations, including federal agencies, Department of Defense and military service agencies, commercial organizations, and academic institutions.


The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.

« 12 Jun 2018
10 Jul 2018 »

Reader Interactions

Leave a Comment Cancel

You must be logged in to post a comment.

sidebar

Blog Sidebar

Featured Content

Data Privacy Day - Jan 28

Data Privacy Day is January 28th

You can help create a global community that respects privacy, safeguards data, and enables trust. You can help teach others about privacy at home, at work, and in your community.

Learn How

Featured Subject Matter Expert (SME): Daksha Bhasker

A dynamic CSIAC SME, Senior Principal Cybersecurity Architect, Daksha Bhasker has 20 years of experience in the telecommunications services provider industry. She has worked in systems security design and architecture in production environments of carriers, often leading multidisciplinary teams for cybersecurity integration, from conception to delivery of complex technical solutions. As a CSIAC SME, Daksha's contributions include several published CSIAC Journal articles and a webinar presentation on the sophiscated architectures that phone carriers use to stop robocalls.

View SME's Contributed Content

The DoD Cybersecurity Policy Chart

The DoD Cybersecurity Policy Chart

This chart captures the tremendous breadth of applicable policies, some of which many cybersecurity professionals may not even be aware, in a helpful organizational scheme.

View the Policy Chart

CSIAC Report - Smart Cities, Smart Bases and Secure Cloud Architecture for Resiliency by Design

Integration of Smart City Technologies to create Smart Bases for DoD will require due diligence with respect to the security of the data produced by Internet of Things (IOT) and Industrial Internet of Things (IIOT). This will increase more so with the rollout of 5G and increased automation "at the edge". Commercially, data will be moving to the cloud first, and then stored for process improvement analysis by end-users. As such, implementation of Secure Cloud Architectures is a must. This report provides some use cases and a description of a risk based approach to cloud data security. Clear understanding, adaptation, and implementation of a secure cloud framework will provide the military the means to make progress in becoming a smart military.

Read the Report

CSIAC Journal - Data-Centric Environment: Rise of Internet-Based Modern Warfare “iWar”

CSIAC Journal Cover Volume 7 Number 4

This journal addresses a collection of modern security concerns that range from social media attacks and internet-connected devices to a hypothetical defense strategy for private sector entities.

Read the Journal

CSIAC Journal M&S Special Edition - M&S Applied Across Broad Spectrum Defense and Federal Endeavors

CSIAC Journal Cover Volume 7 Number 3

This Special Edition of the CSIAC Journal highlights a broad array of modeling and simulation contributions – whether in training, testing, experimentation, research, engineering, or other endeavors.

Read the Journal

CSIAC Journal - Resilient Industrial Control Systems (ICS) & Cyber Physical Systems (CPS)

CSIAC Journal Cover Volume 7 Number 2

This edition of the CSIAC Journal focuses on the topic of cybersecurity of Cyber-Physical Systems (CPS), particularly those that make up Critical Infrastructure (CI).

Read the Journal

Recent Video Podcasts

  • Agile Condor: Supercomputing at the Edge for Intelligent Analytics Series: CSIAC Webinars
  • Securing the Supply Chain: A Hybrid Approach to Effective SCRM Policies and Procedures Series: The CSIAC Podcast
  • DoD Vulnerability Disclosure Program (VDP) Series: CSIAC Webinars
  • 5 Best Practices for a Secure Infrastructure Series: The CSIAC Podcast
  • Fifth Generation Cellular – A Discussion with Idaho National Laboratory on 5G – Part 4 Series: Fifth Generation Cellular
View all Podcasts

Upcoming Events

Sat 16

SANS Security East 2021

January 11 - January 16
Organizer: SANS Institute
Sat 16

SANS Cloud Defender 2021

January 11 - January 16
Organizer: SANS Institute
Mon 18

SANS Stay Sharp: Blue Team Operations 2021

January 18 - January 20
Organizer: SANS Institute
Mon 18

SANS Cyber Security Central: Jan 2021

January 18 - January 23
Organizer: SANS Institute
Tue 19

AI Champions, Online – Supply Chain

January 19 @ 14:00 - January 21 @ 15:30 EST
View all Events

Footer

CSIAC Products & Services

  • Free Technical Inquiry
  • Core Analysis Tasks (CATs)
  • Resources
  • Events Calendar
  • Frequently Asked Questions
  • Product Feedback Form

About CSIAC

The CSIAC is a DoD-sponsored Center of Excellence in the fields of Cybersecurity, Software Engineering, Modeling & Simulation, and Knowledge Management & Information Sharing.Learn More

Contact Us

Phone:800-214-7921
Email:info@csiac.org
Address:   266 Genesee St.
Utica, NY 13502
Send us a Message
US Department of Defense Logo USD(R&E) Logo DTIC Logo DoD IACs Logo

Copyright 2012-2021, Quanterion Solutions Incorporated

Sitemap | Privacy Policy | Terms of Use | Accessibility Information
Accessibility / Section 508 | FOIA | Link Disclaimer | No Fear Act | Policy Memoranda | Privacy, Security & Copyright | Recovery Act | USA.Gov

This website uses cookies to provide our services and to improve your experience. By using this site, you consent to the use of our cookies. To read more about the use of our site, please click "Read More". Otherwise, click "Dismiss" to hide this notice. Dismiss Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.