Attention DoD contractors: NIST’s SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations was revised in December 2016. The revision has produced new requirements, added clarifications, and created many discussion points. This webinar will explain in detail the changes contained in SP 800-171 revision 1 and various FAR/DFAR hooks into the document, impacts it has on your organization, and how you can continue to implement its IA guidelines.
Mr. Wade Kastorff is employed by SRC, Inc as a Security Systems Engineer responsible for life-cycle enterprise scale information assurance for both government and commercial organizations. For over 15 years Mr. Kastorff has been involved with the development of enterprise information assurance strategy, information assurance assessment planning and execution, transition of legacy systems to current risk management framework, and evaluation of proposed information systems impact to the current and future enterprise information security baseline. He is a Certified Information Systems Security Professional and has also earned several SANS Institute certifications including Advanced Incident Handling and Advanced Hacker Techniques and System Forensics, Investigations, and Response.
Benjamin Foulois Cyber Proving Ground – 24th Air Force
Since 2015, the 24th Air Force (24 AF) and Air Force Life Cycle Management Center (AFLCMC) have been working to establish a Cyber Proving Ground (CPG), located at Joint Base San Antonio-Lackland, Texas, in support of the 24 AF’s cyber missions and cyber weapon systems, and associated touch points of the 25 AF missions.
Appropriately named “Tallinn Manual 2.0: International Law Applicable to Cyber Operations,” the new book offers a fascinating look at how far the cyber threat landscape has evolved in the less than half decade since the first version’s release in 2013, shifting the focus from conventional state-authorized and operated cyber warfare to the small-bore deniable cyber activities that form the majority of day-to-day cyber attacks today.
The Army, which already has 30 cyber teams at full operational capability and 11 more at initial operating capability, is aiming to have 41 fully operational teams by year’s end.
Researchers have devised a new attack that can bypass one of the main exploit mitigations in browsers: address space layout randomization (ASLR). The attack takes advantage of how modern processors cache memory and, because it doesn’t rely on a software bug, fixing the problem is not easy.
Attackers have been using well-known, standard utilities to carry out attacks on organizations around the world, and covering their tracks by wiping their activity from the machine’s memory before its rebooted.
Meet LogicLocker: Boffin-Built SCADA Ransomware – The Register
Let’s start with the “calm down” part of the article: yes, LogicLocker is ransomware designed for programmable logic controllers, but no, the cyber-geddon isn’t upon us.
Chip Could Make Voice Control Ubiquitous in Electronics – ScienceDaily
In anticipation of the age of voice-controlled electronics, MIT researchers have built a low-power chip specialized for automatic speech recognition. Whereas a cellphone running speech-recognition software might require about 1 watt of power, the new chip requires between 0.2 and 10 milliwatts, depending on the number of words it has to recognize.
CYBERSECURITY: Actions Needed to Strengthen U.S. Capabilities – Government Accountability Office (GAO)
GAO has consistently identified shortcomings in the federal government’s approach to ensuring the security of federal information systems and cyber critical infrastructure as well as its approach to protecting the privacy of personally identifiable information (PII).
If you think clearing your web browsing history on your iPhone or Mac is going to make your online habits permanently disappear, you’d be wrong. Very wrong. According to the CEO of Russian hacking tool creator Elcomsoft, Apple is storing Safari histories in the iCloud going back more than a year, possibly much longer, even where the user has asked for them to be wiped from memory.
The UnifyID product consists of an app that runs on users’ devices as well as a cloud service. The local apps periodically collect sensor data from the local device, process it, and communicate with the cloud service.
High-Dimensional Quantum Cloning and Applications to Quantum Hacking – Science Advances
Attempts at cloning a quantum system result in the introduction of imperfections in the state of the copies. This is a consequence of the no-cloning theorem, which is a fundamental law of quantum physics and the backbone of security for quantum communications. Although perfect copies are prohibited, a quantum state may be copied with maximal accuracy via various optimal cloning schemes.
COPYRIGHT | 2017 ©PACE AGS FOUNDATION. “Pedestrian Awareness Crosswalk Education is an online think-tank intersecting awareness of public transportation policy in the United States.”