Free Republic

An anonymous hacker has dumped up to 20,000 files of FBI employees online. The files apparently contain no personal information. But they are said to include job titles, employee names, and FBI email addresses. A similar hack resulted in 9,000 DHS employees having their information made available online.

Oracle has released new Java installers to fix a well-known security issue (CVE-2016-0603) that also affects a plethora of other applications, from Web browsers to antivirus products, and from file compressors to home cinema software. The problem is called DLL hijacking (or DLL side-loading) and refers to the fact that malware authors can place DLLs of the same name in specific locations on the target's filesystem and have it inadvertently load the malicious DLL instead of the safe one. DLL hijacking is a very well-known issue This type of attack is very old and has been known to many software...

The FBI’s jurisdiction and its digital presence have intersected in an embarrassing and highly damaging manner. Hackers penetrated networks at the Department of Justice and the Department of Homeland Security, gaining access to employee records at the FBI and other agencies. Hundreds of gigabytes worth of data have been stolen, the hackers claim, and they are using the hack as a protest for the #FreePalestine movement.Motherboard first reported on the hack, and corroborated at least some of the claims: A hacker, who wishes to remain anonymous, plans to dump the apparent names, job titles, email addresses and phone numbers...

One of China's largest web companies suffered a massive hacking attack last year, its owner said Thursday. Hackers managed to gain access to 20.59 million user accounts on Taobao. The attack on China's largest marketplace happened in October last year, where criminals managed to obtain a database of 99 million usernames and passwords for Taobao, according to Reuters. Taobao is the 12th most popular site in the world, and ranks third in China. It has an estimated 265 million registered users, and is China's equivalent of eBay.

The Romanian hacker whose illegal exploits first exposed Hillary Clinton’s use of a non-governmental e-mail system is set to waive extradition later this month so he can face trial in the United States on a nine-count felony indictment. Known as “Guccifer,” hacker Marcel Lehel Lazar, 43, is scheduled for a February 17 extradition hearing in Romania, where he has been jailed since his arrest in January 2014. Lazar is serving a four-year sentence for hacking into the e-mail accounts of several public figures in Romania, including the head of the country’s intelligence service. In a phone interview from a Bucharest...

Congress plans to question about two dozen federal agencies on whether they were using backdoored Juniper network security appliances. In December, Juniper Networks said it had discovered unauthorized code added to ScreenOS, the operating system that runs on its NetScreen network firewalls. The rogue code, which remained undetected for two years or more, could have allowed remote attackers to gain administrative access to vulnerable devices or to decrypt VPN connections. The U.S. House Committee on Oversight and Government Reform wants to determine the impact that this issue had on government organizations and how those organizations responded to the incident. The...

Web hosting provider Linode has reset the account passwords of all its customers following what it suspects was an intrusion on its internal database. The mass credential reset comes just after the cloud firm suffered a sustained DDoS attack beginning on Christmas Day. Linode has issued a security advisory confirming that it still has no idea who is behind the hacks, or whether the same perpetrator is responsible for both incidents. "You may be wondering if the same person or group is behind these malicious acts. We are wondering the same thing.

My PayPal account was hacked on Christmas Eve. The perpetrator tried to further stir up trouble by sending my PayPal funds to a hacker gang tied to the jihadist militant group ISIS. Although the intruder failed to siphon any funds, the successful takeover of the account speaks volumes about why most organizations, including many financial institutions — remain woefully behind the times in authenticating their customers and staying ahead of identity thieves.

LizardSquad copycats are trying to ruin Christmas for gamers Last year, the LizardSquad hacking group managed to ink its name into the history of Internet after taking down the Xbox Live and PlayStation networks during Christmas. With this year's holiday just around the corner, a new group, unoriginally named Phantom Squad, is now threatening to carry out similar attacks as well. If we believe their Twitter timeline, the hackers seem to have launched a DDoS attack against Reddit yesterday, even if nobody noticed its effects. Of course, a behemoth like Reddit is hard to take down in its entirety, but...

Six months ago, the US discovered that China hacked into the records of the Office of Personnel Management, stealing the excruciatingly personal data from everyone employed in the federal government, and everyone granted a security clearance too. At the time, it was called the Pearl Harbor of cyberwarfare, but later it turned out that the hack lasted over a year, not a single Sunday morning. OPM didn’t even have an IT department until the year before the hack began, which is why OPM had outsourced its IT management to a firm based in … China. The true scope of...

