10Fold – Security Never Sleeps – 29

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider:  The US Intelligence director’s email has been hacked by the same person who claims to have hacked the CIA directors email a few months ago. As of today Silk Road is officially gone but the secret sever remains. The pew research center has released a new survey on the privacy gap between consumers and tech vendors. Lastly, a newly released password from the juniper network raises fears of further backdoor eavesdropping fears.

US Intelligence Director’s Personal E-mail, Phone Hacked – Publication: Ars Technica – Reporter name: Sean Gallagher

The same individual or group claiming to be behind a recent breach of the personal e-mail account of CIA Director John Brennan now claims to be behind the hijacking of the accounts of Director of National Intelligence James Clapper. The Office of the Director of National Intelligence confirmed to Motherboard that Clapper was targeted and that the case has been forwarded to law enforcement.


The Silk Road’s Dark-Web Dream Is Dead – Publication: Wired – Reporter name: Andy Greenberg

Not so long ago, the Silk Road was not only a bustling black market for drugs but a living representation of every cryptoanarchist’s dream: a trusted trading ground on the Internet where neither the government’s laws nor the Drug War they’ve spawned could reach. Today, that illicit narco-utopia is long gone, its once-secret server in an evidence storage room and its creator Ross Ulbricht fighting a last ditch appeal to escape life in prison.


New Study Highlights Privacy Gap Between Consumers And Tech Vendors – Publication: Wall Street Journal – Reporter name: Elizabeth Dwoskin

Americans are willing to share sensitive information with businesses in the name of safety and efficiency, a new study found. But they’re less enthusiastic about exchanging personal details in return for better advertising or offers–especially when those details reveal their physical location, researchers said. The Pew Research Center has found in recent years that users of mobile and desktop computers are anxious about online privacy. The nonprofit’s latest study, published on Thursday, aimed to learn whether consumer anxiety waxed or waned in specific scenarios. Conclusion: It does.


Et tu, Fortinet? Hard-coded Password Raises New Backdoor Eavesdropping Fears – Publication: Ars Technica – Reporter name: Dan Goodin

Less than a month after Juniper Network officials disclosed an unauthorized backdoor in the company’s NetScreen line of firewalls, researchers have uncovered highly suspicious code in older software from Juniper competitor Fortinet. The suspicious code contains a challenge-and-response authentication routine for logging into servers with the secure shell (SSH) protocol. Researchers were able to unearth a hard-coded password of “FGTAbc11*xy+Qqz27” (not including the quotation marks) after reviewing this exploit code posted online on Saturday.