TweakTown NewsRefine News by Category:
Louisiana GOP Executive Director Jason Dore confirmed his name was one of millions exposed in the Ashley Madison data dump.
The Republican Party statewide director used his full name and former personal credit card billing address, but claims he was doing a bit of research for his Doré Jeansonne law firm:
"As the state's leading opposition research firm, our law office routinely searches public records, online databases and websites of all types to provide clients with comprehensive reports," Doré told The Times-Picayune. "Our utilization of this site was for standard opposition research. Unfortunately, it ended up being a waste of money and time."
DARPA wants to help develop new solutions to defend against distributed denial of service (DDoS) attacks, with foreign cybercriminals launching large volumes of attacks against US military and government targets.
The Extreme DDoS Defense (XD3) aims to provide a DDoS countermeasure system that is able to identify incoming attacks, and help defend networks. Depending on the attack sophistication, DARPA wants to have a response time of 10 seconds or less - a difficult challenge, but an important one that could be used in the private sector and by the government/military.
"In general, the program aims to thwart DDoS attacks by dispersing cyber assets (physically and/or logically), disguising the characteristics and behaviors of those assets, and mitigating the attacks (especially low-volume attacks) that still penetrate the targeted environment," according to the DARPA Broad Agency announcement, asking for applicants.
Well, it didn't take long before the scam artists and extortionists started taking advantage of the recent Ashley Madison data dump. People with email addresses exposed are receiving shady looking emails that demand payment in exchange for secrecy so their spouses and partners aren't informed.
Here is one email that was shared with Brian Krebs from Krebs on Security:
Unfortunately, your data was leaked in the recent hacking of Ashley Madison and I now have your information..."
Avid Life Media has gone on the offensive following the Ashley Madison data dump, sending takedown notices to social networking websites and file-sharing services.
Stolen data includes data of up to 33 million users, and while removing data from Twitter, Facebook, Reddit, and other sites has been successful, it's going to be nearly impossible to scrub the data dump from the Internet.
The data is out there, and there are plenty of links to anyone looking for a searchable database - yielding everything from names, usernames, email addresses, and sexual preferences - as Avid Life Media tries a desperate effort to fix its PR disaster.
It looks like spouses are calling divorce lawyers after finding potentially unfaithful partners listed as members of Ashley Madison.
A report published by The Times indicates relationship counseling services and divorce lawyers have seen an uptick in phone calls and correspondence from angry spouses. After 33 million members were exposed, it's likely a similar trend is likely to happen in the United States and elsewhere in the world - as more people search the database.
The data dump has created "lots of difficult emotions" for partners finding spouses in the Ashley Madison data dump, said Denise Knowles, a counselor at Relate counseling service, told The Times.
Avid Life Media has suffered a major PR disaster after hackers were able to spend a lengthy amount of time stealing data from the Ashley Madison website. The Impact Team hacker group, reportedly made up of "very" experienced hackers, has collected information from Ashley Madison "over the past few years."
"Bad. Nobody was watching," The Impact Team told Motherboard, when asked about security protocols. "No security. Only thing was segmented network. You could use Pass1234 from the Internet to VPN to root on all servers."
The group also has plenty of other information taken from Avid Life Media, including "300GB of employee emails and docs from internal network. Tens of thousands of Ashley Madison user pictures. Some Ashley Madison user chats and messages. 1/3 of pictures are dick pictures and we won't dump. Not dumping most employee emails either. Maybe other executives."
The feds might have successfully shuttered Silk Road, and locked away the site's founder, but there are plenty of other drug marketplaces available on the dark web. The underground marketplace is absolutely booming, with more than $100 million worth of drugs and other illegal substances sold each year, according to researchers from Carnegie Mellon University researchers.
Even after Silk Road 2 was also busted, the success from both sites revealed the huge business potential. Total sales volume ranges from $100 million to $180 million per year in sales volume, according to CMU computer professor Nicolas Christin.
Researchers found 70 percent of drug dealers sold less than $1,000, with only two percent racking up more than $100,000 in illicit sales. To make things difficult for federal agents and law enforcement, operators of these sites are embracing encryption and other tools to try to stay anonymous online.
It's not a surprise that federal agencies have fully embraced mobile technology like smartphones and tablets, but there is great concern that 40 percent of government employees put sensitive data at risk by ignoring agency policies.
A recent study from mobile security firm Lookout discovered employees rooting, jailbreaking and sideloading applications, while still having direct access to work documents, work email, and other possibly sensitive data. The study also found 49 percent of federal employees don't have any form of anti-malware or anti-virus security solution installed, and employees use unsecured devices while handling sensitive data.
Not that the policies used by government agencies should be followed in the private sector, but gives decision makers guidelines on behaviors that don't work - and how to avoid them.
With news already coming out that the Ashley Madison hack has seen over 700 Australian Government employee email addresses named, sitting alongside members of the White House and US congress and even dirtying the name of Sao Paulo due to the sheer number of accounts within, there is now even more to add to the plate.
This latest update comes in the form of yet another information dump, being twice the size of the last one. Released onto the dark web, this information leak is largely targeted at Noel Biderman, the CEO of Ashley Madison's parent company, Avid Life. Alongside including many of his business emails, this leak is coupled with a statement which reads "Hey Noel, you can admit it's real now."
Measuring around 20GB, this leak is said to be focused mainly on internal operations and information - quite possibly to ensure people take this leak seriously and removing the possibility of Ashley Madison calling it off as a hoax.
The Aussies are in trouble, with the latest Ashley Madison hacking scandal unveiling over 700 Australian Government email address' linked to the affairs website, but it looks like they aren't the only ones. Looking further into the data, The Big Story published an article outlining that members of the White House and US Congress were also involved in the mix.
Including those holding high positions in multiple Government offices (including law enforcement), the hacked and published list includes some powerful titles which The Big Story explained as; "at least two assistant U.S. attorneys; an information technology administrator in the Executive Office of the President; a division chief, an investigator and a trial attorney in the Justice Department; a government hacker at the Homeland Security Department and another DHS employee who indicated he worked on a U.S. counter terrorism response team."
Although you may view it as morally unjust, there will be no legal action taken against these Government employees, sources say. This inaction is due to there being no elected officials involved, nor have these people committed a felony. Further to this information, the names have not been publically posted or confirmed by the US Government.