Security News

Former CIA Engineer Sentenced to 40 Years for Leaking Classified Documents
2024-02-02 10:40

A former software engineer with the U.S. Central Intelligence Agency (CIA) has been sentenced to 40 years in prison by the Southern District of New York (SDNY) for transmitting classified...

Wikileaks source and former CIA worker Joshua Schulte sentenced to 40 years jail
2024-02-02 03:58

Joshua Schulte, a former CIA employee and software engineer accused of sharing material with WikiLeaks, was sentenced to 40 years in prison by the US Southern District of New York on Thursday. In addition to the prison term, Schulte - who is 35 years old - was sentenced to a lifetime of supervision upon his eventual release.

Speaking to the CIA’s Creative Writing Group
2024-01-19 12:21

Last spring, a friend of a friend visited my office and invited me to Langley to speak to Invisible Ink, the CIA's creative writing group. She said that the topic of the talk was entirely up to me.

CIA exposed to potential intelligence interception due to X's URL bug
2023-10-18 13:00

An ethical hacker has exploited a bug in the way X truncates URLs to take over a CIA Telegram channel used to receive intelligence. Kevin McSheehan, who uses the online handle "Pad," spotted the issue after hovering over the link to the CIA's Telegram channel displayed on its X social media profile.

Uncle Sam slaps $10m bounty on Hive while Russia ban-hammers FBI, CIA
2023-01-27 23:59

Uncle Sam has put up a $10 million reward for intel on Hive ransomware criminals' identities and whereabouts, while Russia has blocked the FBI and CIA websites, along with the Rewards for Justice site offering the bounty. The $10 million bonty is part of the US State Department's Rewards for Justice program, and in a Thursday tweet the agency sought tips for Hive members "Acting under the direction or control of a foreign government." The notice also referenced the FBI's Hive website takedown, which the feds announced earlier that day.

New Backdoor Created Using Leaked CIA's Hive Malware Discovered in the Wild
2023-01-16 10:09

Unidentified threat actors have deployed a new backdoor that borrows its features from the U.S. Central Intelligence Agency's Hive multi-platform malware suite, the source code of which was released by WikiLeaks in November 2017. "This is the first time we caught a variant of the CIA Hive attack kit in the wild, and we named it xdr33 based on its embedded Bot-side certificate CN=xdr33," Qihoo Netlab 360's Alex Turing and Hui Wang said in a technical write-up published last week.

Security Vulnerabilities in Covert CIA Websites
2022-09-30 14:19

Back in 2018, we learned that covert system of websites that the CIA used for communications was compromised by-at least-China and Iran, and that the blunder caused a bunch of arrests, imprisonments, and executions. We're now learning that the CIA is still "Using an irresponsibly secured system for asset communication."

How CIA betrayed informants with shoddy front websites built for covert comms
2022-09-29 23:03

For almost a decade, the US Central Intelligence Agency communicated with informants abroad using a network of websites with hidden communications capabilities. So poorly were these 885 front websites designed according to security research group Citizen Lab and Reuters, that they betrayed those using them to spy for the CIA. Citing a year-long investigation into the CIA's handling of its informants, Reuters on Thursday reported that Iranian engineer Gholamreza Hosseini had been identified as a spy by Iranian intelligence, thanks to CIA negligence.

CIA accused of illegally spying on Americans visiting Assange in embassy
2022-08-15 19:37

The CIA illegally spied on US citizens while they visited WikiLeaks publisher Julian Assange inside the Ecuadorian embassy in London, a lawsuit filed today has claimed. A legal complaint [PDF], filed in New York City on behalf of four attorneys and journalists, accuses the spy agency of spying on the American citizens without their knowledge or consent in violation of their Fourth Amendment rights while they met Assange at the embassy.

Ex-CIA security boss predicts coming crackdown on spyware
2022-08-11 19:15

Still, Rubrik's new Chief Information Security Officer Michael Mestrovich, who was previously the CISO of the CIA, knows a thing or two about cyber spies and ransomware gangs, and in an interview with The Register, he weighed in on both hot topics. Last month, during a House Intelligence Committee hearing, security researchers and internet rights groups called on Congress to sanction and step up enforcement against surveillanceware makers like NSO Group's Pegasus spyware.