Tag Archives: president

[ISN] Hackers post private files of America’s biggest police union

www.theguardian.com/uk-news/2016/jan/28/fraternal-order-of-police-hacked-fbi-investigation-data-servers By Jon Swaine and George Joseph in New York The Guardian 28 January 2016 Private files belonging to America’s biggest police union, including the names and addresses of officers, forum posts critical of Barack Obama, and controversial contracts made with city authorities, were posted online Thursday after a hacker breached its website. The Fraternal Order of Police (FOP), which says it represents about 330,000 law enforcement officers across the US, said the FBI was investigating after 2.5GB of data taken from its servers was dumped online and swiftly shared on social media. The union’s national site, fop.net, remained offline on Thursday evening. “We have contacted the office of the assistant attorney general in charge of cyber crime, and officials from FBI field offices have already made contact with our staff,” Chuck Canterbury, the FOP’s national president, said in an interview. The FBI did not respond to a request to confirm that it was investigating. Canterbury said he was confident that no sensitive personal information or financial details of their members had been obtained. “Some names and addresses were taken,” he said. “It concerns us. We’re taking steps to try to notify our members but that is going to take some time.” […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Cloud security roadmap essential for healthcare as off-site threats persist, experts say

www.healthcareitnews.com/news/cloud-security-roadmap-essential-healthcare-site-threats-persist-experts-say By Jack McCarthy Health IT News January 28, 2016 The onset of cloud computing brought with it an information technology revolution, allowing organizations to have their IT resources hosted off site, reducing their costs and simplifying operations. Unfortunately, the move to the cloud did not mean organizations could forget about requirements for a successful security profile. Healthcare organizations making the move to a cloud-centric strategy can’t lower their guard on security defenses, said Chris Bowen, founder and chief privacy and security officer of ClearDATA, a healthcare cloud computing company. “People may think that by offloading security responsibility to the cloud, they won’t have to worry, but that’s not the case,” Bowen said. “We know that threats exist in the cloud.” Bowen will discuss this issue at HIMSS16 along with J. Gary Seay, senior vice president and CIO of Community Health Systems, Bowen will give a presentation entitled, “Developing a Cloud Security Roadmap.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] [CFP] Speak About Your Cyberwar at PHDays VI

Forwarded fFrom: Alexander Lashkov Positive Hack Days VI, the international forum on practical information security, opens Call for Papers. Our international program committee consisting of very competent and experienced experts will consider every application, whether from a novice or a recognized expert in information security, and select the best proposals. Now, more than ever before, cybersecurity specialists are being asked to stop sitting on the fence and choose a side — competitive intelligence vs DLP systems; security system developers vs targeted cyberattacks; cryptographers vs reverse engineers; hackers vs security operations centers. A new concept of PHDays VI is designed to show what the current vibe is in information security. We want researchers to speak about the real dangerous threats and possible consequences. We also expect developers and integrators to give real answers to these threats rather than to talk about empowering security technologies. Come and share your experience at PHDays VI in Moscow, May 17 and 18, 2016. Your topic can revolve around any modern infosec field: new targeted attacks against SCADA, new threats to medical equipment, vulnerabilities of online government services, unusual techniques to protect mobile apps, antisocial engineering in social networks, or what psychological constitution SOC experts have. In addition, this year, we are planning to discuss IS software design, development tools, and SSDL principles. Our key criteria is that your research should be unique and offer a fresh perspective on hacking, modern information technologies, and the role they play in our lives. If you have something interesting or surprising to share, but none of the formats are suitable for your participation, please apply anyway and be sure we will consider your work. The first stage of CFP ends on January 31, 2016. Apply now — the number of final reports is limited. In 2015, the forum brought together 3,500 participants. In 2016, it is expected to see 4,000 attendees: information security leaders, CIO and CISO of the world’s largest companies, top managers of giant banks, industrial and oil and gas producing enterprises, telecoms, and IT vendors, representatives from different government departments. Positive Hack Days featured a variety of distinguished participants including Bruce Schneier (the legendary cryptography expert), Whitfield Diffie (one of the inventors of asymmetric cryptography), Mohd Noor Amin (IMPACT, UN), Natalya Kasperskaya (CEO of InfoWatch), Travis Goodspeed (a reverse engineer and wireless enthusiast from the U.S.), Tao Wan (the founder of China Eagle Union), Nick Galbreath (Vice-President of IPONWEB), Mushtaq Ahmed (Emirates Airline), Marc Heuse (the developer of Hydra, Amap, and THC-IPV6), Karsten Nohl (a specialist in GSM engineering), Donato Ferrante and Luigi Auriemma (famous SCADA experts from Italy), and Alexander Peslyak (the creator of the password cracking tool John the Ripper). Find any details about the format, participation rules, and CFP instructions on the PHDays website: www.phdays.com/call_for_papers/


