Items tagged with US Government
TikTok is one of the most popular apps in the United States right now after it effectively replaced Vine for quick content and entertainment. However, their track record has been mired by lapses in user privacy and contention with the U.S Government. Now, it seems some of those early accusations and concerns were founded as TikTok has now updated its privacy policy to include the collection of new types of biometric data such as “faceprints and voiceprints,” whatever that may mean or be used for. On Thursday, TechCrunch spotted a change in its U.S privacy policy that explains that the social media app “may collect biometric identifiers and biometric information” from its...
Read more...
The U.S. Government always has an eye on its citizens, as we learned from the 2013 Snowden scandal. Since then, the government has come up with craftier ways of surveilling Americans, which is made easy by the data we give away using our mobile devices. With this in mind, Oregon senator Ron Wyden is accusing the Pentagon of conducting warrantless surveillance of Americans by buying this data. For some time, Senator Wyden has been investigating government agencies buying US citizen's data, such as the U.S. Customs and Border Patrol warrantless tracking we reported on in December. In February, Senator Wyden's office asked the Department of Defense (DOD) for detailed explanations and information...
Read more...
Nuclear bombs and electromagnetic pulses are heard about in pop culture, but is it a real threat in the modern era? A U.S Air Force base in Texas seems to think there is at least some risk and is surveying a facility to find anything vulnerable to EMP attacks. Officials at Joint Base San Antonio in Lackland, Texas, recently issued a bid request to survey a facility called the Petroleum, Oil, and Lubrication Complex. This survey would help identify any electronics or other equipment that could be vulnerable to an EMP before a further investigation occurs. Following both the survey and deeper investigation, the Air Force would look into protecting the equipment should an EMP attack occur....
Read more...
We reported yesterday that Microsoft patched four zero-day vulnerabilities affecting Microsoft Exchange servers. As it turns out, Chinese hackers exploited these vulnerabilities in the wild and seemingly managed to ensnare the U.S. Government. The Department of Homeland Security has now published an emergency directive instructing any government agency with Microsoft Exchange servers on-premises to patch immediately. According to Microsoft, “a group assessed to be state-sponsored and operating out of China” gained access to email as well as installed persistent malware through Exchange server vulnerabilities. It is believed that the hackers primarily targeted “entities...
Read more...
Since December, a breach at I.T. administration and monitoring software company SolarWinds has been unfurling to reveal several serious security issues. Many companies and government organizations had data accessed and perhaps even stolen. Now, in an interview that gave an interesting insight into the situation, Microsoft's president Brad Smith called the hack the "largest and most sophisticated attack the world has ever seen." SolarWinds Orion, as CBS's 60 Minutes explains, is "one of the most ubiquitous software products you probably never heard of, but to thousands of I.T. departments worldwide, it's indispensable." The software, which simplified I.T. administration and management, touted...
Read more...
The SolarWinds breach has been pervasive, and the world is still reeling from the effects. We have heard that hackers accessed data from Microsoft, U.S Government agencies, and other high-profile companies. Now we're learning about the full scope of the data that was allegedly obtained. A website recently appeared alleging that some of this data is available for sale, including partial Microsoft Windows source code for a whopping $600,000. That is just a bit more expensive than a real Windows license. The hackers, who seem to be operating under the moniker of “SolarLeaks,” describe their escapades as a “recent adventure.” Now, they are selling the spoils of this adventure...
Read more...
The massive SolarWinds breach that has even ensnared Microsoft still has rippling effects. According to reports, it seems that hackers may have exposed sealed U.S. court documents. Simultaneously, SolarWinds is trying to clean up and close security holes following the attacks that used its software. The company has since hired several big names in the security world to help out, such as Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency (CISA). This week, the Administrative Office of the U.S. Courts reported in a memo that the SolarWinds breach may have “jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system”...
Read more...
Before U.S. President Donald Trump leaves office 14 days from now, he is taking another swing at China with his latest executive order. This new order bans transactions with eight Chinese software applications, which will heat Washington-Bejing tensions in the coming weeks. Moreover, it signals a stronger U.S. Government stance and more aggressive national security protection against Chinese companies and software. Yesterday, Reuters reported that the executive order is “aimed at curbing the threat to Americans posed by Chinese software applications,” arguing that “the United States must take ‘aggressive action’ against developers of Chinese software applications...
Read more...
Besides smartphones, Huawei and ZTE have many products for network and IT infrastructure that have likely been implemented worldwide. Since early this year, however, the U.S. government has had both companies on the run due to evidence of hardware backdoors. Now, US lawmakers have backed approximately $1.9 billion to replace Huawei and ZTE’s telecom infrastructure in the US due to the backdoors posing national security concerns. In 2019, the FCC declared that both Huawei and ZTE were “companies that pose a threat to national security.” Earlier in December, the FCC affirmed this decision, stating that “Huawei poses a threat to the security and integrity of our nation’s...
Read more...
Over the past week, it is suspected that Russia has been behind a massive, widespread attack against several private companies and government agencies within the United States. On the homefront, Microsoft has been at the tip of the spear when it comes to responding to this incident. Now, as more agencies come forward to report breaches, it seems that even Microsoft was susceptible to the attack. This all raises the question of “Is this an act of war on the nation as a whole?” Late last night, Microsoft reported on its blog that it too found evidence of malicious code embedded within its SolarWinds environment. That code has since been isolated and removed, but that does not mean Microsoft...
Read more...
