via Lily Hay Newman, plying the scrivener trade for Condé Nast Inc. publication Wired, comes this superlative reportage, detailing the so-called 'Hail Mary Plan to Restart a Hacked US Electric Grid'. Good luck with that.
"But while the situation was manufactured, the conditions of the exercise were all too real. Researchers built their test grid off of the already isolated power grid on Plum Island, a Department of Homeland Security animal disease research facility at the tip of Long Island's North Fork." - via Lily Hay Newman reporting for Wired Magazine, comes this outstanding story detailing the so-called 'Hail Mary Plan to Restart a Hacked US Electric Grid'
via Zack Whittaker, reporting at Techcrunch, comes what may be the Armageddon (or should be) of SMS Messaging to facilitate password resets, password modifications, and two-factor authentication codes. The stunning level of incompetence displayed by the owners, managers and administrators of the system under scrutiny is quite simply astounding (No server level password, database open to the internet, et cetera). And... Then There's This.
"The exposed server belongs to Voxox (formerly Telcentris), a San Diego, Calif.-based communications company. The server wasn’t protected with a password, allowing anyone who knew where to look to peek in and snoop on a near-real-time stream of text messages." - via Zack Whittaker, writing at Techcrunch, comes this astounding story of incompetence and a nearly complete lack of security...
via Shaun Nichols, writing at El Reg, comes today's shocker: The core flaws which facilitated the Communist Chinese Cyber Attack of June 2015 targeting the US Federal Office of Personnel Management OPM have not been remediated. Go Figure...
"A report issued this week by Government Accountability Office (GAO) disclosed that the OPM has failed to comply with more than a third of recommendations its investigators made for improving the office's network security and data protection." - via Shaun Nichols, writing at The Register, comes news of the June 2015 OPM data breach
"The appeal of NIST’s Cybersecurity Framework was so strong in Japan that the country’s Information Technology-Promotion Agency, or IPA, became the first foreign entity to translate the Framework fully from its English language version into another language in 2014." - via Cynthia Brumfield's Why NIST Is So Popular In Japan? published on Cyberscoop
News, via Ars Technica's Dan Goodin, detailing another BGP SNAFU - with the end result being the re-route of legit traffic - and this time - it's Googles' (Nasdaq: GOOG) bits-in-question. Included in the particularly bad-news-for-the-interwebs, is the belief that this redirect was not malicious - this, of course, remains to be proven. Stay Tuned.