• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

InfoSec News

  • Home
  • Subscribe
  • Contact Us
  • Advertising
  • Privacy
  • About

Hacking

Citrix compromised by international cybercriminals

March 11, 2019 By William Knowles

By William Knowles @c4i
Senior Editor
InfoSec News
March 11, 2019

Late last week, Citrix announced in a statement by Chief Security and Information Officer, Stan Black that they were hit by hackers in attacks that potentially exposed terabytes of customer data and potentially internal Citrix corporate secrets.

“On March 6, 2019, the FBI contacted Citrix to advise they had reason to believe that international cybercriminals gained access to the internal Citrix network.”

“Citrix has taken action to contain this incident. We commenced a forensic investigation; engaged a leading cybersecurity firm to assist; took actions to secure our internal network; and continue to cooperate with the FBI.”

“Citrix is moving as quickly as possible, with the understanding that these investigations are complex, dynamic and require time to conduct properly. In investigations of cyber incidents, the details matter, and we are committed to communicating appropriately when we have what we believe is credible and actionable information.”

“While our investigation is ongoing, based on what we know to date, it appears that the hackers may have accessed and downloaded business documents. The specific documents that may have been accessed, however, are currently unknown. At this time, there is no indication that the security of any Citrix product or service was compromised.”

Filed Under: News Tagged With: CISO, Citrix, CSIO, Cyber Crime, Cybercrime, cybersecurity, Data Breach, Espionage, FBI, Hacker, Hackers, Hacking, InfoSec, InfoSecNews, Iran, Passwords, Security

Hackers Deface Electronic Billboard Near Seattle Washington

January 1, 2019 By William Knowles

By William Knowles @c4i
Senior Editor
InfoSec News
January 1, 2019
Updated: January 3, 2019

For 99.9999% of the world’s population, New Year’s Eve is a time to let your hair down and have a few drinks celebrating the passing of another year, but I suspect its just another day on the calendar for John McAfee when he shared this tweet (Very NSFW) to his 885K followers on Twitter.

So it comes to no surprise that billboard hackers @le_keksec shared McAfee’s tweet to hundreds of thousands more near Seattle Washington and was reposted posted to Twitter. (NSFW)

On Tuesday, a McAfee spokesperson confirmed that the billboard operator was hacked and as a result, the display has been shut down.  McAfee, a device to cloud cybersecurity company headquartered in Santa Clara, California, also noted that John McAfee has not been affiliated with the company in any capacity for over 25 years.

Filed Under: Exclusive, News Tagged With: cybersecurity, Data Breach, Hacker, Hackers, Hacking, InfoSec, InfoSecNews, John McAfee, Keksec, Lulz, McAfee, officialmcafee, Security, Shodan

Someone repeatedly compromised NASA servers

December 19, 2018 By William Knowles

By William Knowles @c4i
Senior Editor
InfoSec News
December 19, 2018

 

This isn’t going to improve NASA’s FISMA scorecard rating for 2018.

On Tuesday, December 18, 2018. Bob Gibbs, Assistant Administrator, Office of the Chief Human Capital Officer sent an agency-wide message to the 17,000+ NASA employees, according to SpaceRef which posted the memo on their site.

On Oct. 23, 2018, NASA cybersecurity personnel began investigating a possible compromise of NASA servers where personally identifiable information (PII) was stored. After initial analysis, NASA determined that information from one of the servers containing Social Security numbers and other PII data of current and former NASA employees may have been compromised.

Upon discovery of the incidents, NASA cybersecurity personnel took immediate action to secure the servers and the data contained within. NASA and its Federal cybersecurity partners are continuing to examine the servers to determine the scope of the potential data exfiltration and identify potentially affected individuals. This process will take time. The ongoing investigation is a top agency priority, with senior leadership actively involved. NASA does not believe that any Agency missions were jeopardized by the cyber incidents.

NASA Civil Service employees who were on-boarded, separated from the agency, and/or transferred between Centers, from July 2006 to October 2018, may have been affected.

NASA employees should be counting their lucky stars that this doesn’t happen more often, In 2016 NASA’s Office of Inspector General found that NASA lacks a mature cyber program, earning a score of 27 out of 100 under the Office of Management and Budget’s and DHS’ five-step maturity model.

In the 2017 Federal Information Security Modernization Act: Fiscal Year 2017 Evaluation of NASA came to the conclusion that…

Despite progress made to address previously identified weaknesses related to its cybersecurity program, we concluded that NASA, based on the results of our current review, has not implemented an effective information technology security program. Further, without implementing additional improvements to ensure that NIST requirements are implemented, the Agency may lose ground in its efforts to address the challenges in a rapidly evolving cybersecurity landscape. To strengthen its information security program, we believe the Agency should continue its initiatives in each of the seven IG FISMA domains.

  1. Risk Management. Strengthen the enterprise architecture risk management framework by closing the gap between mission systems and inventory, and complete the transition to RISCS.
  2. Configuration Management. Augment secure configuration settings, improve hardware and software asset management, and remediate configuration-related vulnerabilities including unsupported operating systems.
  3. Identity and Access Management. Increase the use of PIV authentication for unprivileged users.
  4. Security Training. Complete applicable role-based training for personnel with significant security responsibilities.
  5. Continuous Monitoring. Develop a comprehensive continuous monitoring strategy for automatic hardware and software inventory detection and data exfiltration defense capabilities.
  6. Incident Response. Bridge the gap between reactive and proactive intelligence gathering and analysis techniques.
  7. Contingency Planning.

