Team GhostShell hacking group back with a bang

Hackers claim to have hacked a growing list of websites, compromising credentials and other sensitive user information.

続きを読む

Hackers claim to have hacked a growing list of websites, compromising credentials and other sensitive user information.

続きを読む

WATOBO – The Web Application Security Auditing Toolbox

WATOBO – The Web Application Security Auditing Toolbox – is intended to enable security professionals to perform highly efficient (semi-automated ) web application security audits. It is capable of passive as well as active scanning and this latest is its real value added. It enables to automatize the discovery of common…

Read the full post at darknet.org.uk

WATOBO – The Web Application Security Auditing Toolbox – is intended to enable security professionals to perform highly efficient (semi-automated ) web application security audits. It is capable of passive as well as active scanning and this latest is its real value added. It enables to automatize the discovery of common...

Read the full post at darknet.org.uk

OPM shuts down background investigation portal because of vulnerability

Shutdown is “proactive, temporary”; agency claims flaw not involved in breach.

The Office of Personnel Management has suspended operation of the Electronic Questionnaires for Investigations Processing (E-QIP) system, the web gateway used to submit materials for background investigations. The agency announced the move today, citing the discovery of a vulnerability in the portal during an ongoing review of the agency's security. "As a result, OPM has temporarily taken the E-QIP system offline for security enhancements," an agency spokesperson said in an official statement to press.

The flaw in E-QIP is reportedly not related to the massive breach of the OPM's systems, which may have exposed up to 18 million individuals' personal information. That information includes everything from social security number and date of birth to records of clearance adjudications, proceedings in which officials discuss reasons why an individual's security clearance may have been removed.

In some cases, adjudication data could include information about financial difficulties, sex lives, substance abuse, and other failings that could be used to potentially blackmail a person or otherwise coerce them into potentially giving up classified information.

Read 2 remaining paragraphs | Comments

Iraqi government shut down Internet to… prevent exam cheating?

Service was cut at beginning of sixth graders’ high-stakes national exams.

A year after Iraqi officials ordered the shutdown of Internet access in nearly a quarter of the country to limit the ability of ISIS to communicate, the government ordered a complete shutdown of Internet service in the country for three hours on Saturday, June 27. A shorter interruption followed today. At least one of these outages was apparently intended to block a different sort of message traffic: the sharing of answers for national exams for entry into junior high school.

The outage began at 5:00am in Iraq and lasted until 8:00am, based on data from Dyn Research. According to the Egypt-based Arabic news service El Hadas, the outage corresponded to "the start of the sixth ministerial preparatory exams"—the national tests for entry into junior high school. In Iraq, education is only required for all students up to the sixth-grade level; those who fail to score well enough on exams at the end of the sixth year generally don't continue their education.

With that kind of high-pressure testing, the motivation for cheating is high as well—so high that the government decided to shut down Internet access to prevent parents or others from remotely assisting students during the exams. It's not clear whether the brief outage today (which lasted about an hour, starting at 5:00am again) was also connected to testing.

Read on Ars Technica | Comments