Free Republic

The FBI cracked a San Bernardino terrorist’s phone with the help of professional hackers who discovered and brought to the bureau at least one previously unknown software flaw, according to people familiar with the matter. The new information was then used to create a piece of hardware that helped the FBI to crack the iPhone’s four-digit personal identification number without triggering a security feature that would have erased all the data, the individuals said. The researchers, who typically keep a low profile, specialize in hunting for vulnerabilities in software and then in some cases selling them to the U.S. government....

The feds warned that “a group of malicious cyber actors,” whom security experts believe to be the government-sponsored hacking group known as APT6, “have compromised and stolen sensitive information from various government and commercial networks” since at least 2011, according to an FBI alert obtained by Motherboard. The alert, which is also available online, shows that foreign government hackers are still successfully hacking and stealing data from US government’s servers, their activities going unnoticed for years. This comes months after the US government revealed that a group of hackers, widely believed to be working for the Chinese government, had for...

A week ago, the FBI told the State Department to back off of their probe of Hillary Clinton’s use of a private e-mail server and its transmission and retention of classified information, some classified at the highest levels. Now the Department of Justice has gotten the Romanian hacker “Guccifer” extradition, the figure whose exploits first exposed the correspondence between Hillary and Sidney Blumenthal. According to an intelligence source, the timing is not coincidental — and could spell big trouble for Hillary Clinton, reports Fox’s Catherine Herridge and Pamela Browne: The extradition of Romanian hacker “Guccifer” to the U.S. at...

In less than 24 hours, Anonymous will officially launch a cyber-attack on Republican frontrunner Donald Trump. The hacker group declared “total war” on Trump on March 15 with a video posted on its YouTube channel, dubbed #OpTrump. In the video, Anonymous invites hackers and anyone with a computer to shut down the billionaire businessman’s websites, expose his private information, “dismantle his campaign and sabotage his brand” on April 1. “Your inconsistent and hateful campaign has not only shocked the United States of America, you have shocked the entire planet with your appalling actions and ideas. You say what your audience...

"The FBI and NHTSA are warning the general public and manufacturers — of vehicles, vehicle components, and aftermarket devices — to maintain awareness of potential issues and cybersecurity threats related to connected vehicle technologies in modern vehicles," the agencies said in the bulletin. In July 2015, Fiat Chrysler Automobiles NV recalled 1.4 million U.S. vehicles to install software after a magazine report raised concerns about hacking, the first action of its kind for the auto industry. ... "While not all hacking incidents may result in a risk to safety — such as an attacker taking control of a vehicle —...

Bangladesh’s central bank said on Monday its account with the US Federal Reserve Bank of New York had been hacked and money had been stolen from it, but that it had recovered some of the funds. The theft occurred February 5th, but officials are just now making public the size of the theft.Bangladesh Bank said it had traced some of the money to the Philippines and was working with anti-money laundering authorities there.However, the Federal Reserve Bank of New York denied that its payments systems were breached: “To date, there is no evidence of any attempt to penetrate Federal Reserve...

After the GOP Debate ended, Drudge Report opened up its polls to get the consensus on who people think won the 12th Republican Debate. However, it has been reported that the poll was hacked and the numbers on Senator Ted Cruz were just generated by a bot. The complaint was first submitted on Reddit, where a user posted a screenshot photo of the alleged incident. The photo showed a filtered result for users in Delaware. The report allegedly had more than 44,000 users in favor of Ted Cruz, while only 140 users voted for Donald Trump. Overall, 99.65 percent users...

Following one of those auto-refesh dealies, a new banner title now says "THOUSANDS OF MA DEMS QUIT PARTY; BACK TRUMP", but the link resolves as '502 Bad gateway'

Cisco has scrambled to fix a serious vulnerability in its Adaptive Security Appliances and Next-Generation Firewalls products which can be used to remotely take over and reboot the devices. Unauthenticated remote attackers can exploit a bug in the internet key exchange (IKE) version 1 and 2 protocol code running on Cisco ASA software, and trigger a buffer overflow. IKE is used to authenticate connections and to set up secure virtual private networks, landing on the firewalls. Security researchers David Barksdale, Jordan Gruskovnjak and Alex Wheeler said the algorithm for reassembling fragmented IKE payloads "contain a bounds-checking flaw that allows a...

An anonymous hacker has dumped up to 20,000 files of FBI employees online. The files apparently contain no personal information. But they are said to include job titles, employee names, and FBI email addresses. A similar hack resulted in 9,000 DHS employees having their information made available online.

