Search
Items tagged with: Data
Big data is like teenage sex: everyone talks about it, nobody really knows how to do it, everyone thinks everyone else is doing it, so everyone claims they are doing it...
— Dan Ariely
#data
Trump’s War on Measurement Means Losing Data on Drug Use, Maternal Mortality, Climate Change and More
—
By slashing teams that gather critical data, the administration has left the federal government with no way of understanding if policies are working — and created a black hole of information whose consequences could ripple out for decades.
propublica.org/article/trump-d…
#News #Trump #DOGE #Data #Climate #Health #Environment #Immigration #Science #Education
UPDATE: We've added 11 more names to our DOGE tracker, bringing the total to 77 staffers affiliated with Musk.
Plus, you can now filter our database by federal agency. Check it out ⤵️
projects.propublica.org/elon-m…
#DOGE #ElonMusk #Musk #Government #Data #Research #USPolitics #Trump
Elon Musk’s Demolition Crew
Elon Musk, the world’s richest man, has been unleashed on federal agencies. ProPublica is attempting to document who is working with him and what they are doing.ProPublica
The employees grew concerned that the #NLRB's confidential #data could be exposed, particularly after they started detecting suspicious log-in attempts from an IP address in #Russia [wtf?], acc/to the disclosure. Eventually, the disclosure continued, the IT department launched a formal review of what it deemed a serious, ongoing #security #breach or potentially #illegal removal of personally identifiable information.
…#DOGE employees demanded the highest level of access, what are called "tenant owner level" accounts inside the independent agency's computer systems, w/essentially unrestricted permission to read, copy & alter #data….
When an IT staffer suggested a streamlined process to activate those accounts in a way that would let their activities be tracked, in accordance with #NLRB #security policies, the IT staffers were told to stay out of DOGE's way….
#law #Trump #Musk #InfoSec #NationalSecurity
Those #forensic #digital #records are important for record-keeping requirements & allow for troubleshooting, but they also allow experts to investigate potential breaches, sometimes even tracing the attacker's path back to the vulnerability that let them inside a network. The records can also help experts see what #data might have been removed. Basic logs would likely not be enough to demonstrate the extent of a bad actor's activities, but it would be a start.
…while many of the #NLRB's records are eventually made public, the NxGen case management system hosts #proprietary #data from #corporate competitors, personal information about #union members or employees voting to join a union, & #witness testimony in ongoing cases. Access to that data is protected by numerous federal #laws, including the #Privacy Act.
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
On its own, that wouldn't be suspicious, though it did allow the engineers to work invisibly & left no trace of its activities once it was removed.
Then, Berulis started tracking sensitive #data leaving the places it's meant to live…. First, he saw a chunk of data exiting the NxGen case management system's "nucleus," inside the #NLRB system, Berulis explained. Then, he saw a large spike in outbound traffic leaving the network itself.
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
From what he could see, the #data leaving, almost all text files, added up to around 10GB…. It's a sizable chunk of the total data in the #NLRB sys, though the agency itself hosts over 10TB in historical data. It's unclear which files were copied & removed or whether they were consolidated & compressed, which could mean even more data was exfiltrated. It's also possible that #DOGE ran queries looking for specific files…& took only what it was looking for….
Regardless, that kind of spike is extremely unusual, …because #data almost never directly leaves from the #NLRB's databases. In his disclosure, Berulis shared a screenshot tracking data entering and exiting the system, & there's only one noticeable spike of data going out. He also confirmed that no one at the NLRB had been saving backup files that week or migrating data for any projects.
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
For #cybersecurity experts, that spike in #data leaving the system is a key indicator of a #breach, Berulis explained.
When Berulis asked his IT colleagues whether they knew why the data was exfiltrated or whether anyone else had been using containers to run code on the system in recent weeks, no one knew anything about it or the other unusual activities on the network….
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
In fact, when they looked into the spike, they found that logs that were used to monitor outbound traffic from the system were absent. Some actions taken on the network, including #data exfiltration, had no attribution—except to a "deleted account," he continued. "Nobody knows who deleted the logs or how they could have gone missing," Berulis said.
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
While investigating the #data taken from #NLRB, Berulis tried to determine its ultimate destination. But whoever had exfiltrated it had disguised its destination too….
#DOGE staffers had permission to access the system, but removing data is another matter.
Berulis says someone appeared to be doing something called DNS tunneling to prevent the data exfiltration from being detected.
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
Beluris came to that conclusion…after he saw a traffic spike in DNS requests parallel to the #data being exfiltrated, a spike 1,000 times the normal number of requests.
When someone uses this technique, they set up a domain name that pings the target system w/questions or queries. But they configure the compromised server so that it answers those DNS queries by sending out packets of data, allowing the attacker to steal info that has been broken down into smaller chunks.
Inside #DOGE’s push to defy a #CourtOrder & access #SocialSecurity data
Reps of #ElonMusk’s US #DOGE Service have sought for weeks to get around a court order barring their access to sensitive #data & internal systems at the #SSA, prompting career staff to repeatedly resist their efforts, acc/to a half dozen people familiar w/the DOGE team’s actions & records obtained by The Washington Post.
#law #Trump #Musk #privacy #InfoSec #NationalSecurity #judiciary
washingtonpost.com/politics/20…
Friends. Our @SafeguardingResearch team has a request to access some public data that is suddenly being authenticated for access. This is important climate history data.
Do you have or know someone who has an account with FEMA AGOL?
If so, they can privately send a message to SRC (the Safeguarding group) here:
Update April 5th:
We got everything we can.
The amount of help has been very awesome - we did good 💜
If you think you can help with more than a few TB and/or with additional contacts etc. pp.
Please write an email to contact@safeguar.de
We (@SafeguardingResearch) need urgent help with archiving websites & datasets from NOAA, specifically the stuff on Amazon Web Services (AWS):
forum.safeguar.de/t/noaa-all-s…
If you can contribute, please consider doing so.
#NOAA #SafeguardingResearch #Data #Weather
NOAA all services, specifically Amazon Web Servies (URGENT)
AWS Services for NOAA will be going offline as soon as tomorrow night. (april 4th) Things affected to include: Claimed: research.noaa.gov epic.noaa.gov adp.noaa.gov ci.noaa.gov oeab.noaa.gov orta.research.noaa.gov testbeds.noaa.gov qosap.Safeguarding Research & Culture (SRC) — Distributing Cultural Memory
Generate files that look like #JPEGs but contain random #data—ideal for bombarding aggressive web crawlers with garbage images. @pengfold cc @asrg
GitHub - gw1urf/fakejpeg: Generate files that are almost JPEGs with random data. Possibly useful in feeding aggressive web crawlers.
Generate files that are almost JPEGs with random data. Possibly useful in feeding aggressive web crawlers. - gw1urf/fakejpegGitHub
Add this to #signalgate (with a little help from our friends ...):
Pete #Hegseth, Mike #Waltz, Tulsi #Gabbard: Private #Data and Passwords of Senior U.S. Security Officials Found Online
spiegel.de/international/world…
> Donald Trump's most important security advisers used Signal to discuss an imminent military strike. Now, reporting by DER SPIEGEL has found that the contact data of some of those officials, including mobile phone numbers, is freely accessible on the internet.
Hegseth, Waltz, Gabbard: Private Data and Passwords of Senior U.S. Security Officials Found Online
Donald Trump's most important security advisers used Signal to discuss an imminent military strike. Now, reporting by DER SPIEGEL has found that the contact data of some of those officials, including mobile phone numbers, is freely accessible on the …Patrick Beuth (DER SPIEGEL)
