Homeland Security | Breaking Cybersecurity News | The Hacker News

WikiLeaks' main website became inaccessible on Friday via its WikiLeaks.org domain after EveryDNS.net, a subsidiary of Dynamic Network Services, terminated its domain name service. EveryDNS.net terminated the WikiLeaks.org domain due to repeated Distributed Denial of Service (DDOS) attacks. These attacks threatened the stability of EveryDNS.net's infrastructure, which supports nearly 500,000 other websites. This information was stated on EveryDNS.net's website. EveryDNS.net notified WikiLeaks via email, Twitter, and the chat function on the WikiLeaks.org website that its domain name service would be terminated within 24 hours. This period ended on Dec. 2 at 10 p.m. Eastern Standard Time in the U.S. EveryDNS.net remarked, "Any downtime of the Wikileaks.org website has resulted from its failure to use another hosted DNS service provider." In response, WikiLeaks tweeted, "WikiLeaks.org domain killed by U.S. EveryDNS.net after claimed mass attacks," urging su...

It will take several more years for the government to fully install high-tech systems to block computer intrusions. This prolonged timeline enables criminals to become more adept at stealing sensitive data, experts say. As the Department of Homeland Security (DHS) methodically works to secure the approximately 2,400 network connections used daily by millions of federal workers, experts suggest that technology may already be outpacing them. The DHS, responsible for securing non-military government systems, is gradually moving all government Internet and e-mail traffic into secure networks. These networks will eventually be protected by intrusion detection and prevention programs. However, progress has been slow. Officials are trying to finalize complex contracts with network vendors, resolve technology issues, and address privacy concerns related to monitoring employees and public citizens. The recent WikiLeaks release of over a quarter-million sensitive diplomatic documents highligh...

Organizations now use an average of 112 SaaS applications —a number that keeps growing. In a 2024 study, 49% of 644 respondents who frequently used Microsoft 365 believed that they had less than 10 apps connected to the platform, despite the fact that aggregated data indicated over 1,000+ Microsoft 365 SaaS-to-SaaS connections on average per deployment. And that's just one major SaaS provider. Imagine other unforeseen critical security risks: Each SaaS app has unique security configurations —making misconfigurations a top risk. Business-critical apps (CRM, finance, and collaboration tools) store vast amounts of sensitive data, making them prime targets for attackers. Shadow IT and third-party integrations introduce hidden vulnerabilities that often go unnoticed. Large and small third-party AI service providers (e.g. audio/video transcription service) may not comply with legal and regulatory requirements, or properly test and review code. Major SaaS providers also have thous...

The Obama administration has revised federal policy, enabling the military to assist during a domestic cyber-attack, reported the New York Times on Oct. 21. Typically, the military cannot deploy units within the country's borders, except for natural disasters, and even then, a presidential order is required. However, under a new agreement between the Department of Defense and the Department of Homeland Security, military cyber experts can now be called upon if critical computer networks in the United States are attacked. Robert J. Butler, the Pentagon's deputy assistant secretary for cyber policy, told the Times that this policy change will allow agencies to focus on how to respond to such attacks more effectively. The two agencies "will help each other in more tangible ways than they have in the past," Butler stated in an article in Defense News, an Army Times publication. He added that closer collaboration will provide "an opportunity to explore new ways for ...