Slashdot security articles

Syndicate content Slashdot: Generated for TarPitt (217247)
News for nerds, stuff that matters: Generated for TarPitt (217247)
Updated: 5 hours 43 min ago

Reality Winner Sentenced To More Than 5 Years For Leaking Info About Russia Hacking Attempts

Thu, 08/23/2018 - 08:08
A former government contractor who pleaded guilty to leaking U.S. secrets about Russia's attempts to hack the 2016 presidential election was sentenced Thursday to five years and three months in prison. From a report: It was the sentence that prosecutors had recommended in the plea deal -- the longest sentence ever given for a federal crime involving leaks to the news media -- for Reality Winner, the Georgia woman at the center of the case. Winner was also sentenced to three years of supervised release and no fine, except for a $100 special assessment fee. The crime carried a maximum penalty of 10 years. U.S. District Court Judge J. Randal Hall in Augusta, Georgia, was not bound to follow the plea deal, but elected to give Winner the amount of time prosecutors requested. Winner, 26, who contracted for the National Security Agency, pleaded guilty in June to copying a classified report that detailed the Russian government's efforts to penetrate a Florida-based voting software supplier. Further reading: How a Few Yellow Dots Burned the Intercept's NSA Leaker.

As PHP 5.6, Still Used By a Large Number of Websites, Approaches Its End of Life Deadline, Some Worry About the Consequences

Thu, 08/23/2018 - 07:20
An anonymous reader writes: I know PHP isn't to some devs liking, but chances are you know people who work with PHP or have sites that are built with it. PHP 5.6 and 7.0 are shortly coming to the end of the support period for security patches, so what plans have you made to migrate code and sites to newer platforms? With apparently huge numbers (80%) of sites still running PHP 5.6, there appears to be little industry acknowledgement of the issue. Is there a ticking PHP Time Bomb waiting to go off?

DNC Says Reported Hack Attempt Was a False Alarm

Thu, 08/23/2018 - 06:00
furry_wookie writes: A suspected attempt to hack into the Democratic National Committee's voter database was actually a cybersecurity test [Editor's note: the originally submitted article might be paywalled; an alternative source], the organization said. The DNC, which was [allegedly] hacked by Russian intelligence officers during the 2016 presidential campaign, said Tuesday it had contacted the Federal Bureau of Investigation after being alerted to an apparent phishing scheme by the computer security firm Lookout Inc., which uncovered a replica of the login page to the DNC's Votebuilder database during an online scan. In a statement early Wednesday, Bob Lord, the DNC's chief information security officer, said the DNC and its partners who reported the site 'now believe it was built by a third party as part of a simulated phishing test.'

Australia Bans Huawei, ZTE From Supplying Technology For Its 5G Network

Thu, 08/23/2018 - 05:00
An anonymous reader quotes a report from TechCrunch: Australia has blocked Huawei and ZTE from providing equipment for its 5G network, which is set to launch commercially next year. In a tweet, Huawei stated that the Australian government told the company that both it and ZTE are banned from supplying 5G technology to the country, despite Huawei's assurances that it does not pose a threat to national security. Earlier today, the Australian government issued new security guidelines for 5G carriers. Although it did not mention Huawei, ZTE or China specifically, it did strongly hint at them by stating "the Government considers that the involvement of vendors who are likely to be subject to extrajudicial directions from foreign government that conflict with Australian law, may risk failure by the carrier to adequately protect a 5G network from unauthorized access or interference." In its new security guidelines, the Australian government stated that differences in the way 5G operates compared to previous network generations introduces new risks to national security. In particular, it noted the diminishing distinctions between the core network, where more sensitive functions like access control and data routing occur, and the edge, or radios that connect customer equipment, like laptops and mobile phones, to the core. Huawei Australia said in a statement: "We have been informed by the Govt that Huawei & ZTE have been banned from providing 5G technology to Australia. This is a extremely disappointing result for consumers. Huawei is a world leader in 5G. Has safely & securely delivered wireless technology in Aust for close to 15 yrs."