Security News
Thousands of sensitive police department files - including police and FBI reports - were published on Friday by DDoSecrets, a self-proclaimed "Transparency collective" that publishes covert data. DDoSecrets said on Twitter that it contains ten years of data, from over 200 police departments, law enforcement training and support resources and fusion centers, which are state-owned entities that gather public safety data.
Those running VMWare guest machines on Mac will want to update their software to get a security fix for VMware Tools. Earlier this month, Microsoft dropped its usual boatload of Patch Tuesday updates, sans a set for Office for Mac.
A group of hacktivists and transparency advocates has published a massive 269 GB of data allegedly stolen from more than 200 police departments, fusion centers, and other law enforcement agencies across the United States. Dubbed BlueLeaks, the exposed data leaked by the DDoSecrets group contains hundreds of thousands of sensitive documents from the past ten years with official and personal information.
Hundreds of thousands of potentially sensitive files from police departments across the United States were leaked online last week. In a post on Twitter, DDoSecrets said the BlueLeaks archive indexes "Ten years of data from over 200 police departments, fusion centers and other law enforcement training and support resources," and that "Among the hundreds of thousands of documents are police and FBI reports, bulletins, guides and more."
Tech giants love to portray themselves as forces for good and as the United States was gripped by anti-racism protests a number of them publicly disavowed selling controversial facial recognition technology to police forces. The technology has a dark side, with facial recognition integrated into China's massive public surveillance system and its social credit experiment where even minor infractions of public norms can result in sanctions.
Following Friday's fatal police shooting of Rayshard Brooks - a 27-year-old Black man who fell asleep in a fast-food drive-in lane in Atlanta and was shot while running from police who tried to tase him - hackers affiliating themselves with the Anonymous hacktivist collective may have briefly taken down the website for the city's police department. Three days later, Anonymous hackers posted a video that threatened to "Expose the many crimes" of Minneapolis police.
Microsoft is joining Amazon and IBM when it comes to halting the sale of facial recognition technology to police departments. "We will not sell facial recognition tech to police in the U.S. until there is a national law in place We must pursue a national law to govern facial recognition grounded in the protection of human rights," Smith said during a virtual event hosted by the Washington Post.
Personal information of police officers in departments nationwide is being leaked online amid tense interactions at demonstrations across the U.S. over the police custody death of George Floyd and others, according to an unclassified intelligence document from the U.S. Department of Homeland Security, obtained by The Associated Press. Multiple high-ranking police officials in a number of cities, including Washington, Atlanta, Boston and New York have had their personal information shared on social media, including their home addresses, email addresses and phone numbers, the report warns.
Reports emerged earlier this week that the Minneapolis police department had been breached by hacktivist group Anonymous. Security expert Troy Hunt debunked the reports, however.
"Don't spread disinformation and right now, all signs point to just that - the alleged Minneapolis Police Department 'breach' is fake," he wrote, in an analysis posted on Monday, adding that the data is likely not from the MPD at all, but rather a collection of widely available credentials from earlier breaches, and possibly some made-up combinations, that have been assembled into a new database for the purpose of perpetrating this hoax. Passwords like the all-lowercase "Linkedin"; "Le"; PIN-like passwords like "1603"; and the notoriously insecure "Password," "Qwerty" and "123456" are all represented.