(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.


Early today, the official website of the US Army (www.army.mil) was defaced by attackers claiming to be with the Syrian Electronic Army. In addition to a message on the page claiming attribution, the attackers also included a pop-up message to anyone visiting: "Your commanders admit they are training the people they have sent you to die fighting."

Based on screenshots published in the Syrian Electronic Army's Twitter account, it appears the attack gained access to the webpage through the Limelight Networks content delivery network. A screenshot shows a Limelight control panel for the account belonging to the US Army Office of Public Affairs. [Update:  A spokesperson from Limelight contacted by Ars said, "We take security concerns extremely seriously and, in an abundance of caution, we are conducting a full investigation.  At this point we have no reason to believe any customer data has been compromised."]

Read 3 remaining paragraphs | Comments

An international group of experts from industry, academia and government gathered today at the National Institute of Standards and Technology (NIST) to discuss challenges and potential approaches to automated tattoo recognition, which ...

In April, federal authorities detected an ongoing remote attack targeting the United States' Office of Personnel Management (OPM) computer systems. This situation may have gone on for months, possibly even longer, but the White House only made the discovery public last Friday. While the attack was eventually uncovered using the Department of Homeland Security's (DHS) Einstein—the multibillion-dollar intrusion detection and prevention system that stands guard over much of the federal government's Internet traffic—it managed to evade this detection entirely until another OPM breach spurred deeper examination.

While anonymous administration officials have blamed China for the attack (and many in the security community believe that the attack bears the hallmark of Chinese state-sponsored espionage), no direct evidence has been offered. The FBI blamed a previous breach at an OPM contractor on the Chinese, and security firm iSight Partners told The Washington Post that this latest attack was linked to the same group that breached health insurer Anthem.

OPM is the human resources department for the civilian agencies of the federal government, so this attack exposed records for over four million current and former government employees at places like the Department of Defense. The breach, which CNN dubbed "the biggest government hack ever," included background and security clearance investigations on employees' families, neighbors, and close associates stored in the Electronic Questionnaires for Investigations Processing (e-QIP) system and other databases. The attack also affected a data center operated by Department of the Interior used by OPM and other agencies as a shared service—the result of data center consolidation ordered by the Obama administration. As a result, even more agencies may have been directly affected.

Read 35 remaining paragraphs | Comments

[SECURITY] [DSA 3282-1] strongswan security update
Symphony CMS XSS Vulnerability
AnimaGallery 2.6 (theme and lang cookie parameter) Local File Include Vulnerability
[SECURITY] [DSA 3281-1] Debian Security Team PGP/GPG key change notice
[SECURITY] [DSA 3280-1] php5 security update

CSO Online

Most infosec pros forget to change keys after a breach
CSO Online
One of the things that hackers look for when they break into an enterprise is encryption keys and security certificates, but most security professionals don't know how to respond if the keys are compromised during a breach. That's the result of a ...

and more »
Hardcoded AES 256 bit key used in Kankun IoT/Smart socket and its mobile App
[SECURITY] [DSA 3279-1] redis security update
Symphony CMS 2.6.2
CVE-2015-4010 - Cross-site Request Forgery & Cross-site Scripting in Encrypted Contact Form Wordpress Plugin v1.0.4


Infosec 2015: A place in the sun
As always, securing a prime location was key to coming away with a successful Infosec experience, and cloud security vendor Elastica managed to bag a very profitable spot on the second floor as the masses came and went from the week's keynote ...
Zonefox Offers Free Trial of UK's Most Innovative Cyber Security Software at ...SecurityNewsDesk

all 2 news articles »

Kroll Ontrack UK

Large numbers of UK security breaches never reported to anyone, PwC report ...
The majority of UK organisations suffering a security or data breach will never report it to anyone outside the company, the PwC Information Security Breaches Survey covering 2014 has once again suggested. It's not a new finding, nor even a surprising ...
PwC: 90% of large companies suffer data breachKroll Ontrack UK (press release)
90% Of UK Organisations Suffered Security Breaches In Past 12 MonthsMisco (blog)

all 4 news articles »
Internet Storm Center Infocon Status