NIST Site Search
Search NIST.GOV
Custom Search
[Official NIST.GOV TIME]
Product Research

Advertise on this site
Extreme Islamic Group Takes Government Website Off-Line for Past 2 Weeks
Score one for the extremists. FEB.GOV was hacked and defaced by an Islamic hacker group on August 2nd and has been off-line ever since.No Longer Supported
It is hard to know what to say about this. Lets start with the facts. On August 2nd FEB.GOV was hacked and defaced. FEB.GOV lists at least 20 sites under it for various offices and regions of the Federal Executive Board.

You can view a screen shot of the hacked page at Sunbelt Software's blog. The real FEB.GOV site, and all sites hosted under it, have been down since August 2nd.

This U.S. Government office lists the following mission:
The Federal Executive Boards (FEB’s) were established in 1961 by a Presidential Directive to improve coordination among Federal activities and programs outside Washington. The need for effective coordination among the field activities of Federal departments and agencies was then, and is still, very clear.

They do such things as coordinate the avian flu response, coordinate government agency evacuation and continuity of operation plans, coordinate cross-agency employee training, announce snow and weather related office closures, coordinate emergency crisis and terrorist response, etc. You can find cached copies of their website at Alexa.com and some at Google. Their website may not be critical to national security but it is important never the less. It is also embarrassing to have a Federal government website(s) down for two weeks because because of a hacker attack. Wipe, reload, mitigate for whatever vulnerability was exploited, and get on with it. This was a public facing web server so there should have been no sensitive information there to compromise. Being down for this long leads people to think there is a cover-up and/or great incompetence. Right now we're showing the extremists / hackers that they're winning.

FEB.GOV is hosted by the Office of Personnel Management (OPM). As the old adage goes "the most secure computer is one that isn't connected to any network, is unplugged, and stored in a vault deep under ground". OPM must be taking this literally as the FEB has been off-line for two weeks now!



UPDATE 25 August 2006: The FEB.GOV site is back in operation.

Share or Boookmark this Article Using:
No Longer Supported




Google
WebNIST.org
NIST.govSecurityFocus.com





Posted by NIST.org on Tuesday 15 August 2006 - 20:51:15 | |printer friendly
Translate to: {GOOGLETRANS}
Google Ads




Headlines

»CVE-2012-3425 (debian_linux, libpng, opensuse, ubuntu_linux)
The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before 1.0.58, 1.2.x before 1.2.48, 1. ...
»CVE-2012-3509 (binutils, debian_linux, libiberty, ubuntu_linux)
Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc ...
»CVE-2012-5201 (intelligent_management_center, intelligent_management_center_for_automated_network_manager)
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Cente ...
»CVE-2012-5202 (intelligent_management_center, intelligent_management_center_for_automated_network_manager)
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Cente ...
»CVE-2012-5203 (intelligent_management_center, intelligent_management_center_for_automated_network_manager)
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Cente ...
»CVE-2012-5204 (intelligent_management_center, intelligent_management_center_for_automated_network_manager)
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Cente ...
»CVE-2012-5205 (intelligent_management_center, intelligent_management_center_for_automated_network_manager)
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Cente ...
»CVE-2012-5206 (intelligent_management_center, intelligent_management_center_for_automated_network_manager)
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Cente ...
»CVE-2012-5207 (intelligent_management_center, intelligent_management_center_for_automated_network_manager)
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Cente ...
»CVE-2012-5208 (intelligent_management_center, intelligent_management_center_for_automated_network_manager)
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Cente ...
»CVE-2012-5209 (intelligent_management_center, intelligent_management_center_for_automated_network_manager)
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Cente ...
»CVE-2012-5210 (intelligent_management_centertacacs+_authentication_manager)
Unspecified vulnerability in HP Intelligent Management Center (iMC) TACACS+ Authentication Manager ( ...
»CVE-2012-5211 (intelligent_management_center_user_access_manager)
Unspecified vulnerability in HP Intelligent Management Center (iMC) User Access Manager (UAM) before ...
»CVE-2012-5212 (intelligent_management_center, intelligent_management_center_for_automated_network_manager)
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Cente ...
»CVE-2012-5213 (intelligent_management_center, intelligent_management_center_for_automated_network_manager)
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Cente ...


Date published: 2016-08-29T04:50:04Z
Details

»Apple Releases Security Update
Original release date: August 25, 2016 Apple has released a security update to address multip ...
»VMWare Releases Security Updates
Original release date: August 24, 2016 VMWare has released security updates to address vulner ...
»FTC Releases Alert on Louisiana Flood Disaster Scams
Original release date: August 23, 2016 The Federal Trade Commission (FTC) has released an ale ...
»Fortinet Releases Security Advisory
Original release date: August 22, 2016 Fortinet has released a security advisory to highlight ...
»Cisco Releases Security Updates
Original release date: August 20, 2016 Cisco has released security updates to address vulnera ...
»Cisco Releases Security Update
Original release date: August 12, 2016 Cisco has released a security update to address a vuln ...
»Microsoft Releases August 2016 Security Bulletin
Original release date: August 09, 2016 Microsoft has released nine updates to address vulnera ...
»VMware Releases Security Update
Original release date: August 05, 2016 VMware has released a security update to address vulne ...
»Apple Releases Security Update
Original release date: August 05, 2016 Apple has released a security update to address a vuln ...
»Cisco Releases Security Updates
Original release date: August 03, 2016 Cisco has released security updates to address vulnera ...


