Attacks/Breaches

1/11/2017
10:15 AM
50%
50%

FBI Chief: Russian Hackers Exploited Outdated RNC Server, But Not Trump Campaign

Russian state-sponsored hackers attacked Republican state political campaigns, and compromised an old Republican National Committee (RNC) server, but did not penetrate the "current RNC" or the campaign of president-elect Donald Trump, FBI director James Comey told lawmakers at a Senate hearing Tuesday.

Reuters reports that Comey told lawmakers the FBI "'did not develop any evidence that the Trump campaign, or the current RNC, was successfully hacked.' He did not say whether Russia had tried to hack Trump's campaign."

Russia did not release any information obtained through these compromises of state campaigns or old RNC email domains, Comey said, reports Reuters. 

From the New York Times:

Mr. Comey said Tuesday that there was 'evidence of hacking directed at the state level' and at the R.N.C., 'but that it was old stuff.' He said there was no evidence 'that the current R.N.C.' — he appeared to be referring to servers at the committee's headquarters or contractors with current data — had been hacked.

There is no evidence that computers used by the Trump campaign or the Clinton campaign were also compromised, though the personal email account of John D. Podesta, Hillary Clinton's campaign chairman, was copied and released as part of the Russian-ordered hack.

According to the Times, the "old stuff" to which Comey referred appeared to be a single email server used by the RNC that was soon going out of service and contained outdated material.  

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Joe Stanganelli
100%
0%
Joe Stanganelli,
User Rank: Ninja
1/11/2017 | 11:49:38 AM
Email
This hacking scandal (and others like it) is really making political figures who never used email -- like Donald Rumsfeld and Janet Neapolitano -- look like the genuinely smart ones.
More Than Half of Users Reuse Passwords
Curtis Franklin Jr., Senior Editor at Dark Reading,  5/24/2018
Is Threat Intelligence Garbage?
Chris McDaniels, Chief Information Security Officer of Mosaic451,  5/23/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11487
PUBLISHED: 2018-05-26
PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php.
CVE-2018-11471
PUBLISHED: 2018-05-25
Cockpit 0.5.5 has XSS via a collection, form, or region.
CVE-2018-11472
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has Reflected XSS during Login (i.e., the login parameter to admin/index.php).
CVE-2018-11473
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has XSS in the registration Form (i.e., the login parameter to users/registration).
CVE-2018-11474
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has a Session Management Issue in the Administrations Tab. A password change at admin/index.php?id=users&action=edit&user_id=1 does not invalidate a session that is open in a different browser.