all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Security Vulnerabilities in Covert CIA Websites

Add to bookmarks
Sept. 30, 2022, 2:19 p.m. | Bruce Schneier

Schneier on Security www.schneier.com

Back in 2018, we learned that covert system of websites that the CIA used for communications was compromised by—at least—China and Iran, and that the blunder caused a bunch of arrests, imprisonments, and executions. We’re now learning that the CIA is still “using an irresponsibly secured system for asset communication.”


Citizen Lab did the research:


Using only a single website, as well as publicly available material such as historical internet scanning results and the Internet Archive’s Wayback Machine, …

cia citizen lab covert cyberespionage espionage operational security security vulnerabilities websites

Visit resource

More from www.schneier.com / Schneier on Security

Using AI-Generated Legislative Amendments as a Delaying Technique 1 day ago | www.schneier.com
adoption a hacker's mind artificial intelligence bill +7
X.com Automatically Changing Link Text but Not URLs 2 days ago | www.schneier.com
brian brian krebs changing com +15
New Lattice Cryptanalytic Technique 3 days ago | www.schneier.com
algorithm algorithms base big +13
Upcoming Speaking Engagements 3 days, 19 hours ago | www.schneier.com
conference current democracy francisco +15
Friday Squid Blogging: The Awfulness of Squid Fishing Boats 5 days, 14 hours ago | www.schneier.com
blog blogging boats can +8
Smuggling Gold by Disguising it as Machine Parts 6 days ago | www.schneier.com
air caught crime disguised +8
Backdoor in XZ Utils That Almost Happened 1 week ago | www.schneier.com
attack attention backdoor backdoors +21
In Memoriam: Ross Anderson, 1956-2024 1 week, 1 day ago | www.schneier.com
acm communications cryptanalysis cryptography +9
US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack 1 week, 1 day ago | www.schneier.com
attack board china chinese +23

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Cybersecurity Engineer

@ Alstom | Charleroi, BE
View on infosec-jobs.com

Member of Compliance, Information Technology

@ Anchorage Digital | United States
View on infosec-jobs.com

Information Security Consultant (GRC) - Cumulus Systems

@ Hitachi | (HIL) DELHI - RHQ
View on infosec-jobs.com

Security Engineer

@ EarnIn | Mexico
View on infosec-jobs.com
View more jobs