A short while ago, the White House Office of Management and Budget (OMB) released a memoranda on the cybersecurity strategy and implementation plan (CSIP) for the Federal Government. You can read the memo here , but if you are already thinking, tl;dr , just take a look at this: “The CSIP directs GSA, in coordination with OMB, to research contract vehicle options and develop a capability to deploy incident response services that can quickly be leveraged by Federal agencies, on a reimbursable basis. The incident response service will be managed by the contracting agency, in coordination with DHS and OMB
Category: Team Cymru
And so, dear reader, we’ve come to the end of National Cyber Security Awareness Month . October 2015 saw the Talk Talk data breach , the Dridex botnet comeback , and evidence that teenagers still aren’t getting the necessary cybersecurity career advice  . But there were successes too! A 22-year-old Russian man has been sentenced in the US for his involvement with the Citadel banking malware and arrests are coming thick and fast in the wake of the aforementioned Talk Talk hack
Piers Steel, of the University of Calgary, noted in his research the presence of faulty beliefs that inhibit individuals in reaching their goals. One of which, a source of much ‘lively debate’ between parents and their teenage children, is that life should be easy .
There’s nothing more meta than a trending article on Facebook about a bug in…you guessed it…Facebook, that allows some users to know the number of people who read their posts. Then again, according to the snark on Reddit, this bug also tells how few users actually care about their friends’ Facebook posts! All joking aside, the average Facebook user likely has no sense of the popularity of their content beyond how many likes or comments it gets, leaving some users to threaten their friends that they will leave Facebook if they do not get more attention
Barely a day goes by without another malware related story hitting the news. Just this week, we have seen YiSpecter iOS malware attacking both jailbroken and non-jailbroken iOS devices, abusing private APIs in the iOS system implementing malicious functionalities. WiFatch (which we mentioned earlier this week) is infecting routers, connecting them to peer-to-peer networks of other infected routers, for the purpose of further securing the router from other threats.
It’s hard not to like the Batman story. Bruce Wayne, billionaire, playboy, philanthropist, bypasses the ineffectual and corrupt establishment to take the fight to the baddies. There’s something romantic about the notion of taking matters into your own hands and getting stuff done where others can’t.
Scams that allow miscreants access to physical goods (often to sell on as a mechanism by which to monetize compromised card details) have been in existence for a long time. Brian Krebs recently gave an interesting overview of ‘reshipping’ schemes