The activist hacking group Anonymous has selected Donald Trump as its latest target in the wake of the GOP presidential candidate's proposal to ban Muslims from entering the U.S. "Donald Trump, it has come to our attention that you want to ban all Muslims [from entering] the United States. This policy is going to have a huge impact," a person wearing a Guy Fawkes mask says in a video posted by the group.

Anonymous, the hacktivist collective that declared "total war" on ISIS after November's terror attacks in Paris, asked its followers to participate in 'ISIS Trolling Day' on Dec. 11, RT reports. In a message on Ghostbin, Anonymous announced "The World against ISIS Project," asking followers to "show your support and help against ISIS by joining us and trolling them." "Do not think you have to be apart of Anonymous, anyone can do this and does not require any special skills," the message adds. The project provides tips on how to troll ISIS online, suggesting participants spread photos of dead ISIS members...

Clare W. Bronfman, an heiress of the Seagram Company business empire, allegedly implanted a "key logger" virus on the computer of her late father, Edgar M. Bronfman Sr., so officials with the NXIVM corporation could secretly monitor his emails, including his exchanges with world leaders and Democratic presidential candidate Hillary Clinton, according to court records. The extraordinary allegations are attributed to Kristen M. Keeffe, who was part of the inner circle that ran NXIVM, a "human development" organization that has been described by one expert as an "extreme cult." The accusations by Keeffe are contained in a transcript of a...

Hillary Rodham Clinton’s email scandal didn’t stop the head of the CIA from using his own personal AOL account to stash work-related documents, according to a stoner high school student who claims to have hacked into them. CIA Director John Brennan’s private account held sensitive files — including his 47-page application for top-secret security clearance — until he recently learned that it had been infiltrated, the hacker told The Post. Other emails stored in Brennan’s non-government account contained the Social Security numbers and personal information of more than a dozen top American intelligence officials, as well as a government letter...

Smart power. So much smart power. I don't know if anyone has ever tapped into this much smart power before. Picture a nerd screeching about "smart power" while the school bullies beat him up and you've got a picture of Obama's awesome smart power foreign policy. America's enemies now make a special point of humiliating him after each fake agreement and deal. Iran tests ballistic missiles and convicts a US reporter right after ratifying the nuke deal. And China makes a point of slapping Obama around right after his latest fake agreement with China. It was heralded as the first...

Global law enforcement agencies have arrested a gang member behind the theft of £20 million ($30.7 million) via a piece of malicious software that records banking details, and are on the hunt for the remaining members. The malware – known as Dridex – is believed to be developed by in eastern Europe and it's able to harvest bank details online in order to steal money from people. Global financial institutions and a variety of different payment systems have been targeted, the U.K.'s National Crime Agency (NCA), one of the authorities involved, said on Tuesday. "Thousands" of Brits have been infected...

Matthew Keys, former deputy social media editor for the Reuters news agency, was convicted Wednesday for his role in a conspiracy to hack Los Angeles Times and Tribune Co. servers. Keys, 28, who also was a web producer for KTXL Fox 40 in Sacramento, a Tribune-owned television station, provided members of the hacker group Anonymous with login information for Tribune servers in 2010. Though Keys faces up to 25 years in prison at his sentencing, U.S. attorney's office spokeswoman Lauren Horwood said prosecutors are "likely" to seek less than five years.

A technology subcontractor that has worked on Hillary Rodham Clinton’s e-mail setup expressed concerns over the summer that the system was inadequately protected and vulnerable to hackers, a company official said Wednesday. But the concerns were rebuffed by the company managing the Clinton account, Platte River Networks, which said it had been instructed by the FBI not to make changes. The FBI has been reviewing the security of the e-mail system. The subcontractor, Datto, which specializes in backing up data, had not been aware that it was handling Clinton e-mails until media reports in August noted Platte River Networks’ involvement...

A private industry IT security firm tells Fox News that personal data stolen over the span of several high-profile U.S. cyber breaches is being indexed by China's intelligence service into a massive Facebook-like network. According to CrowdStrike founder Dmitri Alperovitch, Chinese hackers are using information gained from the breaches of the U.S. Office of Personnel Management, as well as intrusions into the Anthem and CareFirst BlueCross BlueShield health insurance networks, to build a complete profile of federal employees in what the company calls a "Facebook of Everything." "That can now be used to embarrass you publicly and force you to...

Two reports on Thursday should send alarm bells clanging to beef up the government's cybersecurity. Whether anyone in the Obama administration will hear them is another question.