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] DNC: Sanders campaign improperly accessed Clinton voter data

www.washingtonpost.com/politics/dnc-sanders-campaign-improperly-accessed-clinton-voter-data/2015/12/17/a2e2e14e-a522-11e5-b53d-972e2751f433_story.html By Rosalind S. Helderman, Anne Gearan and John Wagner The Washington Post December 17, 2015 Officials with the Democratic National Committee have accused the presidential campaign of Sen. Bernie Sanders of improperly accessing confidential voter information gathered by the rival campaign of Hillary Clinton, according to several party officials. Jeff Weaver, the Vermont senator’s campaign manager, acknowledged that a low-level staffer had viewed the information but blamed a software vendor hired by the DNC for a glitch that allowed access. Weaver said one Sanders staffer was fired over the incident. The discovery sparked alarm at the DNC, which promptly shut off the Sanders campaign’s access to the strategically crucial list of likely Democratic voters. The DNC maintains the master list and rents it to national and state campaigns, which then add their own, proprietary information gathered by field workers and volunteers. Firewalls are supposed to prevent campaigns from viewing data gathered by their rivals. NGP VAN, the vendor that handles the master file, said the incident occurred Wednesday while a patch was being applied to the software. The process briefly opened a window into proprietary information from other campaigns, said the company’s chief, Stu Trevelyan. He said a full audit will be conducted. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Cymmetria hires former U.S. government cyber official Jim Christy

www.reuters.com/article/2015/11/27/us-cymmetria-hire-idUSKBN0TG28W20151127 By Jim Finkle Reuters.com Nov 27, 2015 Computer security startup Cymmetria has hired a well-known retired U.S. government computer-forensics expert, Jim Christy, as vice president of investigations and digital forensics. Christy started this week at the provider of technology that targets the psychology of attackers, tricking them into revealing themselves through techniques such as the use of decoy servers. Cymmetria told Reuters on Friday that Christy will oversee efforts to help clients investigate attacks uncovered with the company’s technology, then advise them on coordinating disclosure to law enforcement. He retired from the U.S. government in 2013, ending a career investigating computer crimes and running digital forensics labs that began in 1986 at the Air Force Office of Special Investigations. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Chinese public security chief heads to US for talks on cybercrime

www.scmp.com/news/china/diplomacy-defence/article/1885101/chinese-public-security-chief-heads-us-talks-cybercrime By Jun Mai scmp.com 30 November 2015 The first high-level dialogue between the United States and China on cybercrime is under way this week to flesh out a deal reached in September by the presidents of the two countries. State media reported on Sunday that Minister of Public Security Guo Shengkun would be in the US until Thursday. Guo would also co-chair a ministerial meeting with Jeh Johnson, Secretary of the US Department of Homeland Security, Xinhua said. During President Xi Jinping’s visit to the US in September, the two countries agreed that they would launch biannual ministerial-level talks on cybersecurity by the end of this year. Talks on the subject had been suspended a year earlier after the US charged five Chinese military officers with hacking. US President Barack Obama said he and Xi agreed that neither government would knowingly support cybertheft of corporate secrets to support domestic businesses. Renmin University international relations professor Shi Yinhong said the talks would aim to nail down detailed points of agreement on cybersecurity but a breakthrough would be difficult to realise. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] New Counterintelligence Strategy: Focus on Cyber

www.nextgov.com/cybersecurity/2015/11/new-counterintelligence-strategy-focus-cyber-espionage/123880/ By Mohana Ravindranath Nextgov.com November 19, 2015 A new national counterintelligence strategy aims to learn from the recent Office of Personnel Management hack, attributed to state-backed Chinese actors, which compromised the personal information of 22 million current, past and future federal employees and contractors. The 2016 strategy, published this week, broadly outlines a plan for detecting, mitigating and preventing such threats, both from “foreign intelligence entities” and from malicious employees. “As the recent cyberintrusion against the Office of Personnel Management illustrated, even federal agencies that hold sensitive but not classified data are at increased risk of being targeted by foreign adversaries,” said a statement signed by President Barack Obama at the top of the DNI document. “The expanding and interconnected nature of espionage threats” needs a unified government response to “safeguard our most valuable security and economic information,” the statement stated. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Signs Point to China in US Research Facility Hack

www.defenseone.com/threats/2015/10/signs-point-china-us-research-facility-hack/122897/ By GWYNN GUILFORD QUARTZ OCTOBER 16, 2015 Tech companies, healthcare giants, defense contractors, top universities, the US government—you name it, Chinese cyber-spies have probably hacked it. And now, it seems likely, we can add one of the world’s preeminent marine research groups to the list. Woods Hole Oceanographic Institution sustained a “sophisticated, targeted attack” that looks to have originated from China, according to Christopher Land, the organization’s general counsel and leader of its internal investigation. If the perpetrator is indeed from the People’s Republic, it marks the latest in a series of high-profile hacks that US officials say has resulted in theft of US commercial secrets, potentially sensitive government information, and military data. With the US threatening sanctions, Chinese president Xi Jinping recently vowed not to commit commercial cyber-espionage—a pledge US officials are watching closely for signs of follow-through. WHOI isn’t a company or a government agency, but given its close ties with the US military and the National Science Foundation, it’s not exactly a regular research institution, either. Its vast cache of research holds data on everything from bowhead whale habitats and plankton to hydrographic surveys and oceanic oxygen levels—as well as classified work WHOI does with the Navy and the US defense department. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail