Posts by John Schimelpfenig

3 min Government

Federal Friday - 11.1.13 - A War on Two Fronts

Happy Friday and welcome to November! Shorter days start this weekend so make sure to set those clocks back, and I can practically smell Thanksgiving dinner already. On another note we are still working though some post World Series hangovers here in Boston, and even though I am a NY Yankee in "Big Papi's Court” I can't help to feel just a little Boston Strong this week. The title of this week's blog (War on Two Fronts) actually isn't about a Boston-New York rivalry but rather the threats

2 min Government

Federal Friday 10.25.13 – Some Semblance of Normalcy

As it's back to business across the federal space we're starting to see a return to normalcy in the day to day cycle. While it may take some agencies longer than others to return to full capacity, it's nice to have that expected daily routine back in place. One of the biggest things we've seen in the federal cyber-landscape since the end of the shutdown? The publication of the draft of the NIST Preliminary Cybersecurity Framewor [http://www.nist.gov/itl/upload/preliminary-cybersecurity-framew

2 min Phishing

Federal Friday - 10.18.2013 - The "We're Back In Business" Edition

After a tough start to FY14, a sense of normalcy should start to creep back in over the coming weeks. Even though the folks in the House and Senate merely delayed their budgetary discussions, we can only hope that some hard lessons were learned this time around and that come January our collective backs won't be up against the wall again. Unfortunately the under-valued thespian, Nicolas Cage, won't be representing my feelings in this week's blog as we have some things to talk about. One of the

2 min

Federal Friday – 9.27.13 – Attackers Changing Tactics

Happy final Friday of FY13! Year end is crazy as it always is, and even more so in the year of the Sequester. I'm looking forward to FY14 and moving past the budget issues that plagued the space for most of this year. Oh wait, on second thought, nothing looks like it's changing too much. But hey, at least it's the weekend! A couple of things caught my eye this week and it all pertains to the threat landscape. We are starting to see changing tactics from the attackers out there. First and fore

2 min Government

Federal Friday – 9.20.13 – The Air Gapped-Off line Edition

September 20th. Yup, I said it. We are two days away from the Autumnal Equinox, and I find myself asking; where have the spring and summer gone? With about 6 working days left in the federal FY13 most of us are knee deep in year-end wrap and FY14 prep (even though that might be delayed a little while). I read a nice article in the New York Times last weekend by Matthew L. Wald called “Imagining a Cyberattack on the Power Grid [http://www.nytimes.com/2013/09/11/us/imagining-a-cyberattack-on-th

2 min Apple

Federal Friday - 9.13.13 - Apple's Touch ID Release

Welcome to another edition of Federal Friday! It's been a busy week around here with 2 FISMA presentations earlier in the week and the ongoing effort to close out FY13 on 9/30. Plus the world came to a technological halt this week with the usual fervor surrounding your typical Apple event [http://www.idigitaltimes.com/articles/19853/20130910/iphone-5s-apple-event-september-2013-recap.htm] that was held on 9/10. This time the event centered around the upcoming iPhone release which featured th

2 min Government

Federal Friday - 9.6.13 - "P.O.C.B.S" Edition

Well folks, that about does it. Summah is a wrap and soon enough Boston will begin its annual transformation into the planet Hoth for the next few months. That being said, I thought I'd keep it light this week so we can all get on with our weekends. You might be wondering what the title of this week's edition means. No, “P.O.C.B.S” is not a new department or cert that you need to know about. It is actually a lot more basic than that but can cause major disruptions to critical infrastructure

5 min

Federal Friday - Weekly Recap 8/23/2013

Wow, it's August already! The Fourth of July was a month-and-a-half ago, BlackHat/DEFCON, a few weeks ago, even though it seems the hangover from the Rapid7 Party just ended for a few folks.  Labor Day?  Yeah, that's only a week away. Forget talking back-to-school I just saw a Christmas display in one of the local big-box stores here in Beantown. Well, being that FY2013 and summer are almost over, I want to let you know about some incentives for improving your cybersecurity program. The Whit

4 min Events

Federal Friday: Weekly Recap 7.26.13

Ah, summer in New England… From a new record high last week of 99 degrees during our company picnic, to a balmy 58 degrees when I woke up this morning. Drastic change in the weather is almost a daily occurrence for us hearty, chowder eating New Englanders. Change is also coming to much federal, state, and local agencies look to ramp up or enhance their current security programs by aggregating a lot of the open market tools and streamlining the purchasing process. The Department of Homeland Se

4 min Metasploit

Federal Friday - Weekly Recap 7-11-2013

Welcome back to Federal Friday with a happy belated 4th of July. I hope all of you out there had a fantastic holiday and were able to spend some quality time with friends, family, and some fireworks. For this week's blog I wanted to focus on 3 topics that really grabbed my attention over the last two weeks. NIST needs your help. In a blog post on Federal Technology Insider [http://federaltechnologyinsider.com/calling-all-cybersecurity-experts-nist-seeks-public-input-on-protecting-national-cri

6 min Metasploit

Federal Friday - 6.29.13 - Weekly Recap

As I prepare to dive into this week's Federal Friday post I can't help but notice that it's that time of the year again.  The days are longer, the mercury rising, a sweet smell of B.B.Q filling the air, and students around the country are heading out of the classroom and into their summer vacation. They leave their respective schools and previous grades behind, and for the next few months they will embark on numerous adventures, filling their heads with all types of stories that they'll be burst

4 min Metasploit

Federal Friday - Weekly Recap 6.21.13

Welcome to the brand new Federal Friday Blog here on Security Street! I tend to be an avid consumer of industry information, trends and general points of information within the InfoSec space. I want to use this blog to aggregate some of the information I find helpful and share that info with all of you on a weekly basis. Additionally we will be publishing federally-focused content from many of the great resources we have here at Rapid7. This content will highlight trends within the space and ho