UNM4SK3D: Anonymous, Apple and the Army

#threats

Today, January 20, 2016 the 45th President of the United States, Donald Trump, will be sworn into office. While many opinions surround the recent election and overall political landscape, none have been more threatening than those from the collective group Anonymous.

Prior to the election, Anonymous vowed to take Trump down, declaring ‘total war,’ and although it appears these are idle threats thus far, they have continued to intensify as Inauguration Day drew closer. In a series of messages posted on Twitter, the group alleges they will release vulgar information about Trump and called for their followers to expose any compromising information they can find about the president-elect.

Among the messages Anonymous has tweeted so far, two of the most daring include: “@realDonaldTrump You have financial and personal ties with Russian mobsters, child traffickers and money launderers” and “‘This isn’t the 80’s any longer, information doesn’t vanish, it is all out there. You are going to regret the next 4 years. @realDonaldTrump.” These allegations are still unsubstantiated, and Trump, who is typically very active on Twitter, has yet to comment. Are these empty threats? Could be so, but it does make you wonder how any attack waged by the group could affect the rest of the country.

@YourAnonCentral has 166K followers

While we stay on alert over in the DC Metro Area, read more about Anonymous: Who Are They and What Do They Do?

#vulnerabilities

The invincible Apple just got majorly bit. It’s been discovered that anyone can crash an iPhone or iPad using emojis. Bad news for iOS users, unless you’ve been planning revenge against your ex and were looking for a way to carry it out.

First discovered by YouTube star EverythingApplePro, who posted it online in a video, the vulnerability uses the white flag emoji, the number zero, and the rainbow emoji to freeze and restart iPhones and iPads. It confuses the devices, which will try to convert these symbols into a rainbow flag. When a text message with these characters is received, the iPhone’s software attempts to combine the emojis but fails, and the messaging app crashes. Another method using the same vulnerability involves a contact file. In this case, you save those characters as a new contact and then send that file to an iMessage contact via iCloud’s sharing feature.

The bad news is, recipients do not even have to open or read the message to be affected. However, the system eventually reboots in a few minutes. According to The Hacker News, “the simple text string sent via a standard iMessage appears to affect iPhones and iPads running iOS 10.1 or below. However, the boobytrapped contact card affects all versions of iOS 10, including Apple’s latest iOS 10.2 operating system.” At current, Apple has declined to comment on the bug, nor have they released a patch.

There are 90.1 million iPhone users in the US alone -statista.com

For previous reports on the Big A, read about Apple’s Battle for Privacy.

#cloudservices

The battle for Cloud Services has been heating up. And while there’s still not a ‘Cloud Champion’ to be declared, IBM just won a lucrative deal that could define them as the top-tier government cloud provider.

In a recent announcement, IBM declared that they have been selected by the U.S. Army to “build, manage and operate” a new cloud solution for its Army Private Cloud Enterprise, along with providing them with Infrastructure as a Service (IaaS) support. A main reason for IBM’s win in this deal is due to it’s authorization by the Defense Information Systems Agency (DISA) at Impact Level 5 (IL-5) to run IaaS solutions on government premises, which the project required. Information impact levels consider the potential impact of information being compromised. IL-5 gives the cloud provider the authority to manage controlled, unclassified information.

If the Army agrees to the full scope of IBM’s offerings, the five-year contract will be worth approximately $62 million and will enable them to move up to 35 applications to the private cloud in the first year, according to IBM.

With this project, we’re beginning to bring the IT infrastructure of the U.S. Army into the 21st century. Cloud computing is a game-changing architecture that provides improved performance with high efficiency, all in a secure environment. — Lt. Gen. Robert Ferrell, the U.S. Army CIO

The Cloud revolution is majorly impacting the technology sector. For Cato Network’s thoughts on the topic, check out Cloud Services are Eating the World.

#skillcertspotlight

Risk Management is arguably the most important element of any cyber security program.

A field that integrates risk management and security practices into the system development lifecycle, RMF was originally designed to benefit Department of Defense (DoD) military, civilian, and contractor personnel who are responsible for evaluating information systems under the RMF and certifying to the Government that information systems meet security requirements.

The Risk Management Skill Certification Course will prepare you to understand the value of assets, analyze threat potential and select a cost-effective means of mitigation; the primary job of any security specialist. You’ll learn risk management best practices, with a special focus on how and why it’s essential to identify mission critical systems, and the loss impact of those critical systems to the business should a failure of some kind occur

This issue of UNM4SK3D was originally posted on the Cybrary.it blog and has be republished with permission. To access the original version, click here.

Olivia Lynch (Cybrary_Olivia) is the Marketing Manager at Cybrary. Like many of you, she is just getting her toes wet in the field of cyber security. A firm believer that the pen is mightier than the sword, Olivia considers corny puns and an honest voice essential to any worthwhile blog.

Now Reading Big Magic: Creative Living Beyond Fear by Elizabeth Gilbert