Federal agency hit by Chinese hackers, around 4 million employees affected

The Office of Personnel Management, the government agency that manages federal employees, announced Thursday that its network was breached in December 2014, potentially compromising the personal records of approximately 4 million former and current employees.

The Washington Post, citing unnamed government officials, reported that the attack originated from “Chinese hackers,” and was the “second major intrusion of the agency by China in less than a year.”

As the agency wrote in a statement:

Read 1 remaining paragraphs | Comments

Evil Wi-Fi captive portal could fool users into giving up Apple Pay data

Researchers at Wandera, a mobile security company, have alerted Apple to a potential security vulnerability in iOS that could be used by attackers to fool users into giving up their credit card data and personal information. The vulnerability, based on the default behavior of iOS devices with Wi-Fi turned on, could be used to inject a fake "captive portal" page that imitates the Apple Pay interface.

The attack leverages a well-known issue Ars has reported on in the past: iOS devices with Wi-Fi turned on will attempt by default to connect to any access point with a known SSID. Those SSIDs are broadcast by "probe" messages from the device whenever it's not connected to a network.

The Wandera attack uses this behavior to get a mobile device to connect and then presents a pop-up portal page—the type usually used when connecting to a public WiFi service to present a Web-based login screen—that is designed to resemble an Apple Pay screen for entering credit card data. The attack could be launched by someone nearby a customer who has just completed or is conducting an Apple Pay transaction so that the user is fooled into believing Apple Pay itself is requesting that credit card data is reentered. An attacker could loiter near a point-of-sale system with an Apple Pay terminal and continuously launch the attack.

Read 4 remaining paragraphs | Comments

New Snowden documents reveal secret memos expanding spying

Without public notice or debate, the Obama administration has expanded the National Security Agency's warrantless surveillance of Americans' international Internet traffic to search for evidence of malicious computer hacking, according to classified NSA documents.

In mid-2012, Justice Department lawyers wrote two secret memos permitting the spy agency to begin hunting on Internet cables, without a warrant and on American soil, for data linked to computer intrusions originating abroad—including traffic that flows to suspicious Internet addresses or contains malware, the documents show.

The Justice Department allowed the agency to monitor only addresses and "cybersignatures"—patterns associated with computer intrusions—that it could tie to foreign governments. But the documents also note that the NSA sought to target hackers even when it could not establish any links to foreign powers.

Read 26 remaining paragraphs | Comments