#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

US Military | Breaking Cybersecurity News | The Hacker News

25-Year-Old Hacker Pleads Guilty to Hacking U.S. Military Satellite Phone System

25-Year-Old Hacker Pleads Guilty to Hacking U.S. Military Satellite Phone System
Jun 16, 2017
A British computer hacker who allegedly hacked a United States Department of Defense satellite system in 2014 and accessed the personal information of hundreds of military personnel has pleaded guilty on Thursday. Sean Caffrey, a 25-year-old resident of Sutton Coldfield in the West Midlands, has admitted to breaking into a US military communications system in June 2014 and stealing usernames and email addresses of over 800 employees and data from 30,000 satellite phones, the UK's National Crime Agency announced on Thursday. The UK authorities arrested Caffrey in March 2015 after they traced back the hack to his home IP address, which indicates the hacker did not use any anonymity service, such as VPN, proxy or Tor, to hide its track. The NCA officials also discovered that an online messaging account linked to the Pentagon satellite system attack was opened and operated from Caffrey's computer. After a forensic examination of his seized computers, the investigators d

Hack the Pentagon — US Government Challenges Hackers to Break its Security

Hack the Pentagon — US Government Challenges Hackers to Break its Security
Mar 03, 2016
Update: ' Hack The Pentagon ' has opened registration for its pilot bug bounty program of $150,000 for hackers in return for the vulnerabilities they find in its public facing websites. The Defense Department has enlisted the bug bounty startup HackerOne to manage the pilot program. Interested hackers can Register Now to participate in the Bug Bounty program. The United States Department of Defense (DoD) has the plan to boost their internal and network security by announcing what it calls "the first cyber Bug Bounty Program in the history of the federal government," officially inviting hackers to take up the challenge. Dubbed " Hack the Pentagon ," the bug bounty program invites the hackers and security researchers only from the United States to target its networks as well as the public faced websites which are registered under DoD. The bug bounty program will begin in April 2016, and the participants could win money (cash rewards)

SaaS Compliance through the NIST Cybersecurity Framework

SaaS Compliance through the NIST Cybersecurity Framework
Feb 20, 2024Cybersecurity Framework / SaaS Security
The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS.  One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application. It makes it difficult to develop a configuration policy that will apply to an HR app that manages employees, a marketing app that manages content, and an R&D app that manages software versions, all while aligning with NIST compliance standards.  However, there are several settings that can be applied to nearly every app in the SaaS stack. In this article, we'll explore some universal configurations, explain why they are important, and guide you in setting them in a way that improves your SaaS apps' security posture.  Start with Admins Role-based access control (RBAC) is a key to NIST adherence and should be applied to every SaaS a

Chinese Hackers Hacked Into U.S. Defense Contractors 20 Times In Just One Year

Chinese Hackers Hacked Into U.S. Defense Contractors 20 Times In Just One Year
Sep 18, 2014
Chinese hackers associated with the Chinese government have successfully infiltrated the computer systems of U.S. defense contractors working with the government agency responsible for the transportation of military troops and goods across the globe, a Senate investigators have found. The Senate Armed Services Committee has been investigating the issue for the past year and found that the U.S. Military's Transportation Command (TRANSCOM) has been infiltrated at least 20 times in a single year, out of which only two were detected. This is probably the most serious allegation yet against China. The successful intrusions attributed to an "advanced persistent threat," a term used to designate sophisticated threats commonly associated with governments. All of those intrusions were attributed to China, the report stated. The investigation was conducted in the 12 months period from June 2012 to June 2013 based on information provided by the Federal Bureau of Investigat

Are You Vulnerable to Third-Party Breaches Through Interconnected SaaS Apps?

cyber security
websiteWing SecuritySaaS Security / Risk Management
Protect against cascading risks by identifying and mitigating app2app and third-party SaaS vulnerabilities.

CVE-2014-0322: Internet Explorer zero-day exploit targets US Military Intelligence

CVE-2014-0322: Internet Explorer zero-day exploit targets US Military Intelligence
Feb 15, 2014
Hackers are using a zero day vulnerability in Microsoft's Internet Explorer (IE) web browser and targeting US military personnels in an active attack campaign, dubbed as ' Operation Snowman' . FireEye Researchers have discovered that a U.S. veterans website was compromised to serve a zero day exploit, known as CVE-2014-0322 , which typically involves the compromise of a specific website in order to target a group of visitors known to frequent it. FireEye identified drive-by-download attack which has altered HTML code of the website and introduced JavaScript which creates malicious iFrame. " A zero-day exploit (CVE-2014-0322) being served up from the U.S. Veterans of Foreign Wars' website (VFW[.]org). We believe the attack is a strategic Web compromise targeting American military personnel, amid a paralyzing snowstorm at the U.S. " According to FireEye, the zero day CVE-2014-0322 ' vulnerability is a previously unknown use-after-free bug in Microsof

IBM developing Self-Destructing Microchips for US Defense

IBM developing Self-Destructing Microchips for US Defense
Feb 07, 2014
Science Fiction Movies always show the possible direction of the development of technology and gives us the opportunity to think about it. The U.S. Government is also trying to develop such technology that was introduced in movies like Star Trek and TERMINATOR i.e. Self destructing Network of computers, Sensors and other devices. The agency of the United States Department of Defense which is responsible for funding the development of many technologies, Defense Advanced Research Projects Agency (DARPA) has handed over a contract to IBM for creating a microchip that will self-destruct remotely. The project announced a year back, known as Vanishing Programmable Resources ( VAPR ) , which is dedicated to developing a CMOS microchip that self-destructs when it receives a certain frequency of radio signal from military command, in order to fully destroy it and preventing it from being used by the enemy. The U.S. Military uses all kinds of embedded systems and there are obvio

US Military approved iPhones and iPads for military networks

US Military approved iPhones and iPads for military networks
May 18, 2013
The US Department of Defense has cleared Apple's iPhone and iPad for use on its military networks, along with the Samsung Galaxy S4 and BlackBerry 10 devices, the agency said in a statement Friday. The entire DOD is much, much larger, of course, and mobile devices are increasing in importance for the military just as much as they are for we civilians. The report notes that out of more than 600,000 mobile devices used by the Defense Department, only about 41,000 of those are Apple products, with most of those not connected directly to the military's networks. But because these platforms have previously not been certified or cleared for use, such devices had not been connected to secure military networks, except for testing. The move was hardly shocking, but Samsung devices running the Knox security suite and BlackBerry 10 already trickling into the hands of Pentagon employees, the decision sets the stage for a three-way bout for military market supremacy. Offic
Cybersecurity Resources