ROOM ZKE
USAComment.com
Zicutake USA Comment | Search Articles



#History (Education) #Satellite report #Arkansas #Tech #Poker #Language and Life #Critics Cinema #Scientific #Hollywood #Future #Conspiracy #Curiosity #Washington
 Smiley face
PROXY LIST

[Calculate SHA256 hash]
 Smiley face
Zicutake BROWSER
 Smiley face Encryption Text and HTML
Aspect Ratio Calculator
[HTML color codes]
 Smiley face Conversion to JavaScript
[download YouTube videos in MP4, FLV, 3GP, and many more formats]

 Smiley face Mining Satoshi | Payment speed
CALCULATOR DIMENSIONS AND RECTANGLE

 Smiley face
CREATE ADDRESS BITCOIN
Online BitTorrent Magnet Link Generator
[PERCENTAGE CALCULATOR]
JOURNAL WORLD:

SEARCH +8 MILLIONS OF LINKS ZICUTAKE STATE

#Security

#Security


247,000 DHS current and former federal employees affected by a privacy incident

Posted: 04 Jan 2018 09:08 AM PST

A privacy incident suffered by the Department of Homeland Security (DHS) exposed data related to 247,167 current and former federal employees.

A data breach suffered by the Department of Homeland Security exposed data related to 247,167 current and former federal employees that were employed by the Agency in 2014.

The data breach affected a database used by the DHS Office of the Inspector General (OIG) that was stored in the Department of Homeland Security OIG Case Management System.

“On January 3, 2018, select DHS employees received notification letters that they may have been impacted by a privacy incident related to the DHS Office of Inspector General (OIG) Case Management System.  The privacy incident did not stem from a cyber-attack by external actors, and the evidence indicates that affected individual's personal information was not the primary target of the unauthorized transfer of data.” reads the announcement published by the DHS.

Exposed data includes employee names, Social Security numbers, birth dates, positions, grades, and duty stations.

The incident also affected a second group of individuals (i.e., subjects, witnesses, and complainants) associated with Department of Homeland Security OIG investigations from 2002 through 2014 (the "Investigative Data").

The data leak was the result of an unauthorized copy of the DHS OIG investigative case management system that was in the possession of a former DHS OIG employee.

The copy was discovered as part of an ongoing criminal investigation being conducted by Department of Homeland Security OIG and the U.S. Attorney's Office

The data breach was discovered on May 10, 2017, as part of an ongoing criminal investigation conducted by OIG and the U.S. Attorney's Office.

The Department of Homeland Security sent notification letters to affected individuals, it is also implementing additional security measured to limit access to such kind of information.

All individuals potentially affected by the incident are being offered 18 months of free credit monitoring and identity protection services.

“Department of Homeland Security is implementing additional security precautions to limit which individuals have access to this information and will better identify unusual access patterns. ” continues the Department of Homeland Security.

"We will continue to review our systems and practices in order to better secure data. DHS OIG has also implemented a number of security precautions to further secure the DHS OIG network," 

Pierluigi Paganini

(Security Affairs – Department of Homeland Security, data breach)

The post 247,000 DHS current and former federal employees affected by a privacy incident appeared first on Security Affairs.

Meltdown and Spectre attacks affect almost any processor, including Intel, ARM, AMD ones

Posted: 04 Jan 2018 07:15 AM PST

The Meltdown and Spectre attacks could allow attackers to steal sensitive data which is currently processed on the computer.

Almost every modern processor is vulnerable to the 'memory leaking' flaws, this has emerged from technical analysis triggered after the announcement of vulnerabilities in Intel Chips.

White hackers from Google Project Zero have disclosed the vulnerabilities that potentially impact all major CPUs, including the ones manufactured by AMD, ARM, and Intel.

The expert devised two attacks dubbed Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715), which could be conducted to sensitive data processed by the CPU.

Both attacks leverage the “speculative execution” technique used by most modern CPUs to optimize performance.

“A processor can execute past a branch without knowing whether it will be taken or where its target is, therefore executing instructions before it is known whether they should be executed. If this speculation turns out to have been incorrect, the CPU can discard the resulting state without architectural effects and continue execution on the correct execution path. Instructions do not retire before it is known that they are on the correct execution path.” reads the description of ‘speculative execution’ provided by Google hackers.

The experts explained that it is possible for this speculative execution to have side effects which are not restored when the CPU state is unwound and can lead to information disclosure.

intel chip

The Meltdown Attack

The Meltdown attack could allow attackers to read the entire physical memory of the target machines stealing credentials, personal information, and more.