Over the weekend, it was announced that a nation-state actor had breached SolarWinds’ Orion service as early as Spring of this year. The Orion platform is an all-in-one solution for IT administration and monitoring, among other utilities. It is used by companies and governments worldwide, and it appears that the U.S government was a target of interest in the attack. According to sources familiar with the situation, the nation-state actors have been monitoring email at the U.S Treasury and Commerce departments, but they may not be the only agency to be breached. The SolarWinds Orion attack is being dubbed as “Sunburst” by security researchers at FireEye, a cybersecurity firm....
Read more...
Tech companies and consumers alike are rightfully concerned about government agencies seeking backdoors into smartphone operating systems. Agencies like the Federal Bureau of Investigation (FBI) have exclaimed that backdoors can help them crack smartphones that belong to criminal or child predators. On the other hand, companies like Google and Apple claim that it's a slippery slope that will result in privacy forfeiture and reduced security for everyone. Today, we have more evidence that shows that the U.S. Government is likely getting its hooks into smartphones around the globe via a well-connected contractor. A new Wall Street Journal report alleges that Anomaly Six,...
Read more...
Tensions between the United States government and China have proven a burden for Huawei, which at one point had aspirations of selling its products on domestic soil in stores like Best Buy and wireless outlets like AT&T. Those plans were crushed, and the challenges keep mounting. The latest development has the US government effectively barring TSMC from supplying semiconductors to Huawei. This comes by way of an amendment to the Entity List, which outlines specific license requirements and rules for exporting goods. According to the Bureau of Industry and Security (BIS), Huawei has been trying to undermine US export controls, and the amendment addresses its concerns by restricting the Chinese...
Read more...
The contentious relationship between the United States government and Huawei, the second largest smartphone maker in the world behind Apple, is not easing up. Just the opposite, US government officials reportedly claim to have evidence that Huawei is able to spy on users through "backdoors" installed on its mobile devices. In tech parlance, a backdoor is a method of bypassing authentication and encryption schemes. It has been a bit of a hot topic, with the U.S. government urging Apple on numerous occasions to build backdoors into iOS to make it easier for law enforcement to crack iPhone devices that are linked to criminal suspects. Apple has so far resisted, saying that such a backdoor would...
Read more...
Chinese tech giant Huawei and the U.S. government aren’t exactly on friendly terms these days. The U.S. has long claimed that Huawei represents a security risk to governmental agencies and consumers alike, while at the same time torpedoing the company’s efforts to expand its presence Stateside with wireless carriers like AT&T and Verizon. Huawei recently fought back, suing the U.S. government over what it calls an unjust and unconstitutional ban. "This ban not only is unlawful, but also restricts Huawei from engaging in fair competition, ultimately harming U.S. consumers,” said Huawei in its filing. “We look forward to the court's verdict, and trust...
Read more...
In the 90’s it seemed like every cartoon hero/villain saved/destroyed the world by inserting a floppy disk. It turns out that they were not that far off. According to a watchdog report, the United States nuclear force still runs on IBM Series/1 computers and uses floppy disks designed in the 1970's to coordinate some of its functions. These operational functions include intercontinental ballistic missiles, nuclear bombers, and tanker support aircraft. They kindly provided an example for good measurePentagon spokeswoman Lt. Col. Valerie Henderson stated, “This system remains in use because, in short, it still works. However, to address obsolescence concerns, the floppy drives are scheduled...
Read more...
On Monday, mobile security researchers at FireEye reported on the discovery that an iOS app installed using enterprise/ad-hoc provisioning would be able to replace genuine apps installed on a user’s phone. Dubbed the “Masque Attack” vulnerability, the US government has issued an additional warning today for Apple users. “A technique labeled “Masque Attack” allows an attacker to substitute malware for a legitimate iOS app under a limited set of circumstances,” warned the US Computer Emergency Readiness Team in a post. The post goes on to describe the attack as a technique that “takes advantage of a security weakness that allows an untrusted app—with...
Read more...
The current prosecution of Ross Ulbricht has brought to light the U.S. government’s stance when it comes to hacking into servers outside the country without a warrant. According to a new legal filing for the Ulbricht case, the Justice Department said that such a warrantless search is permissible. This revelation came about as questions have been asked regarding the method the government used to locate the Silk Road servers in Iceland. Ulbricht, who the government suspects of being the operator of the illicit drug website, challenged the government’s explanation that a leaky CAPTCHA on the site’s login was responsible for leading them to the IP address and accused them of unlawfully...
Read more...
Twitter announced today that it has filed a lawsuit against the U.S. government stating that the company’s right to free speech is being violated since it is being prevented from disclosing the number of national security requests it receives. While the social networking service is able to provide a general number of requests received Twitter is not happy with this and wishes to disclose the exact number of national security letters and Foreign Intelligence Surveillance court orders it has received. “It’s our belief that we are entitled under the First Amendment to respond to our users’ concerns and to the statements of U.S. government officials by providing information...
Read more...
Search giant Google has denied requests by the United States government to hand over it's search results. Though the Department of Justice(DoJ) claims the search results are needed for their investigation, Google has responded by claiming the requested information will not help in the DoJ, due to the way Google's search engine works. "The DoJ has made the request to shore up attempts to show that voluntary regulation is not doing a good enough job of keeping children free of the unsavoury material, largely pornographic, that exists online. The document expressed its disbelief in US goverment assertions that the list of search words would help...
Read more...
