Tag Archives: investigation

[ISN] Hackers post private files of America’s biggest police union

www.theguardian.com/uk-news/2016/jan/28/fraternal-order-of-police-hacked-fbi-investigation-data-servers By Jon Swaine and George Joseph in New York The Guardian 28 January 2016 Private files belonging to America’s biggest police union, including the names and addresses of officers, forum posts critical of Barack Obama, and controversial contracts made with city authorities, were posted online Thursday after a hacker breached its website. The Fraternal Order of Police (FOP), which says it represents about 330,000 law enforcement officers across the US, said the FBI was investigating after 2.5GB of data taken from its servers was dumped online and swiftly shared on social media. The union’s national site, fop.net, remained offline on Thursday evening. “We have contacted the office of the assistant attorney general in charge of cyber crime, and officials from FBI field offices have already made contact with our staff,” Chuck Canterbury, the FOP’s national president, said in an interview. The FBI did not respond to a request to confirm that it was investigating. Canterbury said he was confident that no sensitive personal information or financial details of their members had been obtained. “Some names and addresses were taken,” he said. “It concerns us. We’re taking steps to try to notify our members but that is going to take some time.” […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] After OPM Hack, Pentagon to Store and Secure Sensitive Security Clearance Docs

www.nextgov.com/cybersecurity/2016/01/after-opm-hack-pentagon-store-and-secure-sensitive-security-clearance-docs/125338/ By Jack Moore Nextgov.com January 22, 2016 In the continuing aftermath of the massive hack of sensitive records stored by the Office of Personnel Management, the Obama administration announced today it’s shifting the responsibility for conducting background investigations of sensitive personnel to the Defense Department In the future, files containing personal information on security clearance seekers


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Civilian found living in barracks on Fort Bragg

www.fayobserver.com/military/civilian-found-living-in-special-forces-barracks-on-fort-bragg/article_dfe374fe-846e-5dfd-9459-bb73a6d27fbe.html By Drew Brooks Military Editor fayobserver.com December 17, 2015 Investigators are looking into how a civilian was able to move into barracks reserved for Fort Bragg’s 3rd Special Forces Group. A spokesman for the group confirmed the unit discovered a civilian living in the barracks on Wednesday and reported the matter to Fort Bragg’s Provost Marshal’s Office. The spokesman could not provide additional details, but said the situation was under investigation. The popular Facebook account U.S. Army W.T.F. Moments also has reported on the incident. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] “Unauthorized code” in Juniper firewalls decrypts encrypted VPN traffic

arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/ By Dan Goodin Ars Technica Dec 17, 2015 An operating system used to manage firewalls sold by Juniper Networks contains unauthorized code that surreptitiously decrypts traffic sent through virtual private networks, officials from the company warned Thursday. It’s not clear how the code got there or how long it has been there. An advisory published by the company said that NetScreen firewalls using ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 are affected and require immediate patching. Release notes published by Juniper suggest the earliest vulnerable versions date back to at least 2012 and possibly earlier. There’s no evidence right now that the backdoor was put in other Juniper OSes or devices. “During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections,” Juniper Chief Information officer Bob Worrall wrote. “Once we identified these vulnerabilities, we launched an investigation into the matter, and worked to develop and issue patched releases for the latest versions of ScreenOS.” A separate advisory from Juniper says there are two separate vulnerabilities, but stops short of describing either as “unauthorized code.” The first flaw allows unauthorized remote administrative access to an affected device over SSH or telnet. Exploits can lead to complete compromise. “The second issue may allow a knowledgeable attacker who can monitor VPN traffic to decrypt that traffic,” the advisory said. “It is independent of the first issue. There is no way to detect that this vulnerability was exploited.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Police make arrest in hack of toymaker VTech, which exposed data on 6 million kids

