Top Stories in Cybernews
Posted January 29, 2013
Keywords: cloud security, cybernews update, cybersecurity, data.gov, DDoS attacks, FISMA, java, National Security
Here are the top cyber news and stories of the day.
- DOD, VA improve eBenefits portal – The eBenefits self-service portal has been updated. This portal allows service members and vets unparalleled access to information and services. It allows users to get into compensation services, even populated the information from their VA records. Via FedScoop, more here.
- Government Appetite Growing for Twitter User Data – “Twitter said Monday that just 19 percent of federal and state government requests for user data were accompanied by probable-cause search warrants during the six months ending in December 2012.” There were 815 total requests for Twitter user data. Twitter also demands a probable-cause warrant. Via Wired, more here.
- 86,800 network printers open to the whole internet – is one of them yours? – “UK blogger @skattyadz, alias Adam Howard [*], did a Google search for a URL matching the pattern you might use to connect to a nearby printer on your office network.” He built his search terms to look specifically for HP printers, so there are likely to be thousands of other open network printers. Via Naked Security, more here.
- Odierno: budget is greatest threat to national security - Army Chief of Staff, Ray Odierno, believes that “Fiscal uncertainty and potential budget shortfalls are the greatest threat to national security.” Apparently, the Joint Chief of Staffs wrote a letter to the House and Senate concerned about how future budgets could affect national security. ““In the past we’ve taken reductions during relative peace and stability, but in my mind as I look at the world today, there’s instability on every continent around the world and there’s incredible uncertainty on what the future may hold,”” said Odierno. Via FedScoop, more here.
- DDoS attacks, mobile traffic visibility top security concerns: Arbor – According to Arbor Networks’ most recent report, over 90% of data centers are experiencing DDoS attacks. They also found 60% of mobile providers have no oversight over their 4G LTE networks. Via ComputerWorld Australia, more here.
- The dangers of third-party code for cloud security – “Imperva announced a new report which examines the dangers of third-party code in cloud computing.In December 2012, a hacker breached Yahoo! with an SQL injection attack that took advantage of a vulnerability in a third-party application that was provided on the Yahoo! Web site.” This has emphasized the dangers that using 3rd party code in cloud services can open a service up to. Via Net Security.org, more here.
- Google Announces Pwnium 3, Ups Ante and Offers $3M+ in Rewards – In this year’s competition, Google is opening up the Chrome OS to the competitors. Google is offering $3.14159M (you nerds should get it) in reward money. According to the Chromium blog, “the company will offer $110,000 for a “browser or system level compromise in guest mode or as a logged-in user, delivered via a web page” and $150,000 for a “compromise with device persistence — guest to guest with interim reboot, delivered via a web page.”" Via Threat Post, more here.
- New bug makes moot Java’s latest anti-exploit defenses, claims researcher – “Java’s new security settings, designed to block “drive-by” browser attacks, can be bypassed by hackers, a researcher announced Sunday.” Adam Gowdiak, CEO of Security Explorations, found that the new settings for Java do not shut down attackers at all. Via ComputerWorld, more here.\
- Pentagon to boost cybersecurity force – The Pentagon will be plussing up their cybersecurity force by almost five-fold, in the next few years. The USCYBERCOM unit will grow from 900 personnel to over 4,900 total servicemembers and civilians. “The plan calls for the creation of three types of forces under the Cyber Command: “national mission forces” to protect computer systems that undergird electrical grids, power plants and other infrastructure deemed critical to national and economic security; “combat mission forces” to help commanders abroad plan and execute attacks or other offensive operations; and “cyber protection forces” to fortify the Defense Department’s networks.” Via Stars and Stripes, more here.
- Data.gov gets agile with new alpha site - ”Data.gov is on track to getting a .gov makeover right before our very eyes thanks in part to an agile, open approach to development being adopted by the General Services Administration.” They are attempting to “create an online showcase” designed to highlight what data.gov can do. Via FedScoop, more here.
- When reforming FISMA, don’t throw out what works – William Jackson of GCN, explores the value that FISMA has already had in government. While FISMA has required enormous amounts of paperwork, and “focused on compliance rather than risk”. “Before Congress fiddles too much with the act, lawmakers should have a good idea of how that implementation has improved and what the impact has been, and what practices have actually improved security in agencies.” Via GCN, more here.
- Motorola Solutions unveils MC45 mobile computer – Motorola has released details on a new rugged mobile tablet. The problem with these capabilities is that they do not outstrip devices such as the Apple iPad or Google Nexus 7 or any smartphone in any terms of value. The device starts at $1,345 and has an enhanced model that is $2,295. These have small screens and small keyboards, but Motorola must believe their “ruggedization” to be worth the cost. We shall see, but I hope that most organizations start thinking more agilely and purchase commercial devices with rugged cases as opposed to COTS devices with built in protections. Via IDG/ComputerWorld, more here.
Other Posts by Ryan Kamauff