Free Republic

A researcher is advising drivers to halt the use of a mobile app for General Motors Co's (GM.N) OnStar vehicle communications system, saying hackers can exploit a security flaw in the product to remotely unlock cars and start engines. "White-hat" hacker Samy Kamkar posted a video on Thursday saying he had figured out a way to "locate, unlock and remote-start" vehicles by intercepting communications between the OnStar RemoteLink mobile app and the OnStar service. Kamkar said he plans to provide technical details on the hack next week in Las Vegas at the Def Con conference, where tens of thousands of...

Are modern computer-heavy vehicles vulnerable to being hijacked by computer hackers? They are indeed, as computer security hasn't kept pace with what hackers can do.

Hackers took control of a car and crashed it into a ditch by remotely breaking into its systems from 10 miles away whilst sitting on their sofa. In the first such breach of its kind security experts cut out the engine and applied the brakes on the Jeep Cherokee, sending it into a spin. The US hackers said they used just a laptop and mobile phone to access the Jeep’s on-board systems via its wireless Internet connection. They claim that more than 470,000 cars made by Fiat Chrysler could be at risk of being attacked by similar means - including...

Hackers have stolen and leaked the personal details of users of Ashley Madison – a site that hooks up people who want to have affairs. A group or individual known as The Impact Team claimed to be behind the attack and that it had data on all of Ashley Madison's 37 million users and its partner sites, Cougar Life and Established Men, all owned by Canada's Avid Life Media (ALM). The Impact Team claims to have access to the company's user database and is threatening to release all of the information unless the site is taken down. So far the...

Hackers are threatening to expose information on over 30 million users of AshleyMadison.com, a website for cheating spouses famous for its tagline “Life is short. Have an Affair.” A group of hackers called The Impact Team reportedly has posted some data already and is demanding that parent company Avid Life Media shut down AshleyMadison and a sister site, EstablishedMen.com, according to Krebs On Security, a blog run by former Washington Post reporter Brian Krebs. The Toronto-based Avid Life Media said Monday it closed the breach in its computer system and was working with law enforcement. How the hackers got in,...

Contractors in Argentina and China were given "direct access to every row of data in every database" when they were hired by the Office of Personnel Management (OPM) to manage the personnel records of more than 14 million federal employees, a federal consultant told ArsTechnica. The massive breach of OPM's database — made public by the Obama administration this month — prompted speculation over why the agency hadn't encrypted its systems, which contain the sensitive security clearance and background information for intelligence and military personnel. Encryption, however, according to Ars, would not have helped in this case because administrators responsible...

The Office of Personnel Management is under fire again today after it was revealed hackers, allegedly Chinese, stole 21 million social security numbers during a massive data breach discovered last month (which officials originally said only impacted 4 million people). The social security numbers belong to Americans who have, or who currently are, working for the federal government. This new information comes on the heels of news hackers were able to obtain extremely sensitive information, including classified background check information that can be used for blackmail, belonging to tens of millions of government employees. More bad news: Here’s the kicker:...

<p>Hackers swiped Social Security numbers from 21.5 million people -- as well as fingerprint records and information from background check investigations -- in the massive breach earlier this year of federal employee data, the government acknowledged Thursday.</p> <p>The Office of Personnel Management included the findings in a report Thursday on developments in the investigation into a pair of major hacks.</p>

Just when you thought you were safe, a new hacking toy comes along and rocks your world. Imagine a tool exists that lets hackers pluck encryption keys from your laptop right out of the air. You can’t stop it by connecting to protected Wi-Fi networks or even disabling Wi-Fi completely. Turning off Bluetooth also won’t help you protect yourself. Why? Because the tiny device that can easily be hidden in an object or taped to the underside of a table doesn’t use conventional communications to pull off capers. Instead it reads radio waves emitted by your computer’s processor, and there’s...

German-owned Patriot missiles stationed in Turkey were briefly taken over by hackers, according to media reports on Tuesday.The attack took place on anti-aircraft ‘Patriot’ missiles on the Syrian border. The American-made weapons had been stationed there by the Bundeswehr (German army) to protect Nato ally Turkey. According to the civil service magazine, the missile system carried out “unexplained” orders. It was not immediately clear when these orders were carried out and what they were. The magazine speculates about two weak spots in the missile system which could be exploited by hackers. One such weakness is the Sensor-Shooter-Interoperability (SSI) which exchanges...