www.chicagotribune.com/business/ct-vtech-toy-hack-20151216-story.html By Andrea Peterson The Washington Post December 16, 2015 Police in Britain arrested a 21-year-old man Tuesday as part of an investigation into the massive hack against Hong Kong-based toymaker VTech. VTech sells popular toys for young children, including smartwatches and tablets. The November breach of several company databases exposed information about approximately 5 million adults and more than 6 million children around the world, including names, genders and birth dates. The tech website Motherboard reported that pictures, chat logs between parents and their children, and audio recordings also were leaked, but the company has said it “cannot confirm” that data was reached by the hacker. VTech’s systems were reportedly vulnerable to a well-known hacking technique. The alleged hacker told Motherboard that he attacked the company and then went to the media to highlight its poor security practices. The incident raised new questions about the digital security of toys at a time when big corporations are increasingly marketing dolls and other devices that connect to the Internet and collect data about children. This month, researchers publicly disclosed security problems with Hello Barbie, a new doll that relies on artificial intelligence and an online connection to carry on conversations with children. ToyTalk, the company that Hello Barbie’s voice features, worked with the researchers to help fix “many of the issues they raised” before they were revealed. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Cymmetria hires former U.S. government cyber official Jim Christy

www.reuters.com/article/2015/11/27/us-cymmetria-hire-idUSKBN0TG28W20151127 By Jim Finkle Reuters.com Nov 27, 2015 Computer security startup Cymmetria has hired a well-known retired U.S. government computer-forensics expert, Jim Christy, as vice president of investigations and digital forensics. Christy started this week at the provider of technology that targets the psychology of attackers, tricking them into revealing themselves through techniques such as the use of decoy servers. Cymmetria told Reuters on Friday that Christy will oversee efforts to help clients investigate attacks uncovered with the company’s technology, then advise them on coordinating disclosure to law enforcement. He retired from the U.S. government in 2013, ending a career investigating computer crimes and running digital forensics labs that began in 1986 at the Air Force Office of Special Investigations. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Pentagon Farmed Out Its Coding to Russia

www.thedailybeast.com/articles/2015/11/04/pentagon-farmed-out-its-coding-to-russia.html By Patrick Malone Center for Public Integrity 11.04.15 The Pentagon was tipped off in 2011 by a longtime Army contractor that Russian computer programmers were helping to write computer software for sensitive U.S. military communications systems, setting in motion a four-year federal investigation that ended this week with a multimillion-dollar fine against two firms involved in the work. The contractor, John C. Kingsley, said in court documents filed in the case that he discovered the Russians’ role after he was appointed to run one of the firms in 2010. He said the software they wrote had made it possible for the Pentagon’s communications systems to be infected with viruses. Greed drove the contractor to employ the Russian programmers, he said in his March 2011 complaint, which was sealed until late last week. He said they worked for one-third the rate that American programmers with the requisite security clearances could command. His accusations were denied by the firms that did the programming work. “On at least one occasion, numerous viruses were loaded onto the DISA [Defense Information Systems Agency] network as a result of code written by the Russian programmers and installed on servers in the DISA secure system,” Kingsley said in his complaint, filed under the federal False Claims Act in U.S. District Court in Washington, D.C., on March 18, 2011. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Russian cyberspies targeted the MH17 crash investigation

www.networkworld.com/article/2996762/russian-cyberspies-targeted-the-mh17-crash-investigation.html By Lucian Constantin IDG News Service Oct 23, 2015 A Russian cyberespionage group that frequently targets government institutions from NATO member countries tried to infiltrate the international investigation into the crash of Malaysia Airlines Flight 17 (MH17). MH17 was a passenger flight from Amsterdam to Kuala Lumpur that crashed in eastern Ukraine close to the Russian border on 17 July, 2014. All 283 passengers and 15 crew members lost their lives. The Dutch Safety Board led an international investigation into the incident and released a final report on Oct. 13, concluding that the Boeing 777-200 aircraft was shot down by a warhead launched from a Russian-built Buk missile system. Security researchers from Trend Micro have found evidence that a cyberespionage group dubbed Pawn Storm, which has long been suspected to have ties to the Russian intelligence services, has targeted the Dutch Safety Board before and after the MH17 report was finalized. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail