Items tagged with cybersecurity

In line with a HotHardware report published last October, officials yesterday confirmed to CNN that the White House was hacked last year and that the alleged culprit is the Russian government. The hackers — believed to be the same group that managed to gain entry to State Department computer system last October — were able to access sensitive information regarding President Barack Obama, including his private schedule. White House officials say although these cyber-attacks are among the most advanced to ever hit the US government, no classified systems were in breach. “This report is not referring... Read more...
U.S. President Barack Obama is getting a little hot under the collar, and we’re not talking about the speech that Israeli Prime Minister Benjamin Netanyahu gave this morning. Instead, President Obama is troubled over new regulations that are being proposed by the Chinese government, which would affect American tech companies that conduct business within China’s borders. President Obama is fearful that China’s plans — which include allowing the Chinese government to install security backdoors, requiring companies to hand over encryption keys, and keeping user data on Chinese soil — are an assault... Read more...
When engaged in war, it's of utmost importance to keep plans and secrets secure. On the other side of the coin, it's likewise important to do what you can to gather intelligence on the opposition -- something quite difficult given the obvious fact that the opposition is also doing its best to keep its secrets, secret. But lest we forget that there are sometimes much easier ways to get information you need. Sometimes it can involve social engineering of the most modest levels, because after all, the bearers of this important information are still human. Hackers targeting the Syrian opposition (an... Read more...
Sometimes, it just makes sense to go open source. We've seen Microsoft do it, and we've seen Google do it. Now, we see none other than the US Department of Defense do it, with DShell, a network foresnics tool. It's an impressive thing to see the DoD release a home-built tool to the wild, but like most moves to open source, the agency has reached a ceiling and now welcomes improvements from outside sources. Whenever the DoD gets hit by a cyber attack, DShell is brought in to analyze the what and where of it. It seems certain that an agency like the DoD would see some unique attacks, but for the... Read more...
It should strike no one as a surprise at this point that the US and China have a bit of a strained relationship when it comes to trust. Both have accused each other of cyber offenses, and likewise, neither has much faith in the products it sources from the other. Post-Snowden, the situation has only become worse. That leads us to this point, where China is demanding that American companies that sell software products to Chinese banks must hand over their source code to be reviewed. And, it gets even better. China also wants these same companies to begin using Beijing-sanctioned algorithms in lieu... Read more...
Most of the time, when we hear about data breaches, it's because companies have either been compromised or failed to properly protect data. This time around, however, it's the United Postal Service in the limelight. Data on as many as 800,000 employees may have been stolen along with data on customers who called the USPS' various call centers between January and August of this year. USPS spokesperson David Partenheimer told Reuters that "The intrusion is limited in scope and all operations of the Postal Service are functioning normally." What appears to set this attack apart from most other intrusions... Read more...
It appears that hackers were able to breach the White House’s unclassified computer network, used by employees of the Executive Office of the President, according to anonymous White House officials. The breach has led to temporary disruptions to some of the services as cybersecurity teams work to contain the incursion. "In the course of assessing recent threats we identified activity of concern on the unclassified EOP network,” said a White House official. “Any such activity is something that we take very seriously. In this case we took immediate measures to evaluate and mitigate... Read more...
Zero-day exploits are a nightmare for end-users and vendors alike as both groups have to scramble to patch and resolve problems. Today, Microsoft got tagged with one of the worst types of disclosures -- not only is there a vulnerability in every single shipping version of Windows, the vulnerability has been exploited for years by a team of Russian hackers, codenamed Sandworm. According to the iSight Partners, the Sandworm Team has been caught seeking data on the Ukrainian crisis (further undercutting the idea that the crisis in that state was anything but a Russian operation -- if such evidence... Read more...
News is out today of a survey from video advertising platform Ebuzzing claiming that it would cost an average of E140 per year per UK citizen to pay for an ad-free Internet and that the majority of users (98% of them, in fact) would never, ever be willing to pay such fees. I'm not surprised by results like this -- if someone asked me "Would you pay $185 a year to avoid pop-up ads?" my first thought would be "No, I'd install Ad Block" or "No, I'd just avoid the websites that show obnoxious ads I don't want to see." According to Ebuzzing's results, that's precisely what most of its respondents do.... Read more...
Community Health Systems Inc revealed on Monday that personal had been stolen by hackers from its computer network. According to the U.S. Hospital operator, 4.5 million accounts were stolen that included patient names and addresses sometime in April and June. The 4.5 million people who were either referred to or received services from doctors affiliated with the service in the last five years were the ones affected by the attack. The attackers, according to Community Health, used malware and other technology to acquire the data from its system. The company, one of the largest hospital operators... Read more...
Over the past year, as criticism and anger have built over the NSA's numerous excesses and abuses of American civil rights, it's been easy to forget that underneath the justified anger, a genuine war has been raging. The NSA may have overreached in many respects, but that doesn't mean the government agency has invented problems from whole cloth -- and a new report drives that point home. According to the New York Times, top government officials have stated that Chinese hackers penetrated US government networks in March, potentially gaining access to thousands of dossiers on exactly which US citizens... Read more...
One of the most troubling facts that came out of Edward Snowden's disclosures last year was the degree to which the government has relied on National Security Letters to compel companies to reveal information about their clients without producing a warrant. Many NSLs were accompanied by non-disclosure orders that forbade the receiving company from revealing to the accused that their information had been demanded. Microsoft had previously gone to court over such tactics and today, the details of the company's strategic victory became public for the first time. Last year, the FBI demanded information... Read more...
Earlier this week, Apple released an updated set of legal guidelines spelling out exactly what it can and cannot access on your iDevice, what material it will turn over to the police, and under which circumstances it will surrender it. What's particularly interesting is the split response we've seen from different corners of the Internet. Everything Apple does tends to generate attention, but this particular set of announcements is getting a great deal of press -- and two very different narratives have emerged over what it means. Some readers and authors have reacted rather poorly to news that... Read more...
This sounds like the definition of a slippery slope: According to Reuters, the U.S. government is expanding its Internet traffic-scanning cybersecurity program to include more private sector workers, such as those at large banks, utility companies, and “key transportation” companies, and the NSA will use the Department of Homeland Security as a data-gathering middleman. The DHS will send the data on to certain telecommunication companies and cybersecurity firms for processing; those groups will aggregate certain statistics and report back to the government, which should keep some sensitive... Read more...
1 2 Next