NIST offers Continuous Monitoring FAQ

Rent-a-botnet attack for $9 an hour, Macs under attack by spyware

Cybersecurity Update – Tune in weekdays at 30 minutes past the hour for the latest cybersecurity news on The Federal Drive with Tom Temin and Amy Morris (6-10 a.m.) and The DorobekInsider with Chris Dorobek (3-7 p.m.). Listen live at FederalNewsRadio.com or on the radio at 1500 and 820 AM in the Washington, D.C. metro area.

  • The administration is pushing for continuous monitoring of systems and threats, and if you have questions, there’s a new tool to help. The National Institute of Standards and Technology has crafted a list of 17 frequently asked questions about continuous monitoring. The document explains what it is and is not. Topics include risk, front-end security and automation. Continuous monitoring is part of the Defense authorization bill winding thru Congress. The White House has also signaled plans to have agencies move in that direction.
  • Based on an experiment done by researchers from VeriSign’s iDefense Intelligence Operations Team, it costs around $67 to rent a botnet or a Denial of Service attack for 24 hours, or $9 per hour. The study also found the creators of these botnet “companies” also use extortion to acquire more money, reports BrickhouseSecurity. In addition to renting out their services to launch an attack on a system, they blackmail a target company by warning them that they will be hacked if they don’t pay up… and then offer a 30% discount if the target company then hires the attackers to attack a competitor company.
  • Apple’s O-S 10 may not be free of security worries after all. A security company called Intego tells InfoWorld that a high-risk spyware application called OSX/OpinionSpy is spreading through “freely distributed Mac applications and screen savers found on a variety of Web sites.” The spyware is a variant of a program that’s been pestering Windows users since 2008. Using the moniker, market research program, the malware can collect data on local and network volumes, then send it off to its servers. Intego says data collected may include user names, passwords, credit card numbers, Web browser bookmarks, and history.

Check out all of Federal News Radio’s coverage of

        Join us Nov. 18 for Federal News Network's Industry Exchange Cloud to learn how your agency can deliver services effectively, efficiently and securely in a hybrid, multicloud world. Register today!

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

    Amelia Brust/Federal News NetworkVeterans Affairs

    House to vote on bill to make it easier to fire VA employees accused of misconduct

    Read more
    AP Photo/Paul Sancya, FileFILE - In this July 20, 2018, file photo a copper water supply line, left, is shown connected to a water main after being installed for lead pipe, right, in Flint, Mich. The Trump administration overhauled the country's widely criticized, 29-year-old framework to eliminate toxic lead from drinking water on Tuesday, but critics charge that the new rule gives utilities far more time than before to finally replace old, lead-contaminated pipes. (AP Photo/Paul Sancya, File)

    The EPA flubs a survey and misallocates hundreds of millions of dollars

    Read more