DHS's Office of Industry Partnership was hacked by a group called "Department of Peace" and info about ICE contracts with over 6,000 companies is now published on @ddosecrets.org!
-
DHS's Office of Industry Partnership was hacked by a group called "Department of Peace" and info about ICE contracts with over 6,000 companies is now published on @ddosecrets.org!
@micahflee I'm very amused by all of the Bugcrowd garbage data that ended up in the DHS contractors table.
Who knew that the Fortune 500 company `<a href=\"https://www.bugcrowd.com/\">Phishing</a><br><img src=http://194.164.169.161/p.png><!--` was working with DHS?
-
@micahflee The Linux Foundation got half a million dollars from ICE contracts.
@manchicken @micahflee looks like it was from the DHS overall (not ICE specifically), lasted from 2017-2018, and the funds were used to improve the security of OSS in general. Unless I’m missing more context, not exactly a bad thing imo
-
DHS's Office of Industry Partnership was hacked by a group called "Department of Peace" and info about ICE contracts with over 6,000 companies is now published on @ddosecrets.org!
@micahflee Wow if this is true, UC San Diego got over $2.3m from three ICE contracts. Not sure what "Full Proposal" means, though? Did they actually get that or was it some faculty member applying for grants they didn't receive?
-
@manchicken @micahflee looks like it was from the DHS overall (not ICE specifically), lasted from 2017-2018, and the funds were used to improve the security of OSS in general. Unless I’m missing more context, not exactly a bad thing imo
@phillip @micahflee I do hope that's true. It would be disappointing to see any organization doing business with DHS/ICE since they made it plain how they have chosen to operate.
-
@phillip @micahflee I do hope that's true. It would be disappointing to see any organization doing business with DHS/ICE since they made it plain how they have chosen to operate.
@manchicken @micahflee that’s what it says in the leaked contract files
-
@manchicken @micahflee that’s what it says in the leaked contract files
@phillip @micahflee Yeah; I do think it's important to note that we don't actually have the full data set from what I can tell. We _should_ have the full data set, these contracts _should_ be public.
-
That is very interesting!
Some files are missing, are they ging to be available eventually?@overflo there were some 404 errors briefly right after I launched it because of a bug, but that's fixed now
-
@manchicken @micahflee that’s what it says in the leaked contract files
@phillip @manchicken @micahflee "CII is a private sector solution" in the Linux foundation..
"This funding would include a DHS representative holding a voting seat on the CII Steering Group"
Does this mean current DHS has a seat on a Linux Foundation entity?
-
DHS's Office of Industry Partnership was hacked by a group called "Department of Peace" and info about ICE contracts with over 6,000 companies is now published on @ddosecrets.org!
@micahflee Cool!
Now do the DOJ #EpsteinFiles
Pretty please
-
DHS's Office of Industry Partnership was hacked by a group called "Department of Peace" and info about ICE contracts with over 6,000 companies is now published on @ddosecrets.org!
HBGary! That’s a name I haven’t heard in a while.
-
@phillip @manchicken @micahflee "CII is a private sector solution" in the Linux foundation..
"This funding would include a DHS representative holding a voting seat on the CII Steering Group"
Does this mean current DHS has a seat on a Linux Foundation entity?
@vwbusguy @manchicken @micahflee No, the DHS does not have a voting seat with the Linux Foundation. The CII Steering Group is a sub-project of the Linux foundation that accepts monetary donations, then doles them out to open source projects in need.
So the DHS has (or had maybe?) a voting seat to give them a say in how their donations are spent.
-
@micahflee Wow if this is true, UC San Diego got over $2.3m from three ICE contracts. Not sure what "Full Proposal" means, though? Did they actually get that or was it some faculty member applying for grants they didn't receive?
Just adding something I noticed: these grants and contract are part of DHS' Long Range Broad Agency Announcement (LRBAA) program:
The Science and Technology Directorate's (S&T) Long Range Broad Agency Announcement (LRBAA) is a standing, open invitation to the scientific and technical communities to fund pioneering research and development (R&D) projects in support of our nation’s security.
That doesn't answer your question, though.
-
I just threw together a website visualizing this ICE contract data! You can browse through the companies and their contracts, and filter them by state https://micahflee.github.io/ice-contracts/
@micahflee Thank you for making this info available! Disheartening how many universities are listed...
-
DHS's Office of Industry Partnership was hacked by a group called "Department of Peace" and info about ICE contracts with over 6,000 companies is now published on @ddosecrets.org!
@micahflee
Anyone got the geeks to set up a bot that posts the names of 10 of the companies once every 12 hours?
#ICEContractor #ICEComplicit -
Just adding something I noticed: these grants and contract are part of DHS' Long Range Broad Agency Announcement (LRBAA) program:
The Science and Technology Directorate's (S&T) Long Range Broad Agency Announcement (LRBAA) is a standing, open invitation to the scientific and technical communities to fund pioneering research and development (R&D) projects in support of our nation’s security.
That doesn't answer your question, though.
@iampytest1 Yeah, looking at the contract, it seems more InfoSec research related for DHS during Biden era.
-
DHS's Office of Industry Partnership was hacked by a group called "Department of Peace" and info about ICE contracts with over 6,000 companies is now published on @ddosecrets.org!
@micahflee@infosec.exchange Uhhh... looks like DHS may have had their contracts system get popped during a penetration test in 2025?
[Edit: LOL]
-
@manchicken @micahflee looks like it was from the DHS overall (not ICE specifically), lasted from 2017-2018, and the funds were used to improve the security of OSS in general. Unless I’m missing more context, not exactly a bad thing imo
@phillip @manchicken @micahflee Probably from CISA, which is under DHS for some reason.
-
DHS's Office of Industry Partnership was hacked by a group called "Department of Peace" and info about ICE contracts with over 6,000 companies is now published on @ddosecrets.org!
@micahflee Well well well, move over WikiLeaks! -
I just threw together a website visualizing this ICE contract data! You can browse through the companies and their contracts, and filter them by state https://micahflee.github.io/ice-contracts/
@micahflee this is awesome!
-
@micahflee@infosec.exchange Uhhh... looks like DHS may have had their contracts system get popped during a penetration test in 2025?
[Edit: LOL]@julie @micahflee that means they were probably aware of the vulnerability that allowed this leak to happen… and then they didn't fix it (nor did they remove the data that the pentesters injected into their production database, apparently!)