Finally, we are concerned that many recommended corrective actions from prior FISMA and other IT-related reviews remain open after more than a year. We urge a renewed Agency commitment to addressing our previous recommendations given the constant and growing cybersecurity threats. Although this memorandum made no specific recommendations to NASA, management provided a brief response that is reproduced in Enclosure V. Technical comments provided by management have been incorporated, as appropriate.

Sadly, Its easier to blame this all on aliens.

Filed Under: News Tagged With: China, Cyber Crime, Cybercrime, cybersecurity, DoD, Espionage, FBI, FISMA, Hacker, Hackers, Hacking, InfoSec, InfoSecNews, NASA, OIG, PII, SSN

The DoD Cybersecurity Policy Chart

November 11, 2018 By William Knowles

By William Knowles @c4i
Senior Editor
InfoSec News
November 11, 2018
Updated January 8, 2019

The goal of the DoD Cybersecurity Policy Chart, developed by the Cyber Security and Information Systems Information Analysis Center (CSIAC) is to capture the tremendous breadth of applicable policies, some of which many cybersecurity professionals may not even be aware, in a helpful organizational scheme. The use of color, fonts, and hyperlinks are all designed to provide additional assistance to cybersecurity professionals navigating their way through policy issues in order to defend their networks, systems, and data.

At the bottom center of the chart is a legend that identifies the originator of each policy by a color-coding scheme. On the right-hand side of the Cybersecurity Policy Chart, there are boxes, which identify key legal authorities, federal/national level Cybersecurity policies, and operational and subordinate level documents that provide details on defending the DoD Information Network (DoDIN) and its assets. Links to these documents can be found in the Chart.

Click on the image above to download an interactive copy of .pdf of the DoD Cybersecurity Policy Chart, The chart was last updated on January 7, 2019. View the changelog here.

Filed Under: News Tagged With: Cryptography, Cybercrime, cybersecurity, Data Breach, DDoS, DoD, DoDIN, Encryption, Espionage, Hackers, Hacking, InfoSec, InfoSecNews, NSA, Passwords, Security

DerbyCon 8 Videos are online!

October 18, 2018 By William Knowles

DerbyCon8

By William Knowles @c4i
Senior Editor
InfoSec News
October 18, 2018

Adrian/@irongeek_adc has uploaded all the presentations from DerbyCon VIII here and at Archive.org to download. DerbyCon was held at the Marriott Louisville on October 3rd thru the 7th, 2018. Dates for DerbyCon 9 have been announced, Training dates are September 18th and 19th 2019, with the conference again to be held at the Marriott Louisville September 20th to 22nd 2019.

Filed Under: News Tagged With: Cryptography, Cyber Crime, DerbyCon, Hacker, Hackers, Hacking, InfoSec, Louisville, Security, TrevorForget

  • « Previous Page
  • Page 1
  • Page 2
  • Page 3
  • Page 4
  • Page 5
  • Page 6
  • Next Page »

Primary Sidebar

InfoSec News Stock Ticker

Ticker Tape by TradingView

Latest Tweets from InfoSec News

Tweets by @InfoSecNews_

Popular Tags

Business Continuity CEH China Citizenfour Code Talkers Crypto Cryptography Cyberattack Cybercrime Cyber Crime CyberCyberCyber cybersecurity Data Breach DDoS DoD EC-Council Edward Snowden Encryption Espionage FBI FISMA Google Hacker Hackers Hacking InfoSec InfoSecNews Intelligence Jay Bavisi Malware Microsoft NSA OPSEC OSINT Passwords PCI PII Security SnowdenWatch SSN USCYBERCOM USMC Wolfking Awesomefox WWII XSS

Upcoming Events

  1. ShmooCon

    January 31, 2020 - February 1, 2020
  2. CypherCon 5.0

    April 2, 2020 - April 3, 2020
  3. THOTCON 0xB

    May 8, 2020 - May 9, 2020
  4. CircleCityCon 7.0

    June 12, 2020 @ 8:00 am - June 14, 2020 @ 3:00 pm CDT

View All Events

RSS PacketStorm Security Advisories

  • Symantec Endpoint Protection Information Disclosure / Privilege Escalation
  • BeeGFS 7.1.3 Privilege Escalation
  • Red Hat Security Advisory 2019-4111-01
  • Red Hat Security Advisory 2019-4107-01
  • Red Hat Security Advisory 2019-4108-01
  • Ubuntu Security Notice USN-4214-1
  • Red Hat Security Advisory 2019-4109-01
  • Red Hat Security Advisory 2019-4110-01
  • Ubuntu Security Notice USN-4213-1
  • Ubuntu Security Notice USN-4212-1

RSS National Vulnerability Database

  • CVE-2019-16772
  • CVE-2019-9464
  • CVE-2019-2220
  • CVE-2019-2231
  • CVE-2019-2223
  • CVE-2019-2232
  • CVE-2019-2222
  • CVE-2019-2225
  • CVE-2019-2224
  • CVE-2019-2227

Archives

  • October 2019
  • September 2019
  • August 2019
  • June 2019
  • April 2019
  • March 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • August 2018
  • July 2018

Copyright © 2019 · InfoSec News · Log in