Techdirt: Inspector General Says NSA Still Hasn’t Implemented Its Post-Snowden Internal Security Measures. “The NSA was going to make sure no one could just walk out of work with thousands of sensitive documents. It laid out a plan to exercise greater control over access and fail safe procedures meant to keep free-spirited Snowdens in check. The NSA is the world’s most powerful surveillance agency. It is also a sizable bureaucracy. Over the past half-decade, the NSA has talked tough about tighter internal controls. But talk is cheap — at least labor-wise. Actual implementation takes dedication and commitment. The NSA just doesn’t have that in it, according to a recent Inspector General’s report.”
NBC News: Facebook’s new foreign influence report excluded most divisive rhetoric. “On Tuesday morning, the political and tech worlds were startled to learn that Facebook had identified and stopped a new covert campaign to spread divisive political messages on its platform, the first such announcement since 2017. But Facebook released only some of the pages and content publicly. What it did not reveal was the depth some of the pages went to stoke racial tension and incite division among Americans.”
Politico: Facebook suspends ‘inauthentic’ accounts, sees Russia link. “Facebook shut down more than two dozen ‘inauthentic’ accounts and pages on Tuesday that sought to inflame social and political tensions in the United States, and said their activity was similar — and in some cases connected — to that of Russian accounts during the 2016 election.”
Engadget: NSA has yet to fix security holes that helped Snowden leaks. “Edward Snowden’s success in leaking NSA data was chalked up in part to the agency’s own security lapses, so you’d think that the agency would have tightened up its procedures in the past five years… right? Apparently not. The NSA Inspector General’s office has published an audit indicating that many of the Snowden-era digital security policies still haven’t been addressed, at least as of the end of March 2018. It hasn’t correctly implemented two-person access controls for data centers and similar rooms, doesn’t properly check job duties and has computer security plans that are either unfinished or inaccurate.”
Krebs on Security: State Govts. Warned of Malware-Laden CD Sent Via Snail Mail from China. “Here’s a timely reminder that email isn’t the only vector for phishing attacks: Several U.S. state and local government agencies have reported receiving strange letters via snail mail that include malware-laden compact discs (CDs) apparently sent from China, KrebsOnSecurity has learned.”
CNET: Researchers found stolen military secrets for sale on the dark web. “Military secrets are often heavily guarded, but it’s meaningless if there’s weak router security. Researchers from Recorded Future, a threat intelligence company, say they found a cache of sensitive military documents for sale on the Dark Web, including details on the US Air Force’s MQ-9 Reaper drones, as well as training courses on tanks, survival and improvised explosive devices.”
Unredacted: New Digital National Security Archive Document Collection Highlights CIA Covert Operations from 1961-1974. “Explore important historical events, like the epic Bay of Pigs disaster, through the lens of little-known or under-explored covert activities in the National Security Archive’s latest digital collection, CIA Covert Operations, Part III – From Kennedy to Nixon. This Digital National Security Archive (DNSA) collection, the most comprehensive of its kind, is the third of five installments concerning the bread and butter of U.S. intelligence operations – covert operations.” Not free, as you might imagine. A product of ProQuest.