shadow_brokers   21

Leaked NSA Dump Also Contains Tools Agency Used to Track Other Hackers
A years ago when the mysterious hacking group 'The Shadow Brokers' dumped a massive trove of sensitive data stolen from the US intelligence agency NSA, everyone started looking for secret hacking tools and zero-day exploits.
A group of Hungarian security researchers from CrySyS Lab and Ukatemi has now revealed that the NSA dump doesn't just contain zero-day exploits used to take control of targeted systems, but also include a collection of scripts and scanning tools the agency uses to track operations of hackers from other countries.
According to a report published today by the Intercept, NSA's specialized team known as Territorial Dispute (TeDi) developed some scripts and scanning tools that help the agency to detect other nation-state hackers on the targeted machines it infects.
gov2.0  hack  NSA  privacy  security  shadow_brokers  spying  wikileaks 
5 weeks ago by rgl7194
NSA’s top talent is leaving because of low pay, slumping morale and unpopular reorganization - The Washington Post
The National Security Agency is losing its top talent at a worrisome rate as highly skilled personnel, some disillusioned with the spy service’s leadership and an unpopular reorganization, take higher-paying, more flexible jobs in the private sector.
Since 2015, the NSA has lost several hundred hackers, engineers and data scientists, according to current and former U.S. officials with knowledge of the matter. The potential impact on national security is significant, they said.
Headquartered at Fort Meade in Maryland, the NSA employs a civilian workforce of about 21,000 there and is the largest producer of intelligence among the nation’s 17 spy agencies. The people who have left were responsible for collecting and analyzing the intelligence that goes into the president’s daily briefing. Their work also included monitoring a broad array of subjects including the Islamic State, Russian and North Korean hackers, and analyzing the intentions of foreign governments, and they were responsible for protecting the classified networks that carry such sensitive information.
gov2.0  hack  NSA  privacy  security  shadow_brokers  spying  wikileaks 
january 2018 by rgl7194
Long Article on NSA and the Shadow Brokers - Schneier on Security
The New York Times just published a long article on the Shadow Brokers and their effects on NSA operations. Summary: it's been an operational disaster, the NSA still doesn't know who did it or how, and NSA morale has suffered considerably.
This is me on the Shadow Brokers from last May.
security  privacy  hack  shadow_brokers  gov2.0  leak 
january 2018 by rgl7194
Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core - The New York Times
A serial leak of the agency’s cyberweapons has damaged morale, slowed intelligence operations and resulted in hacking attacks on businesses and civilians worldwide.
WASHINGTON — Jake Williams awoke last April in an Orlando, Fla., hotel where he was leading a training session. Checking Twitter, Mr. Williams, a cybersecurity expert, was dismayed to discover that he had been thrust into the middle of one of the worst security debacles ever to befall American intelligence.
Mr. Williams had written on his company blog about the Shadow Brokers, a mysterious group that had somehow obtained many of the hacking tools the United States used to spy on other countries. Now the group had replied in an angry screed on Twitter. It identified him — correctly — as a former member of the National Security Agency’s hacking group, Tailored Access Operations, or T.A.O., a job he had not publicly disclosed. Then the Shadow Brokers astonished him by dropping technical details that made clear they knew about highly classified hacking operations that he had conducted.
America’s largest and most secretive intelligence agency had been deeply infiltrated.
gov2.0  spying  security  NSA  nytimes  wikileaks  hack  privacy  shadow_brokers 
january 2018 by rgl7194
Security Researchers Are Gathering Funds to Buy Future Shadow Brokers Exploits
UPDATE [June 1, 05:00 AM ET]: Due to legal concerns, the team behind this campaign has pulled out and shut down the project. Statements here and here. The original article is below.
A group of security researchers have set up a Patreon page to raise funds necessary to buy their way into the first batch of monthly exploit the Shadow Brokers promised on Tuesday.
The four researchers are Matthew Hickey (@HackerFantastic), @X0rz, Nicholas Weaver (@ncweaver), and Tim Strazzere (@timstrazz).
security  privacy  hack  shadow_brokers  subscription  malware  ransomware  0day  gov2.0 
june 2017 by rgl7194
Who Are the Shadow Brokers? - Schneier on Security
In 2013, a mysterious group of hackers that calls itself the Shadow Brokers stole a few disks full of NSA secrets. Since last summer, they've been dumping these secrets on the Internet. They have publicly embarrassed the NSA and damaged its intelligence-gathering capabilities, while at the same time have put sophisticated cyberweapons in the hands of anyone who wants them. They have exposed major vulnerabilities in Cisco routers, Microsoft Windows, and Linux mail servers, forcing those companies and their customers to scramble. And they gave the authors of the WannaCry ransomware the exploit they needed to infect hundreds of thousands of computer worldwide this month.
