Security News
A former analyst working for the U.S. Central Intelligence Agency (CIA) pleaded guilty to transmitting top secret National Defense Information (NDI) to individuals who did not have the necessary...
The inconsistent and incomplete definitions of essential properties in information security create confusion within the InfoSec community, gaps in security controls, and may elevate the costs of...
Rolling Stone has a long investigative story about a CIA agent who spent years posing as an Islamic radical. Unrelated, but also in the "Real life spies" file: a fake Sudanese diving resort run by Mossad. Tags: al Qaeda, CIA, espionage, undercover.
A former software engineer with the U.S. Central Intelligence Agency (CIA) has been sentenced to 40 years in prison by the Southern District of New York (SDNY) for transmitting classified...
Joshua Schulte, a former CIA employee and software engineer accused of sharing material with WikiLeaks, was sentenced to 40 years in prison by the US Southern District of New York on Thursday. In addition to the prison term, Schulte - who is 35 years old - was sentenced to a lifetime of supervision upon his eventual release.
Last spring, a friend of a friend visited my office and invited me to Langley to speak to Invisible Ink, the CIA's creative writing group. She said that the topic of the talk was entirely up to me.
An ethical hacker has exploited a bug in the way X truncates URLs to take over a CIA Telegram channel used to receive intelligence. Kevin McSheehan, who uses the online handle "Pad," spotted the issue after hovering over the link to the CIA's Telegram channel displayed on its X social media profile.
Uncle Sam has put up a $10 million reward for intel on Hive ransomware criminals' identities and whereabouts, while Russia has blocked the FBI and CIA websites, along with the Rewards for Justice site offering the bounty. The $10 million bonty is part of the US State Department's Rewards for Justice program, and in a Thursday tweet the agency sought tips for Hive members "Acting under the direction or control of a foreign government." The notice also referenced the FBI's Hive website takedown, which the feds announced earlier that day.
Unidentified threat actors have deployed a new backdoor that borrows its features from the U.S. Central Intelligence Agency's Hive multi-platform malware suite, the source code of which was released by WikiLeaks in November 2017. "This is the first time we caught a variant of the CIA Hive attack kit in the wild, and we named it xdr33 based on its embedded Bot-side certificate CN=xdr33," Qihoo Netlab 360's Alex Turing and Hui Wang said in a technical write-up published last week.
Back in 2018, we learned that covert system of websites that the CIA used for communications was compromised by-at least-China and Iran, and that the blunder caused a bunch of arrests, imprisonments, and executions. We're now learning that the CIA is still "Using an irresponsibly secured system for asset communication."