This page looks best with JavaScript enabled

Looking back at June 2015

 ·  β˜• 1 min read

Probably the most interesting of security-related news in June has been an announcement by OPM (Office of Personnel Management of United States), organization which is responsible for HR services and administration of US federal employees, about an attack which exposed records for approximately four million current and past employees. The breach has apparently been active for some time before it was discovered using a special IDS called Einstein. Anonymous US officials attributed the attack to China.
Information about a similar attack in Japan has been made available in June. Personal information about approximately 1.25 million citizens was stolen during the attack. Primary attack vector appears to have been a malicious e-mail attachment.
For owners and users of Apple products might be interesting news about discovery of a vulnerability, which enables attacker to rewrite FW in older (devices shipped before the second half of 2014) Macs. The vulnerability enables the attacker to make changes in BIOS when the device is waking up from sleep (when the FLOCKDN protection which should ensure that some parts of the system are accesible in read-only mode is disabled) which may be used to gain root privileges.

Share on