Date published: not known
Details

»Small Talks return to the Virus Bulletin Conference
Following their success last year, this year a series of "Smal ...
»Research shows web security products perform well against exploit kits
Research by Virus Bulletin, in which five web security products wer ...
»Throwback Thursday: Olympic Games
In 1994, along with the Olympic Games came an Olympic virus, from a ...
»VB2016 call for last-minute papers opened, discounts announced
Announcing the VB2016 call for last-minute papers and a number of d ...
»Guest Blog: Malicious Scripts Gaining Prevalence in Brazil
In the run up to VB2016, we invited the conference sponsors to writ ...
»Romanian university website compromised to serve Neutrino exploit kit
The website of the Carol Davila University of Medicine and Pharmacy ...
»It's 2016. Can we stop using MD5 in malware analyses?
While there are no actually risks involved in using MD5s in malware ...
»Throwback Thursday: Holding the Bady
In 2001, ‘Code Red’ caused White House administrators to change the ...
»Paper: The Journey of Evasion Enters Behavioural Phase
A new paper by FireEye researcher Ankit Anubhav provides an overvie ...


Date published: not known
Details
Main Menu
· Home
Current Security News
 
US-CERT Current Activity

» Apple Releases Security Update
[25 Aug 2016 01:53pm]

» VMWare Releases Security Updates
[24 Aug 2016 03:33pm]

» FTC Releases Alert on Louisiana Flood Disaster Scams
[23 Aug 2016 05:48pm]

» Fortinet Releases Security Advisory
[22 Aug 2016 02:36pm]

» Cisco Releases Security Updates
[20 Aug 2016 12:56am]

» Cisco Releases Security Update
[12 Aug 2016 01:31pm]

» Microsoft Releases August 2016 Security Bulletin
[09 Aug 2016 12:55pm]

» VMware Releases Security Update
[05 Aug 2016 01:38pm]

» Apple Releases Security Update
[05 Aug 2016 01:25pm]

» Cisco Releases Security Updates
[03 Aug 2016 02:33pm]

***
US-CERT Alerts

» TA16-187A: Symantec and Norton Security Products Contain Critical Vulnerabilities
[05 Jul 2016 08:50am]

» TA16-144A: WPAD Name Collision Vulnerability
[23 May 2016 05:38am]

» TA16-132A: Exploitation of SAP Business Applications
[11 May 2016 05:31am]

» TA16-105A: Apple Ends Support for QuickTime for Windows; New Vulnerabilities Announced
[14 Apr 2016 01:48pm]

» TA16-091A: Ransomware and Recent Variants
[31 Mar 2016 04:00pm]

» TA15-337A: Dorkbot
[03 Dec 2015 04:40pm]

» TA15-314A: Compromised Web Servers and Web Shells - Threat Awareness and Guidance
[10 Nov 2015 06:12pm]

» TA15-286A: Dridex P2P Malware
[13 Oct 2015 05:23am]

» TA15-240A: Controlling Outbound DNS Access
[28 Aug 2015 11:31am]

» TA15-213A: Recent Email Phishing Campaigns – Mitigation and Response Recommendations
[01 Aug 2015 04:01pm]

***
Computerworld Security

» Sophisticated malware possibly tied to recent ATM heists in Thailand
[29 Aug 2016 09:25am]

» Review: Top tools for preventing data leaks
[29 Aug 2016 05:51am]

» Medical device security disclosure ignites an ethics firestorm
[29 Aug 2016 04:11am]

» Got big data? The Cloud Security Alliance offers up 100 best practices
[26 Aug 2016 12:31pm]

» Mozilla launches free website security scanning service
[26 Aug 2016 10:16am]

» Real-life examples test whether you are prepared for a cyberattack
[26 Aug 2016 07:08am]

» Dropbox prompts certain users to change their passwords
[26 Aug 2016 04:35am]

» U.S. convicts Russian hacker in credit card theft scheme
[25 Aug 2016 04:17pm]

» Apple patches iOS security flaws found in spyware targeting activist
[25 Aug 2016 02:05pm]

» IDG Contributor Network: Blockchain: It's not just for finance anymore
[25 Aug 2016 01:20pm]

» Cisco starts patching firewall devices against NSA-linked exploit
[25 Aug 2016 09:06am]

» So your company’s been hacked: How to handle the aftermath
[25 Aug 2016 08:36am]

» IDG Contributor Network: Lost and stolen devices account for 1 in 4 breaches in the financial services sector
[25 Aug 2016 06:00am]

» HP's Sure View -- protecting your laptop screen from prying eyes
[25 Aug 2016 05:18am]

» Android botnet relies on Twitter for commands
[24 Aug 2016 04:58pm]

