Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
DNC Leak: US Intel Chief Says It's Too Soon To Attribute Blame
Newest First  |  Oldest First  |  Threaded View
GonzSTL
50%
50%
GonzSTL,
User Rank: Ninja
8/1/2016 | 8:43:24 AM
Re: Coincides with my previous statement
We all know how expensive political campaigns can be. Campaign staff are usually comprised of political folks close to the candidate, and not necessarily looking all all aspects of the campaign, notably their information infrastructure. As with industry, infosec likely takes a back seat in the budgeting process. It is almost laughable to think that the DNC would provide this protection, given their candidate's recent debacle with email confidentiality. One would think that the other party however, would likely offer a bit more protection with their candidate more knowledgeable in business matters where all aspects of infrastructure are considered, and hopefully surrounding himself with not just political staff, but also business folks. I guess time will tell, because as you pointed out, most don't act until they themselves get burned. That is an axiom that makes infosec folks uncomfortable.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
7/31/2016 | 9:29:58 PM
Re: Coincides with my previous statement
Very good point. I would hope the RNC would learn from the event at the DNC less it happen to them in the future. But then again, I've seen first hand that most don't act until they themselves get burnt.
GonzSTL
50%
50%
GonzSTL,
User Rank: Ninja
7/29/2016 | 2:42:37 PM
Re: Coincides with my previous statement
There are really two issues at hand. First, the method and motive - although at some point in time it will be possible to attribute the breach/leak actors and their methods, it will be difficult to pin a motive short of a confession. At best, an educated guess will result. Second, the exposure resulting from the leak. Although it is difficult to have an end justify the means, the more important message gleaned is that a major political party disenfranchised 13 million or so voters. That, coming from the party that claims the other political party disenfranchises voters is certainly disingenuous. It does not end there. Now, there appears to be collusion between a political party and news media. People get their news from the media, but how genuine or trustworthy is that news if it is seriously influenced or even shaped by a political party? Although this is not Nazi Germany with Goebbels at the helm of their propaganda machine ... it does resemble it, just with different actors. Here is a more important question - was it a good or bad thing that the leak occurred, when it sheds light on an organization's activities? If so, how is that different from officials "hacking" into data sources to reveal their contents, in the interest of national security, knowing that the leak was a result of a hack (case in point, FBI and terrorist iPhones)? In these cases, there are blurred lines when attempting to define good and bad.

One thing is certain - the DNC is now a richer target environment because there is now a known trove of "juicy information", so they had better be on their toes. Additionally, the RNC should be increasingly alert because their opponents will be searching for their "juicy information" to counterbalance that which was exposed about the DNC. A digital information war by proxy, as it were.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
7/29/2016 | 1:58:57 PM
Re: Coincides with my previous statement
I agree that another dump of emails will most likely occur soon. As for there not being a motive I would find that difficult to believe in this case. For a cause such as a cyber threat or hack there is normally an effect that the hacker is trying to achieve.
theb0x
100%
0%
theb0x,
User Rank: Ninja
7/29/2016 | 1:43:26 PM
Re: Coincides with my previous statement
There doesn't necessarily have to be a motive. We all know the level of corruption there is within these organizations based on what has been exposed. I am predicting another dump of emails soon. This is just the surface...
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
7/29/2016 | 1:06:17 PM
Coincides with my previous statement
This coincides with a previous statement I made for the quick hit "Russia Likely behind DNC Breach says FBI." (I tried linking the article but the post window would not accept it.)


There haven't been enough parameters defined to assess motive.


More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-4873
PUBLISHED: 2021-01-19
IBM Planning Analytics 2.0 could allow an attacker to obtain sensitive information due to an overly permissive CORS policy. IBM X-Force ID: 190836.
CVE-2020-4881
PUBLISHED: 2021-01-19
IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the lack of server hostname verification for SSL/TLS communication. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID...
CVE-2021-22498
PUBLISHED: 2021-01-19
XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management (Previously known as Quality Center) product. The vulnerability affects versions 12.x, 12.60 Patch 5 and earlier, 15.0.1 Patch 2 and earlier and 15.5. The vulnerability could be exploited to allow an XML Exte...
CVE-2021-25323
PUBLISHED: 2021-01-19
The default setting of MISP 2.4.136 did not enable the requirements (aka require_password_confirmation) to provide the previous password when changing a password.
CVE-2021-25324
PUBLISHED: 2021-01-19
MISP 2.4.136 has Stored XSS in the galaxy cluster view via a cluster name to app/View/GalaxyClusters/view.ctp.