"Meltdown is a related microarchitectural attack which exploits out-of-order execution in order to leak the target's physical memory." reads the paper on the Spectre attack.

"Meltdown exploits a privilege escalation vulnerability specific to Intel processors, due to which speculatively executed instructions can bypass memory protection."

The Meltdown exploits the speculative execution to breach the isolation between user applications and the operating system, in this way any application can access all system memory.

Almost any computer is currently vulnerable to Meltdown attack.

The Spectre Attack

The Spectre attack allows user-mode applications to extract information from other processes running on the same system. It can also be exploited to extract information from its own process via code, for example, a malicious JavaScript can be used to extract login cookies for other sites from the browser’s memory.

The Spectre attack is hard to mitigate because it requires changes to processor architecture in order to solve it.

The Spectre attack breaks the isolation between different applications, allowing to leak information from the kernel to user programs, as well as from virtualization hypervisors to guest systems. The Spectre attack works on almost every system, including desktops, laptops, cloud servers, as well as smartphones.

"In addition to violating process isolation boundaries using native code, Spectre attacks can also be used to violate browser sandboxing, by mounting them via portable JavaScript code. We wrote a JavaScript program that successfully reads data from the address space of the browser process running it." continues the paper.

"KAISER patch, which has been widely applied as a mitigation to the Meltdown attack, does not protect against Spectre."

The main vendors have rushed to provide security patches to protect their systems from these attacks.

  • Windows — Microsoft has issued an out-of-band patch update for Windows 10, the other versions will be fixed with the next Patch Tuesday planned for January 9, 2018
  • MacOS — Apple fixed most of these security holes in macOS High Sierra 10.13.2 last month.
  • Linux — Linux kernel developers have also released patches by implementing kernel page-table isolation (KPTI) to isolate kernel memory.
  • Android — Google has released security patches for Pixel/Nexus users as part of the Android January security patch update.

 

Pierluigi Paganini

(Security Affairs – Meltdown and Spectre attacks, CPU)

The post Meltdown and Spectre attacks affect almost any processor, including Intel, ARM, AMD ones appeared first on Security Affairs.

Android Security Bulletin for January 2018, tech giant fixes multiple Critical flaws

Posted: 04 Jan 2018 01:24 AM PST

Google patched five Critical bugs and 33 High severity flaws as part of the Android Security Bulletin for January 2018.

The tech giant addressed 38 Android security vulnerabilities, 20 as part of the 2018-01-01 security patch level and 18 in the 2018-01-05 security patch level.

The 2018-01-01 security patch level fixed four Critical remote code execution issue and 16 High risk elevation of privilege and denial of service flaws.

The most severe vulnerability in Android runtime, tracked as CVE-2017-13176, could be exploited by a remote attacker to bypass user interaction requirements in order to gain access to additional permissions.

A Critical remote code execution flaw was fixed in System, the company also addressed one High risk denial of service vulnerability and two High severity elevation of privilege vulnerabilities.

The security updates fixed 15 vulnerabilities issues in Media framework, the most severe one could be exploited by an attacker using a specially crafted malicious file to execute arbitrary code within the context of a privileged process.

The 2018-01-05 security patch level addressed just one Critical flaw in the Qualcomm components, it could allow a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.

The 2018-01-05 security patch level also fixed 1 Critical issue and 6 High severity vulnerabilities in Qualcomm closed-source components.

The patch level addressed High risk elevation of privilege flaws in LG components, MediaTek components, Media framework, and NVIDIA components.

The security patch level addressed one information disclosure bug in Kernel components, and three High severity elevation of privilege.

Android Security Bulletin

The tech giant also fixed resolved 46 vulnerabilities in Google devices as part of the Pixel / Nexus Security Bulletin—January 2018.

High severity flaws only affected older Android versions, meanwhile, most of the issues were rated Moderate severity.

The affected components included Framework (1 vulnerability), Media framework (16 vulnerabilities), System (1 flaw), Broadcom components (1 issue), HTC components (1 flaw), Kernel components (7 bugs), MediaTek components (1 issue), and Qualcomm components (18 vulnerabilities).

Pierluigi Paganini 

(Security Affairs – Google, Android Security Bulletin)

The post Android Security Bulletin for January 2018, tech giant fixes multiple Critical flaws appeared first on Security Affairs.