***
Microsoft Security Advisories

» 3179528 - Update for Kernel Mode Blacklist - Version: 1.0
[09 Aug 2016 11:00am]

» 2880823 - Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program - Version: 2.0
[18 May 2016 11:00am]

» 3155527 - Update to Cipher Suites for FalseStart - Version: 1.0
[10 May 2016 11:00am]

» 3152550 - Update to Improve Wireless Mouse Input Filtering - Version: 1.1
[22 Apr 2016 11:00am]

» 3137909 - Vulnerabilities in ASP.NET Templates Could Allow Tampering - Version: 1.1
[10 Feb 2016 11:00am]

» 2871997 - Update to Improve Credentials Protection and Management - Version: 5.0
[09 Feb 2016 11:00am]

» 3118753 - Updates for ActiveX Kill Bits 3118753 - Version: 1.0
[12 Jan 2016 11:00am]

» 3123479 - Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program - Version: 1.0
[12 Jan 2016 11:00am]

» 3109853 - Update to Improve TLS Session Resumption Interoperability - Version: 1.0
[12 Jan 2016 11:00am]

» 2755801 - Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge - Version: 53.0
[05 Jan 2016 11:00am]

» 3057154 - Update to Harden Use of DES Encryption - Version: 1.1
[08 Dec 2015 11:00am]

» 3123040 - Inadvertently Disclosed Digital Certificate Could Allow Spoofing - Version: 1.0
[08 Dec 2015 11:00am]

» 3119884 - Inadvertently Disclosed Digital Certificates Could Allow Spoofing - Version: 1.0
[30 Nov 2015 11:00am]

» 3108638 - Update for Windows Hyper-V to Address CPU Weakness - Version: 1.0
[10 Nov 2015 11:00am]

» 3042058 - Update to Default Cipher Suite Priority Order - Version: 1.1
[13 Oct 2015 11:00am]

***
WIRED

» Hack Brief: As FBI Warns Election Sites Got Hacked, All Eyes Are on Russia
[29 Aug 2016 09:49am]

» Security News This Week: Hillary Clinton Didn’t Delete Her Emails, She Super Deleted Them
[26 Aug 2016 07:30pm]

» Where Are Trump’s and Clinton’s Biggest Donations Coming From? We Made a Map
[26 Aug 2016 05:00am]

» A Hacking Group Is Selling iPhone Spyware to Governments
[25 Aug 2016 11:46am]

» WhatsApp’s Privacy Cred Just Took a Big Hit
[25 Aug 2016 10:16am]

» Of Course Everyone’s Already Using the Leaked NSA Exploits
[24 Aug 2016 11:19am]

» Security News This Week: Eddie Bauer Stores, Hotels and Hospitals Hacked
[20 Aug 2016 05:00am]

» WIRED’s Latest HTTPS Update: We’re Almost There, Folks
[19 Aug 2016 06:27pm]

» Hackers Trick Facial-Recognition Logins With Photos From Facebook (What Else?)
[19 Aug 2016 06:00am]

» Twitter Says It Suspended 360,000 Suspected Terrorist Accounts in a Year
[18 Aug 2016 10:07am]

***
Network World Security

» St Jude calls easily hackable pacemaker claims 'false and misleading'
[29 Aug 2016 08:19am]

» IDG Contributor Network: Digify for Gmail: Mission Impossible for your email attachments
[29 Aug 2016 08:18am]

» Are InfoSec vendors ‘sowing confusion’ and selling ‘useless’ products?
[29 Aug 2016 07:52am]

» Deception technology grows and evolves
[29 Aug 2016 07:41am]

» Review: Top tools for preventing data leaks
[29 Aug 2016 04:00am]

» Top tools for preventing data leaks
[29 Aug 2016 04:00am]

» Review: Promisec goes the extra step to secure PCs
[13 Jul 2016 06:21am]

» 4 tools for managing firewall rules
[07 Jul 2016 11:03am]

» 10 advanced endpoint protection tools
[05 Jul 2016 04:00am]

» How to buy endpoint security products
[05 Jul 2016 04:00am]

» 7 trends in advanced endpoint protection
[05 Jul 2016 04:00am]

» 10 cutting-edge tools that take endpoint security to a new level
[05 Jul 2016 04:00am]

» Buyer’s Guide to 9 multi-factor authentication products
[06 Jun 2016 04:00am]

» Sophisticated malware possibly tied to recent ATM heists in Thailand
[29 Aug 2016 07:33am]

» New products of the week 8.29.16
[29 Aug 2016 07:00am]

***


More IT Security
News Feeds
More Sponsors

Advertise on this site
RSS Feeds
Our news can be syndicated by using these rss feeds.
rss1.0
rss2.0
rdf

NIST.org is in no way connected to the U.S. government site NIST.gov

This site is © John Herron, CISSP. All Rights Reserved.

Please visit daily to stay up to date on all your IT Security compliance issues.

http://www.nist.org -
Hosted by BlueHost. We've never had a better hosting company.
{THEMEDISCLAIMER}