The Bachelor of Applied Science with an emphasis in Cyber Operations prepares graduates for cyber-related occupations in defense, law enforcement, and private industry.
The curriculum includes both offensive and defensive cyber security content delivered within our state-of-the-art Cyber Virtual Learning Environment to ensure our students have extensive hands-on experiences to develop the knowledge, skills, and abilities necessary to succeed after they graduate. The Cyber Operations program offers two degree tracks, both in-person and fully online:
The Engineering Track is a deeply technical, interdisciplinary, security focused Computer Science program.
The Defense & Forensics Track is an interdisciplinary Cyber education program.
The Law & Policy track lays a strong technical foundation, integrated with legal and policy knowledge.
DoD Cyber Scholarship Program (CySP)The DoD CySP is a yearly scholarship program aimed at Juniors and Seniors pursuing a bachelor’s degree in cyber-related academic disciplines. The CySP is a 1-year scholarship, which grants selected Cyber Scholars tuition and mandatory fees (including health care), funding for books, a $25K annual stipend, and guaranteed employment with a DoD agency upon graduation.
Microsoft is issuing a patch for a severe and wormable Windows Domain Name System vulnerability that could allow attackers to execute arbitrary code against targets and gain control of targets’ entire IT infrastructure.
The vulnerability, which was uncovered by a researcher at Check Point, would allow hackers to intercept and interfere with users’ emails and network traffic, tamper with services, and steal users’ credentials, by exploiting Windows’ Domain Name System (DNS), which is essentially the protocol that translates between website names and their corresponding IP addresses.
The vulnerability can be triggered by a malicious DNS response, which could lead to a heap-based buffer overflow, according to Check Point. The vulnerability is widespread as it affects affects Windows server versions from 2003-2019.
It’s the third serious vulnerability Microsoft has addressed just this month, following the emergency disclosure and patching of two critical vulnerabilities affecting Windows 10 and Windows Server distributions. Those disclosures were so important to address in a timely manner that the company made the decision to release patches outside of Patch Tuesday.
Microsoft has assigned the vulnerability, CVE-2020-1350, the highest possible risk score of 10 on the Common Vulnerability Scoring System. Wormable flaws can be particularly menacing as attacks exploiting them can spread from machine to machine without any human interaction. The WannaCry ransomware strain, which affected 300,000 machines in hundreds of countries in 2017, for instance, was wormable.
The vulnerability will be important to patch for governments and private entities alike. Hackers have seized on DNS-related hacking operations in recent years to target intelligence agencies, military organizations, energy firms, foreign ministries, and telecommunications firms to steal credentials, according to security researchers. During the pandemic hackers have taken advantage of DNS to target home routers as teleworking surged around the globe.
Check Point’s vulnerability research team leader, Omri Herscovici, said in a statement the flaw could allow hackers to essentially gain control of an entire organization, warning that it’s possible other researchers or nefarious actors asides from Check Point could have learned of this vulnerability years ago and exploited it.
“A DNS server breach is a very serious thing. Most of the time, it puts the attacker just one inch away from breaching the entire organization,” Herscovici said. “This vulnerability has been in Microsoft code for more than 17 years; so if we found it, it is not impossible to assume that someone else already found it as well.”
Sagi Tzaik, a vulnerability researcher at Check Point, uncovered the vulnerability and shared the information with Microsoft in May, Check Point said in a release.
The post Microsoft issues patch for wormable Windows DNS flaw appeared first on CyberScoop.