A Hacker (likely Hacktivist) claims to have breached the Department of Justice’s network, and has dumped FBI and DHS employee records to prove it. If you think he used some advanced attack to crack the government’s systems, you’d be wrong
AT&T’s CEO believes that the company should not offer robust security to its customers: But tech company leaders aren’t all joining the fight against the deliberate weakening of encryption. AT&T CEO Randall Stephenson said this week that AT&T, Apple, and other tech companies shouldn’t have any say in the debate. “I don’t think it is Silicon Valley’s decision to make about whether encryption is the right thing to do,” Stephenson said in an interview with The Wall Street Journal .
As part of a child pornography investigation, the FBI hacked into over 1,300 computers. But after Playpen was seized, it wasn’t immediately closed down, unlike previous dark web sites that have been shuttered” by law enforcement. Instead, the FBI ran Playpen from its own servers in Newington, Virginia, from February 20 to March 4, reads a complaint filed against a defendant in Utah
Both the “going dark” metaphor of FBI Director James Comey and the contrasting “golden age of surveillance” metaphor of privacy law professor Peter Swire focus on the value of data to law enforcement. As framed in the media, encryption debates are about whether law enforcement should have surreptitious access to data, or whether companies should be allowed to provide strong encryption to their customers. It’s a myopic framing that focuses only on one threat — criminals, including domestic terrorists — and the demands of law enforcement and national intelligence.
Last week, the OpenSSL team fixed a vulnerability that could allow attackers to get the key used to encrypt your HTTPS or SSL connections. Watch today’s video to learn a bit more about this vulnerability, the update, and how WatchGuard products are affected. (Episode Runtime: 3:17 ) Direct YouTube Link: https://www.youtube.com/watch?v=I8yBGcTGtqM EPISODE REFERENCES: OpenSSL fixes a serious vulnerability related to DSA – Ars Technica Details on OpenSSL key recovery attack – Blogspot OpenSSL security advisory for update – OpenSSL WatchGuard’s knowledge base article on our exposure [ Requires login ] – WatchGuard — Corey Nachreiner, CISSP ( @SecAdept )
First the NSA, and now GCHQ.
Last month, I warned you that Microsoft planned to End-of-Life all version of Internet Explorer (IE) after January 12, except version 11. This means they will only release security updates for IE11 and the new Edge browser, so if you use Microsoft browsers you need to upgrade to stay safe. However, in today’s video I tell you why you need to upgrade to IE11 (or Edge) even if you don’t plan on using Microsoft’s browsers.