Notices by BrianKrebs (briankrebs@infosec.exchange)

The Electronic Frontier Foundation (EFF) joined Lex Lumina LLP, State Democracy Defenders Fund, and The Chandra Law Firm in suing the OPM and OPM Acting Director Charles Ezell, alleging they illegally disclosed personnel records to Musk’s DOGE in violation of the federal Privacy Act of 1974. Last week, a federal judge temporarily blocked DOGE from accessing a critical Treasury payment system under a similar lawsuit.

“The Privacy Act makes it unlawful for OPM Defendants to hand over access to OPM’s millions of personnel records to DOGE Defendants, who lack a lawful and legitimate need for such access,” the complaint says. “No exception to the Privacy Act covers DOGE Defendants’ access to records held by OPM. OPM Defendants’ action granting DOGE Defendants full, continuing, and ongoing access to OPM’s systems and files for an unspecified period means that tens of millions of federal-government employees, retirees, contractors, job applicants, and impacted family members and other third parties have no assurance that their information will receive the protection that federal law affords.”

"With few exceptions, the Privacy Act limits the disclosure of federally maintained sensitive records on individuals without the consent of the individuals whose data is being shared. It protects all Americans from harms caused by government stockpiling of our personal data. This law was enacted in 1974, the last time Congress acted to limit the data collection and surveillance powers of an out-of-control President.

“The Privacy Act makes it unlawful for OPM Defendants to hand over access to OPM’s millions of personnel records to DOGE Defendants, who lack a lawful and legitimate need for such access,” the complaint says. “No exception to the Privacy Act covers DOGE Defendants’ access to records held by OPM. OPM Defendants’ action granting DOGE Defendants full, continuing, and ongoing access to OPM’s systems and files for an unspecified period means that tens of millions of federal-government employees, retirees, contractors, job applicants, and impacted family members and other third parties have no assurance that their information will receive the protection that federal law affords.”

https://www.eff.org/document/afge-v-opm-complaint

I've started posting on LinkedIn all the unconstitutional shit Trump and Musk are doing to undermine the security and integrity of our government. Mainly because that crowd needs to hear it most. It's incredible how many people in the infosec space are still defending the actions of DOGE and its dear leader(s). And they're not all crypto bros and AI peddlers; we're talking about people in some pretty important roles, tech-wise.

But at least when they reply with the inevitable "stay in your lane" or "I used to like you when you stayed out of politics," they are on record as complicit and totally okay with what is going on.

This one aged pretty well. IMHO, it's more true now than ever.

There's an important vulnerability being disclosed today that allows attackers to massively increase the size of DDoS attacks.

The flaw is being tracked as CVE-2023-44487, a.k.a. "HTTP/2 Rapid Reset Attack." According to Damian Menscher at Google, the attack "works by sending a request and then immediately cancelling it (a feature of HTTP/2). This lets attackers skip waiting for responses, resulting in a more efficient attack."

More info:

https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack

https://aws.amazon.com/blogs/security/how-aws-protects-customers-from-ddos-events/

https://aws.amazon.com/security/security-bulletins/AWS-2023-011/

https://www.cloudflare.com/press-releases/2023/cloudflare-helps-discover-new-online-threat-that-led-to-largest-attack-in/

The Russian government today handed down a treason conviction and 14-year prison sentence on Iyla Sachkov, the former founder and CEO of one of Russia’s largest cybersecurity firms. Sachkov, 37, has been detained for nearly two years under charges that the Kremlin has kept classified and hidden from public view, and he joins a growing roster of former Russian cybercrime fighters who are now serving hard time for farcical treason convictions.

https://krebsonsecurity.com/2023/07/russia-sends-cybersecurity-ceo-to-jail-for-14-years/

Your periodic reminder that just because a URL is saved at archive.org doesn't mean it's going to stay there.

Last year, I wrote a series about proxy services marketed to cybercriminals, and that relied heavily on Archive.org links to document various connections. After my story ran, the person that those links concerned asked Archive to remove those links from their database, which they did. The person in question came back and said hey, what you said in your story is wrong because there's no supporting evidence and you must remove this. Archive.org confirmed they removed all of the pages at the request of the domain holder, and that was that.

If you stumble upon a page that is in archive.org and you want to make sure there is a record that won't be deleted at some point, consider saving the page to archive.today/archive.ph

Alternatively, of course, you could save the page locally, using something like Firefox's built-in full page screenshot (right click on page). Better yet, save the Archive.org pages you want locally.