A hacker is claiming to have breached the FBI’s content management system, dumping email addresses and SHA1 encrypted passwords with salts online. The hacker using the handle (@cyberzeist) claims to have breached the Plone CMS using a zero day flaw allegedly for sale on an unnamed dark web site. The Register has contacted the FBI to confirm the allegations. It was not immediately available for comment, however an operative was aware of the claimed incident. Cyberzeist claims to have conducted the hack last month and has posted to Twitter what they claim are screen captures showing the FBI patching against the vulnerability, which appeared to permit public access.
View full story
ORIGINAL SOURCE: The Register