America’s most senior intelligence official has his phone, email hacked

 

A member of a hacker group that took responsibility for breaking into the personal email account of the director of the Central Intelligence Agency last year has now hacked the email of the most senior intelligence official in the United States. In October 2015, the hacker group referred to by its members as “Crackas With Attitude” —CWA for short— claimed it was behind the hacking of an AOL personal email account belonging to John Brennan, who heads the CIA. Less than a month later, the CWA assumed responsibility for breaking into an online portal used by US law enforcement to read arrest records and share sensitive information about crimes involving shootings. Shortly after the second CWA hack, the Federal Bureau of Investigation issued an alert to all government employees advising them to change their passwords and be cautious about suspicious emails and other phishing attempts. Continue reading →

Windows 10 spies on emails, images, credit cards, more

Software ‘collecting data on much of what you do’

Americans are still waiting for a resolution to the controversy that erupted when it was discovered that the National Security Agency was spying on everyone’s telephones – lawsuits still are pending and Congress is working on making changes to the law.

Now they’re learning that while the NSA was collecting telephone data, the newest version of the ubiquitous Windows software, version 10, is watching everything that’s on their computer.

“From the moment an account is created, Microsoft begins watching. The company saves customers’ basic information – name, contact details, passwords, demographic data and credit card specifics,” explains a new report from the online Newsweek.

“But it also digs a bit deeper,” the report says.

Continue reading →

OPM Announces More Than 21 Million Affected by Second Data Breach

The federal personnel agency announced Thursday a massive hack.

More than 21 million Social Security numbers were compromised in a breach that affected a database of sensitive information on federal employees held by the Office of Personnel Management, the agency announced Thursday.

That number is in addition to the 4.2 million social security numbers that were compromised in another data breach at OPM that was made public in June.

Of the 21.5 million records that were stolen, 19.7 million belonged to individuals who had undergone background investigation, OPM said. The remaining 1.8 million records belonged to other individuals, mostly applicants’ families.

Continue reading →

NSA Spies Can Hack Any Computer in ‘A Few Mouse Clicks’

NSA documents leaked by Edward Snowden to the Guardian in 2013 described a covert program called XKEYSCORE (XKS) and showed how the US government can see almost everything one does on the internet; the new portion of the classified files published by The Intercept now reveals how easily it can be done: “as easy as typing a few words in Google.”

XKEYSCORE was one of the first covert programs that the Guardian wrote about when Snowden began leaking NSA documents two years ago, in 2013.

Continue reading →

Obama’s cybersecurity adviser: Biometrics will replace passwords for safety’s sake

The days of using a password to access a bank account or cellphone will soon be a thing of the past, President Obama’s top cybersecurity adviser said Thursday.

The risk of getting hacked by criminals has grown so widespread that far more sophisticated identification technology — including biometric scanning devices — will become the norm, said Michael Daniel, the White House’s cybersecurity coordinator.

“You’ve started to see some of that with the emergence of the fingerprint readers,” said Mr. Daniel, adding that the technology will become increasingly mainstream as cellphone cameras, “hard” card readers and other authentication gadgets replace the annoying process for millions of Americans of punching in a password to confirm their identity.

Continue reading →

Five unanswered questions about massive Russian hacker database

 There’s still much that’s unclear about Tuesday’s revelation that a small group of hackers in Russia have amassed a database of 1.2 billion stolen user IDs and passwords. The company that disclosed the incident, Hold Security, didn’t offer any fresh information Wednesday, but here are five questions we’d like to see answered (and a bonus one that we already know the answer to).

…

What are the hackers going to do with them?

The answer to this depends partly on the previous two questions. If they are fresh credentials for important services like online banking, they are ripe to be used to siphon money from online accounts. If they are older or from little-used services, they might be used to send spam by email or post it in online forums. Continue reading →

The White House Wants to Issue You an Online ID

A few years back, the White House had a brilliant idea: Why not create a single, secure online ID that Americans could use to verify their identity across multiple websites, starting with local government services. The New York Times described it at the time as a “driver’s license for the internet.”

Sound convenient? It is. Sound scary? It is.

Next month, a pilot program of the “National Strategy for Trusted Identities in Cyberspace” will begin in government agencies in two US states, to test out whether the pros of a federally verified cyber ID outweigh the cons.

The goal is to put to bed once and for all our current ineffective and tedious system of using passwords for online authentication, which itself was a cure for the even more ineffective and tedious process of walking into a brick-and-mortar building and presenting a human being with two forms of paper identification. Continue reading →