Oracle has released new Java installers to fix a well-known security issue (CVE-2016-0603) that also affects a plethora of other applications, from Web browsers to antivirus products, and from file compressors to home cinema software. The problem is called DLL hijacking (or DLL side-loading) and refers to the fact that malware authors can place DLLs of the same name in specific locations on the target's filesystem and have it inadvertently load the malicious DLL instead of the safe one. DLL hijacking is a very well-known issue This type of attack is very old and has been known to many software...

The FBI’s jurisdiction and its digital presence have intersected in an embarrassing and highly damaging manner. Hackers penetrated networks at the Department of Justice and the Department of Homeland Security, gaining access to employee records at the FBI and other agencies. Hundreds of gigabytes worth of data have been stolen, the hackers claim, and they are using the hack as a protest for the #FreePalestine movement.Motherboard first reported on the hack, and corroborated at least some of the claims: A hacker, who wishes to remain anonymous, plans to dump the apparent names, job titles, email addresses and phone numbers...

One of China's largest web companies suffered a massive hacking attack last year, its owner said Thursday. Hackers managed to gain access to 20.59 million user accounts on Taobao. The attack on China's largest marketplace happened in October last year, where criminals managed to obtain a database of 99 million usernames and passwords for Taobao, according to Reuters. Taobao is the 12th most popular site in the world, and ranks third in China. It has an estimated 265 million registered users, and is China's equivalent of eBay.

The Romanian hacker whose illegal exploits first exposed Hillary Clinton’s use of a non-governmental e-mail system is set to waive extradition later this month so he can face trial in the United States on a nine-count felony indictment. Known as “Guccifer,” hacker Marcel Lehel Lazar, 43, is scheduled for a February 17 extradition hearing in Romania, where he has been jailed since his arrest in January 2014. Lazar is serving a four-year sentence for hacking into the e-mail accounts of several public figures in Romania, including the head of the country’s intelligence service. In a phone interview from a Bucharest...

Congress plans to question about two dozen federal agencies on whether they were using backdoored Juniper network security appliances. In December, Juniper Networks said it had discovered unauthorized code added to ScreenOS, the operating system that runs on its NetScreen network firewalls. The rogue code, which remained undetected for two years or more, could have allowed remote attackers to gain administrative access to vulnerable devices or to decrypt VPN connections. The U.S. House Committee on Oversight and Government Reform wants to determine the impact that this issue had on government organizations and how those organizations responded to the incident. The...

Web hosting provider Linode has reset the account passwords of all its customers following what it suspects was an intrusion on its internal database. The mass credential reset comes just after the cloud firm suffered a sustained DDoS attack beginning on Christmas Day. Linode has issued a security advisory confirming that it still has no idea who is behind the hacks, or whether the same perpetrator is responsible for both incidents. "You may be wondering if the same person or group is behind these malicious acts. We are wondering the same thing.

My PayPal account was hacked on Christmas Eve. The perpetrator tried to further stir up trouble by sending my PayPal funds to a hacker gang tied to the jihadist militant group ISIS. Although the intruder failed to siphon any funds, the successful takeover of the account speaks volumes about why most organizations, including many financial institutions — remain woefully behind the times in authenticating their customers and staying ahead of identity thieves.

LizardSquad copycats are trying to ruin Christmas for gamers Last year, the LizardSquad hacking group managed to ink its name into the history of Internet after taking down the Xbox Live and PlayStation networks during Christmas. With this year's holiday just around the corner, a new group, unoriginally named Phantom Squad, is now threatening to carry out similar attacks as well. If we believe their Twitter timeline, the hackers seem to have launched a DDoS attack against Reddit yesterday, even if nobody noticed its effects. Of course, a behemoth like Reddit is hard to take down in its entirety, but...

Six months ago, the US discovered that China hacked into the records of the Office of Personnel Management, stealing the excruciatingly personal data from everyone employed in the federal government, and everyone granted a security clearance too. At the time, it was called the Pearl Harbor of cyberwarfare, but later it turned out that the hack lasted over a year, not a single Sunday morning. OPM didn’t even have an IT department until the year before the hack began, which is why OPM had outsourced its IT management to a firm based in … China. The true scope of...

The activist hacking group Anonymous has selected Donald Trump as its latest target in the wake of the GOP presidential candidate's proposal to ban Muslims from entering the U.S. "Donald Trump, it has come to our attention that you want to ban all Muslims [from entering] the United States. This policy is going to have a huge impact," a person wearing a Guy Fawkes mask says in a video posted by the group.