US Army website defaced by Syrian Electronic Army

Early today, the official website of the US Army (www.army.mil) was defaced by attackers claiming to be with the Syrian Electronic Army. In addition to a message on the page claiming attribution, the attackers also included a pop-up message to anyone visiting: "Your commanders admit they are training the people they have sent you to die fighting."

Based on screenshots published in the Syrian Electronic Army's Twitter account, it appears the attack gained access to the web page through the Limelight Networks content delivery network. A screenshot shows a Limelight control panel for the account belonging to the US Army Office of Public Affairs.

At the time of publication, the Army main homepage is down, although other Army websites have not been affected. The website of the US Strategic Command—the joint Department of Defense command overseeing space and nuclear forces—is also down, as is the official page for US Cyber Command hosted on its domain—also appeared to be down briefly, though it does not appear to be related.

Read 2 remaining paragraphs | Comments

Patator – Multi-threaded Service & URL Brute Forcing Tool

Patator is an extremely flexible, module, multi-threaded, multi-purpose service & URL brute forcing tool written in Python that can be used in many ways. Basically the author got tired of using Medusa, Hydra, ncrack, metasploit auxiliary modules, nmap NSE scripts and the like because: They either do not work or are not reliable (got me...

Read the full post at darknet.org.uk

Why the “biggest government hack ever” got past the feds

In April, federal authorities detected an ongoing remote attack targeting the United States' Office of Personnel Management (OPM) computer systems. This situation may have gone on for months, possibly even longer, but the White House only made the discovery public last Friday. While the attack was eventually uncovered using the Department of Homeland Security's (DHS) Einstein—the multibillion-dollar intrusion detection and prevention system that stands guard over much of the federal government's Internet traffic—it managed to evade this detection entirely until another OPM breach spurred deeper examination.

While anonymous administration officials have blamed China for the attack (and many in the security community believe that the attack bears the hallmark of Chinese state-sponsored espionage), no direct evidence has been offered. The FBI blamed a previous breach at an OPM contractor the Chinese, and security firm iSight Partners told The Washington Post that this latest attack was linked to the same group that breached health insurer Anthem.

OPM is the human resources department for the civilian agencies of the federal government, so this attack exposed records for over four million current and former government employees at places like the Department of Defense. The breach, which CNN dubbed "the biggest government hack ever," included background and security clearance investigations on employees' families, neighbors, and close associates stored in the Electronic Questionnaires for Investigations Processing (e-QIP) system and other databases. The attack also affected a data center operated by Department of the Interior used by OPM and other agencies as a shared service—the result of data center consolidation ordered by the Obama administration. As a result, even more agencies may have been directly affected.

Read 35 remaining paragraphs | Comments