Short Takes – 7-9-24

As Cyber Command evolves, its novel malware alert system fades away. TheRecord.media article. Pull quote: “The Under Advisement team — sprinkled throughout Fort Meade, home to both Cyber Command and NSA — is “really doing good work with getting stuff out to industry, and also taking things in from industry, because now they’ve kind of shown that CNMF is a credible as a player here, and so industry is willing to play along with them,” said the former operator.”

'Playing COVID roulette': Some infected by FLiRT variants report their most unpleasant symptoms yet. LATimes.com article. Pull quote: “Since everyone's experience with COVID is different and influenced by a number of factors, it's difficult to quantify how many are experiencing more acute symptoms now compared with previous infections. But anecdotally, including on social media sites, people are expressing shock at how sick they've become from the latest subvariants, which have been collectively nicknamed FLiRT.”

Buying down risk: Cyber poverty line. AtlanticCouncil.org article. Follow-up to Wendy Nather’s 2011 concept – Pull quote: “Cyber poverty poses threats to the entire cyber ecosystem, not just to organizations below the CPL. The increase in software supply-chain attacks in recent years—discussed in depth by the Cyber Statecraft Initiative’s Breaking Trust series—illustrates the dangers of leaving any part of the development process unsecured, as attackers focus on the supply chain’s most insecure link to reach their victims. For example, a breach into the systems of a small heating, ventilation, and air conditioning  company contracted by Target resulted in an escalation into Target’s cash register systems, compromising millions of customers’ credit card information while bypassing Target’s own security. In the public sector, entities hardly considered on the frontlines of cybersecurity can still be targets owing to their proximity to critical networks or access to valuable information. For instance, in 2019, a ransomware attack cost the city of Baltimore more than $18 million; IBM’s security division report on SLTT cybersecurity describes dozens of similar, costly attacks on systemically unprepared IT infrastructure.”

Ariane 6’s debut puts Europe back in the launch game. CosmicLog.com article. Pull quote: “During a follow-up briefing, mission managers said the upper stage’s auxiliary power unit suffered an anomaly that caused a premature engine shutdown. As a result, the re-entry capsules were not released, and the upper stage remained in orbit.”