- 247,000 DHS current and former federal employees affected by a privacy incident
- Meltdown and Spectre attacks affect almost any processor, including Intel, ARM, AMD ones
- Android Security Bulletin for January 2018, tech giant fixes multiple Critical flaws
Posted: 04 Jan 2018 09:08 AM PST
A privacy incident suffered by the Department of Homeland Security (DHS) exposed data related to 247,167 current and former federal employees.
A data breach suffered by the Department of Homeland Security exposed data related to 247,167 current and former federal employees that were employed by the Agency in 2014.
The data breach affected a database used by the DHS Office of the Inspector General (OIG) that was stored in the Department of Homeland Security OIG Case Management System.
“On January 3, 2018, select DHS employees received notification letters that they may have been impacted by a privacy incident related to the DHS Office of Inspector General (OIG) Case Management System. The privacy incident did not stem from a cyber-attack by external actors, and the evidence indicates that affected individual's personal information was not the primary target of the unauthorized transfer of data.” reads the announcement published by the DHS.
Exposed data includes employee names, Social Security numbers, birth dates, positions, grades, and duty stations.
The incident also affected a second group of individuals (i.e., subjects, witnesses, and complainants) associated with Department of Homeland Security OIG investigations from 2002 through 2014 (the "Investigative Data").
The data leak was the result of an unauthorized copy of the DHS OIG investigative case management system that was in the possession of a former DHS OIG employee.
The copy was discovered as part of an ongoing criminal investigation being conducted by Department of Homeland Security OIG and the U.S. Attorney's Office
The data breach was discovered on May 10, 2017, as part of an ongoing criminal investigation conducted by OIG and the U.S. Attorney's Office.
The Department of Homeland Security sent notification letters to affected individuals, it is also implementing additional security measured to limit access to such kind of information.
All individuals potentially affected by the incident are being offered 18 months of free credit monitoring and identity protection services.
“Department of Homeland Security is implementing additional security precautions to limit which individuals have access to this information and will better identify unusual access patterns. ” continues the Department of Homeland Security.
"We will continue to review our systems and practices in order to better secure data. DHS OIG has also implemented a number of security precautions to further secure the DHS OIG network,"
(Security Affairs – Department of Homeland Security, data breach)
The post 247,000 DHS current and former federal employees affected by a privacy incident appeared first on Security Affairs.
Posted: 04 Jan 2018 07:15 AM PST
The Meltdown and Spectre attacks could allow attackers to steal sensitive data which is currently processed on the computer.
Almost every modern processor is vulnerable to the 'memory leaking' flaws, this has emerged from technical analysis triggered after the announcement of vulnerabilities in Intel Chips.
White hackers from Google Project Zero have disclosed the vulnerabilities that potentially impact all major CPUs, including the ones manufactured by AMD, ARM, and Intel.
The expert devised two attacks dubbed Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715), which could be conducted to sensitive data processed by the CPU.
Both attacks leverage the “speculative execution” technique used by most modern CPUs to optimize performance.
“A processor can execute past a branch without knowing whether it will be taken or where its target is, therefore executing instructions before it is known whether they should be executed. If this speculation turns out to have been incorrect, the CPU can discard the resulting state without architectural effects and continue execution on the correct execution path. Instructions do not retire before it is known that they are on the correct execution path.” reads the description of ‘speculative execution’ provided by Google hackers.
The experts explained that it is possible for this speculative execution to have side effects which are not restored when the CPU state is unwound and can lead to information disclosure.
The Meltdown Attack
The Meltdown attack could allow attackers to read the entire physical memory of the target machines stealing credentials, personal information, and more.
"Meltdown is a related microarchitectural attack which exploits out-of-order execution in order to leak the target's physical memory." reads the paper on the Spectre attack.
"Meltdown exploits a privilege escalation vulnerability specific to Intel processors, due to which speculatively executed instructions can bypass memory protection."
The Meltdown exploits the speculative execution to breach the isolation between user applications and the operating system, in this way any application can access all system memory.
Almost any computer is currently vulnerable to Meltdown attack.
The Spectre Attack
The Spectre attack is hard to mitigate because it requires changes to processor architecture in order to solve it.
The Spectre attack breaks the isolation between different applications, allowing to leak information from the kernel to user programs, as well as from virtualization hypervisors to guest systems. The Spectre attack works on almost every system, including desktops, laptops, cloud servers, as well as smartphones.
"KAISER patch, which has been widely applied as a mitigation to the Meltdown attack, does not protect against Spectre."
The main vendors have rushed to provide security patches to protect their systems from these attacks.
(Security Affairs – Meltdown and Spectre attacks, CPU)
The post Meltdown and Spectre attacks affect almost any processor, including Intel, ARM, AMD ones appeared first on Security Affairs.
Posted: 04 Jan 2018 01:24 AM PST
Google patched five Critical bugs and 33 High severity flaws as part of the Android Security Bulletin for January 2018.
The tech giant addressed 38 Android security vulnerabilities, 20 as part of the 2018-01-01 security patch level and 18 in the 2018-01-05 security patch level.
The 2018-01-01 security patch level fixed four Critical remote code execution issue and 16 High risk elevation of privilege and denial of service flaws.
The most severe vulnerability in Android runtime, tracked as CVE-2017-13176, could be exploited by a remote attacker to bypass user interaction requirements in order to gain access to additional permissions.
A Critical remote code execution flaw was fixed in System, the company also addressed one High risk denial of service vulnerability and two High severity elevation of privilege vulnerabilities.
The security updates fixed 15 vulnerabilities issues in Media framework, the most severe one could be exploited by an attacker using a specially crafted malicious file to execute arbitrary code within the context of a privileged process.
The 2018-01-05 security patch level addressed just one Critical flaw in the Qualcomm components, it could allow a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.
The 2018-01-05 security patch level also fixed 1 Critical issue and 6 High severity vulnerabilities in Qualcomm closed-source components.
The patch level addressed High risk elevation of privilege flaws in LG components, MediaTek components, Media framework, and NVIDIA components.
The security patch level addressed one information disclosure bug in Kernel components, and three High severity elevation of privilege.
The tech giant also fixed resolved 46 vulnerabilities in Google devices as part of the Pixel / Nexus Security Bulletin—January 2018.
High severity flaws only affected older Android versions, meanwhile, most of the issues were rated Moderate severity.
The affected components included Framework (1 vulnerability), Media framework (16 vulnerabilities), System (1 flaw), Broadcom components (1 issue), HTC components (1 flaw), Kernel components (7 bugs), MediaTek components (1 issue), and Qualcomm components (18 vulnerabilities).
(Security Affairs – Google, Android Security Bulletin)
The post Android Security Bulletin for January 2018, tech giant fixes multiple Critical flaws appeared first on Security Affairs.
|You are subscribed to email updates from Security Affairs. |
To stop receiving these emails, you may unsubscribe now.
|Email delivery powered by Google|
|Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States|