Vendor Vulnerabilities: Is NSA Obligated to Let them Know?

Cisco’s Cloud Service Platform customers received word of exposures that could severely risk their data’s privacy. In September 2016, Cisco informed their virtual networking clients of the discovery that more than 840,000 devices are open to two serious vulnerabilities. Fortinet customers’ data were also exposed in the theft. These exploits can lead to man in the middle attacks around the globe.

Shadow Brokers 

A group identifying itself as Shadow Brokers allegedly stole exploits from Equation Group, linked to the National Security Agency three years ago. Using a Twitter account, Shadow Brokers recently announced an auction for firewall exploits they claim they found with a hacking tool used by the NSA. The group demanded Bitcoins in exchange for data with codenames such as EPICBANANA, EGREGIOUSBLUNDER, AND EXTRABACON.

EXTRABACON

One of the exploits that targets Cisco ASA, Cisco Firewall Services [...]

Share

Bureaucratic Denial of Service and the OPM Breach

Millions of American citizens received letters over the last two months of 2015, advising them that the US Office of Personnel and Management (OPM) experienced a data breach. Although the US Government realized the breach in June, it took nearly 6 months for the letters’ delivery.  Included in the letter were references to identity theft, as in social security numbers of everyone within the government employee/contractor’s family.  An offer for two years of credit monitoring for all involved softened the blow.

Most experts’ concern centers on the applicants for Top Secret or Special Compartmentalized Information (SCI) sensitive information access, commonly referred to as [...]

Share

Facebook Loses Appeal

An appeals court in New York affectively changed the status of Facebook’s attempt to contest search warrants on behalf of its customers. The social media giant, founded in 2004, lost an appeal in a Manhattan courtroom on Tuesday in a decision highly anticipated by privacy advocates.

Facebook argued that in storing their customers’ photos and files, they have a right to challenge search warrants they deem unnecessary. Since Facebook would have to perform the task of searching for and delivering the information to law enforcement, the company reasoned these are unlike traditional warrants where police search a home, office, or other [...]

Share

Google Buzz

When Google launched its social networking tool, Google Buzz in February 2010, privacy advocates around the world raised concerns regarding its features. Although Google has since made significant changes, the compromises and intrusions of privacy still remain a troubling characteristic of many Web services and online networking [...]

Share