Major attacks on the U.S. power grid system are “increasing,” with hackers stepping up efforts to penetrate critical systems and to implant malicious software that could compromise the power grid and result in a nationwide crisis, according to a government report. While experts have long signaled that the U.S. power grid and related systems are vulnerable to physical attacks by terrorists and other individuals, the U.S. government is now warning that sensitive computer systems that maintain the grid are increasingly being attacked, according to a Congressional Research Service (CRS) report that was not made public until the Federation of American...

The National Archives and Records Administration recently detected unauthorized activity on three desktops indicative of the same hack that extracted sensitive details on millions of current and former federal employees, government officials said Monday. The revelation suggests the breadth of one of the most damaging cyber assaults known is wider than officials have disclosed. The National Archives' own intrusion-prevention technology successfully spotted the so-called indicators of compromise during a scan this spring, said a source involved in the investigation, who was not authorized to speak publicly about the incident. The discovery was made soon after the Department of Homeland Security's...

Link only due to copyright issues: http://arstechnica.com/security/2015/06/encryption-would-not-have-helped-at-opm-says-dhs-official/

As government officials answered questions about the recent Office of Personnel Management data breach, former and current congressional staffers processed the notices they are receiving from the agency that they, too, were affected by the breach. Rep. Gerald E. Connolly, D-Va., told CQ Roll Call Tuesday that his press secretary, George Burke, who has never worked for the executive branch, received a notice from the OPM saying his personal identifiable information may have been compromised. Connolly said he spoke with someone in the office of the House Chief Administrative Officer, and it appeared that congressional staffers who had a break...

Cybersecurity firm Kaspersky Lab announced that it has detected an intrusion into its own systems, and you'll never believe who the company thinks is behind it. CEO Eugene Kaspersky claims a nation-state hacked into his company's network in order to steal information about its technologies. The unidentified hackers exploited security flaws in Microsoft Software Installer files to infect Kaspersky's network with malware. Kaspersky is referring to the malware as "Duqu 2.0", because it appears to be tied to the same cybercriminals that used Duqu malware to attack Iran, India, France and Ukraine a few years ago. Back then, the hackers...

A hacker attack on the Bundestag (German parliament) earlier in 2015 means that an entirely new network will have to be built after experts failed to fix the breach. The Federal Office of Information Technology Security (BSI) decided that it could no longer defend against the attack and had to give up, broadcasters NDR and WDR and the Süddeutsche Zeitung reported on Thursday. Der Spiegel reported on Wednesday evening that data was still flowing out of the parliament to unknown recipients, and that rebuilding the network using completely new hardware would take months and cost millions. …

A hack announced last week affected all current and retired federal employees, and hackers got their hands on much more personal information than previously announced, the American Federation of Government Employees said Thursday.A December breach of government systems containing personal information of millions of federal employees was worse than originally thought. A union of federal workers said Thursday that the attack, announced last week, had stolen confidential information of every single federal employee, past or present -- far more than was previously revealed. The government disputes those claims. It's the latest in a spree of damaging hacks against the government,...

Hackers stole personnel data and Social Security numbers for every federal employee, a government worker union said Thursday, charging that the cyberattack on U.S. employee data is far worse than the Obama administration has acknowledged. Sen. Harry Reid, the Democratic leader, said on the Senate floor that the December hack into Office of Personnel Management data was carried out by "the Chinese."

Those of us who have had security clearances in the past endured plenty of lectures on the need to secure sensitive material. The Office of Personnel Management in the Obama administration apparently needed to listen a little more carefully. A hack by China’s intelligence service not only exposed four million current federal employees, but also thirty years of data from security clearances, with the most personally sensitive information possible now exposed to foreign spies:(VIDEO-AT-LINK) Data stolen from U.S. government computers by suspected Chinese hackers included security clearance information and background checks dating back three decades, U.S. officials said on Friday,...

Chinese hackers breached the computer system of the Office of Personnel Management in December, officials said Thursday, and the agency will notify some 4 million current and former federal employees that their personal data may have been compromised. The hack was the second major intrusion of the agency by China in less than a year. OPM, using new tools, discovered the breach in April, said officials at the agency who declined to comment on who was behind the hack. Other U.S. officials, who spoke on conditions of anonymity because it is an ongoing investigation, identified the hackers as being from...