Incident Response

Report: Jet Propulsion Laboratory Hacked for 10 Months

A report says hackers stole data from NASA’s Jet Propulsion Laboratory in Southern California for nearly a year without being detected.

Associated Press

June 23, 2019

A report says hackers stole data from NASA’s Jet Propulsion Laboratory in Southern California for nearly a year without being detected.

The Pasadena Star-News reports Friday that security weaknesses allowed hackers to steal 500 megabytes of data from 23 files, including two containing restricted information related to the Curiosity rover Mars mission.

A report this week from NASA’s Office of the Inspector General says hackers used a credit card-sized computer and a compromised external user account.

They operated for 10 months until the hack was discovered in April 2018.

As a result, NASA temporarily disconnected several space flight-related systems from JPL’s computer network.

The Star-News says hackers also broke into JPL in 2009, 2011, 2014, 2016 and 2017.

NASA recommended security fixes that should be completed over the next year.

Advertisement. Scroll to continue reading.

Written By Associated Press

Latest News

Click to comment

CIEM Chat: How to Reduce Cloud Identity Risk

March 26, 2024

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Virtual Event: Ransomware Resilience & Recovery Summit

April 17, 2024

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

You Against the World: The Offenders Dilemma

Foreign attackers have many more toolsets at their disposal, so we need to make sure we’re selective about our modeling, preparation and how we assess and fortify ourselves. (Tom Eston)

Why Intelligence Sharing Is Vital to Building a Robust Collective Cyber Defense Program

With automated, detailed, contextualized threat intelligence, organizations can better anticipate malicious activity and utilize intelligence to speed detection around proven attacks. (Marc Solomon)

Know Your Audience When Speaking to Security Practitioners

How can security practitioners make sense of the vendor landscape and separate those who talk a good game from those who can execute, perform, and solve real problems for enterprises? (Joshua Goldfarb)

Cybersecurity Mesh: Overcoming Data Security Overload

A significant cybersecurity challenge arises from managing the immense volume of data generated by numerous IT security tools, leading organizations into a reactive rather than proactive approach. (Torsten George)

The OODA Loop: The Military Model That Speeds Up Cybersecurity Response

The OODA Loop can be used both by defenders and incident responders for a variety of use cases such as threat assessment, threat monitoring, and threat hunting. (Etay Maor)

Cybercrime

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Eduard KovacsOctober 1, 2019

Incident Response

Amazon’s Shuttering of Alexa Ranking Service Hits Cybersecurity Industry

Amazon has shut down Alexa.com.

Eduard KovacsMay 6, 2022

Hackers Stole Encrypted Backups, MFA Settings from GoTo, LastPass

Data Breaches

LastPass Says DevOps Engineer Home Computer Hacked

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Ryan NaraineFebruary 27, 2023

Incident Response

Microsoft Puts ChatGPT to Work on Automating Cybersecurity

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Ryan NaraineMarch 28, 2023

Data Breaches

GoTo Says Hackers Stole Encrypted Backups, MFA Settings

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Ryan NaraineJanuary 24, 2023

Application Security

GitHub Revokes Code Signing Certificates Following Cyberattack

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Ionut ArghireJanuary 31, 2023

Incident Response

Meta Develops New Kill Chain Thesis

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Kevin TownsendMarch 16, 2023

Cloud Security

VMware vCenter Flaw So Critical, Patches Released for End-of-Life Products

VMware described the bug as an out-of-bounds write issue in its implementation of the DCE/RPC protocol. CVSS severity score of 9.8/10.

Ryan NaraineOctober 25, 2023

SECURITYWEEK NETWORK:

ICS:

SecurityWeek

Incident Response

Report: Jet Propulsion Laboratory Hacked for 10 Months

More from Associated Press

Latest News

Trending

CIEM Chat: How to Reduce Cloud Identity Risk

Virtual Event: Ransomware Resilience & Recovery Summit

People on the Move

Expert Insights

You Against the World: The Offenders Dilemma

Why Intelligence Sharing Is Vital to Building a Robust Collective Cyber Defense Program

Know Your Audience When Speaking to Security Practitioners

Cybersecurity Mesh: Overcoming Data Security Overload

The OODA Loop: The Military Model That Speeds Up Cybersecurity Response

Related Content

Cybercrime

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

Incident Response

Amazon’s Shuttering of Alexa Ranking Service Hits Cybersecurity Industry

Data Breaches

LastPass Says DevOps Engineer Home Computer Hacked

Incident Response

Microsoft Puts ChatGPT to Work on Automating Cybersecurity

Data Breaches

GoTo Says Hackers Stole Encrypted Backups, MFA Settings

Application Security

GitHub Revokes Code Signing Certificates Following Cyberattack

Incident Response

Meta Develops New Kill Chain Thesis

Cloud Security

VMware vCenter Flaw So Critical, Patches Released for End-of-Life Products

SECURITYWEEK NETWORK:

ICS:

More from Associated Press

Latest News

Trending

Daily Briefing Newsletter

CIEM Chat: How to Reduce Cloud Identity Risk

Virtual Event: Ransomware Resilience & Recovery Summit

People on the Move

Expert Insights

You Against the World: The Offenders Dilemma

Why Intelligence Sharing Is Vital to Building a Robust Collective Cyber Defense Program

Know Your Audience When Speaking to Security Practitioners

Cybersecurity Mesh: Overcoming Data Security Overload

The OODA Loop: The Military Model That Speeds Up Cybersecurity Response

Related Content

Cybercrime

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

Incident Response

Amazon’s Shuttering of Alexa Ranking Service Hits Cybersecurity Industry

Data Breaches

LastPass Says DevOps Engineer Home Computer Hacked

Incident Response

Microsoft Puts ChatGPT to Work on Automating Cybersecurity

Data Breaches

GoTo Says Hackers Stole Encrypted Backups, MFA Settings

Application Security

GitHub Revokes Code Signing Certificates Following Cyberattack

Incident Response

Meta Develops New Kill Chain Thesis

Cloud Security

VMware vCenter Flaw So Critical, Patches Released for End-of-Life Products