The National Security Agency (NSA) has released an information sheet with guidance on adopting encrypted Domain Name System (DNS) over Hypertext Transfer Protocol over Transport Layer Security (HTTPS), referred to as DNS over HTTPS (DoH). When configured appropriately, strong enterprise DNS controls can help prevent many initial access, command and control, and exfiltration techniques used by threat actors.
The National Security Agency released a cybersecurity product detailing how to detect and fix out-of-date encryption protocol implementations. Networks and systems that use deprecated forms of Transport Layer Security (TLS) or Secure Sockets Layer (SSL) for traffic sessions are at risk of sensitive data exposure and decryption.
The Federal Aviation Administration (FAA) announced Unmanned Aircraft Systems(UAS) airspace restrictions over additional national security sensitive locations, effective December 30.
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have observed persistent continued cyber intrusions by advanced persistent threat (APT) actors targeting U.S. think tanks. This malicious activity is often, but not exclusively, directed at individuals and organizations that focus on international affairs or national security policy. The following guidance may assist U.S. think tanks in developing network defense procedures to prevent or rapidly detect these attacks.
The National Security Agency’s Research Directorate has announced it has selected “Spectre Attacks: Exploiting Speculative Execution” as the winner of its 8th Annual Best Cybersecurity Research Paper competition. Originally published at the 2019 IEEE Security & Privacy Symposium, the winning paper, in combination with Meltdown, another award-winning paper released earlier by the same researchers, launched a global effort to mitigate critical vulnerabilities in processors.
Cal State San Bernardino’s Cybersecurity Center will host the annual Center of Academic Excellence (CAE) in Cybersecurity Symposium this year to be held virtually Nov. 19-20.
Artificial intelligence (AI) is now a major priority for government and defense worldwide — one that some countries, such as China and Russia, consider the new global arms race. AI has the potential to support a number of national and international security initiatives, from cybersecurity to logistics and counter-terrorism.
Much like the long-standing debate around 5G, President Trump’s recent decision to sign an executive order that may see TikTok and WeChat banned, and has now evolved into a bidding war for TikTok’s U.S. operations with Oracle leading as the potential winner, has brought the world’s attention to the inherent security challenges that complex global digital communications and connectivity present.
Acting Secretary of Homeland Security Chad F. Wolf released the Department of Homeland Security’s (DHS) Homeland Threat Assessment (HTA). This first-of-its-kind report synthesizes threat information across DHS including intelligence and operational components.
The Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Defense (DOD) Cyber National Mission Force (CNMF) have identified a malware variant — referred to as SLOTHFULMEDIA — used by a sophisticated cyber actor. In addition, U.S. Cyber Command has released the malware sample to the malware aggregation tool and repository, VirusTotal.