CyberNews: Top of the News

Defense Innovation Board Pushing Zero Trust Architecture for Military

The Pentagon’s Defense Innovation Board (DIB) has approved a white paper that calls on the Department of Defense (DOD) to implement zero trust architecture (ZTA) for network access. The paper notes DOD’s currently reliance perimeter-based cybersecurity and says that “Zero Trust Architecture (ZTA) can significantly offset vulnerabilities and threats across DoD networks by creating discrete, granular access rules for specific applications and services within a network.”

Read more in:
– media.defense.gov
: The Road to Zero Trust (Security) (PDF)

US Coast Guard Issues Marine Cybersecurity Warning and Advice(July 8 & 9, 2019)

An incident earlier this year led the US Coast Guard to issue a Marine Safety Alert that offers providing advice for implementing cybersecurity protocols. In February, the Coast Guard led an interagency team in an investigation of “a significant cyber incident” affecting the shipboard network of a deep draft vessel. The recommendations in the alert include segmenting networks; eliminating generic access credentials for multiple individuals; enforcing least privilege access; and regular patching.

Read more in:
– www.dco.uscg.mil
: Cyber Incident Exposes Potential Vulnerabilities Onboard Commercial Vessels (PDF)

Microsoft Patch Tuesday Includes Fixes for Two Zero-Days and a Critical Flaw in Windows DHCP Server(July 9, 2019)

 On Tuesday, July 9, Microsoft released software updates to address nearly 80 vulnerabilities in a range of products. Fifteen of the flaws have been rated critical. Arguably one of the most severe of these is a memory corruption vulnerability in Windows DHCP server; the issue affects most supported versions of Windows Server. Two of the flaws fixed in the update are being actively exploited, and four others were disclosed before the fixes were made available.

Read more in:
– krebsonsecurity.com
: Patch Tuesday Lowdown, July 2019 Edition
– www.darkreading.com: Microsoft Patches Zero-Day Vulnerabilities Under Active Attack

Advertisements


Categories: Cyber news

Tags: ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.