After the WannaCry outbreak, the Shadow Brokers threatened to release more NSA secrets every month, giving cybercriminals and other governments worldwide even more exploits and hacking tools.
Who are these guys? And how did they steal this information? The short answer is: we don't know. But we can make some educated guesses based on the material they've published.
security  privacy  hack  shadow_brokers  subscription  malware  ransomware  0day  gov2.0 
june 2017 by rgl7194
The Shadow Brokers Announce Details About Upcoming Monthly Dump Service
In a message posted online early this morning, the Shadow Brokers — the cyber-espionage group believed to have stolen hacking tools from the NSA — announced new details about their upcoming "monthly dump service."
The group previously teased the new monthly dump service in mid-May, four days after the WannaCry ransomware wreaked havoc across the world using two hacking tools the Shadow Brokers leaked online in mid-April.
Trying to capitalize on the hype around NSA hacking tools created by the WannaCry outbreak, this new monthly dump service is yet another attempt from the Shadow Brokers to commercialize and sell their exploits. Previously, the group held a public auction, a crowdfunding campaign, and tried to sell individual exploits, all of which have failed to attract the customers they hoped.
security  privacy  hack  shadow_brokers  subscription  malware  ransomware  0day  gov2.0 
june 2017 by rgl7194
Shadow Brokers Launches 0-Day Exploit Subscriptions for $21,000 Per Month
As promised to release more zero-days exploits and hacking tools for various platforms starting from June 2017, the infamous hacking group Shadow Brokers is back with more information on how to subscribe and become a private member for receiving exclusive access to the future leaks.
The Shadow Brokers is the same hacking group who leaked NSA's built Windows hacking tools and zero-day exploits in public that led to the WannaCry menace.
When the Shadow Brokers promised its June 2017 release two weeks ago, the group announced that it would sell new zero-day exploits and hacking tools only to the private members with paid monthly subscription, instead of making them public for everyone.
security  privacy  hack  shadow_brokers  subscription  malware  ransomware  0day  gov2.0 
june 2017 by rgl7194
New Shadow Brokers 0-day subscription forces high-risk gamble on whitehats | Ars Technica
Mysterious group with cache of NSA exploits promises new release to those who pay.
The mysterious group that over the past nine months has leaked millions of dollars' worth of advanced hacking tools developed by the National Security Agency said Tuesday it will release a new batch of tools to individuals who pay a $21,000 subscription fee. The plans, announced in a cryptographically signed post published Tuesday morning, are generating an intense moral dilemma for security professionals around the world.
On the one hand, the Shadow Brokers, as the person or group calls itself, has in the past released potent hacking tools into the wild, including two that were used to deliver the WCry ransomware worm that infected more than 200,000 computers in 150 countries. If the group releases similarly catastrophic exploits for Windows 10 or mainstream browsers, security professionals are arguably obligated to have access to them as soon as possible to ensure patches and exploit signatures are in place to prevent similar outbreaks. On the other hand, there's something highly unsavory and arguably unethical about whitehats paying blackhats with a track record as dark as that of the Shadow Brokers.
security  privacy  hack  shadow_brokers  subscription  malware  ransomware  0day  gov2.0 
may 2017 by rgl7194
Fearing Shadow Brokers leak, NSA reported critical flaw to Microsoft | Ars Technica
WaPo confirms long-held suspicions as NSA cyberweapons crisis threatens to grow worse.
After learning that one of its most prized hacking tools was stolen by a mysterious group calling itself the Shadow Brokers, National Security Agency officials warned Microsoft of the critical Windows vulnerability the tool exploited, according to a report published Tuesday by The Washington Post. The private disclosure led to a patch that was issued in March.
security  privacy  hack  shadow_brokers  0day  gov2.0  politics  microsoft 
may 2017 by rgl7194
Daring Fireball: Malware, Described in Leaked NSA Documents, Cripples Computers Worldwide
The Washington Post:
Cybersecurity experts said the malicious software works by exploiting a flaw in Microsoft software that was described in NSA documents stolen from the agency and leaked publicly in April by a criminal group called Shadow Brokers.
Microsoft released a “critical” patch fixing the flaw in March, before the NSA documents were publicly released, but the patch was apparently applied inconsistently, with many computers continuing to be unprotected. The malicious software — called “ransomware” because it encrypts systems and threatens to destroy data if a ransom is not paid — is spreading among computers that have not been patched, experts said.
The NSA did not respond to requests for comment.
Remember last year when a whole bunch of people wanted Apple to create a special version of iOS for the U.S. government, under the promise that it would never escape their safe hands and get into the wild? Like this ignoramus, who was then campaigning for president.
security  privacy  encryption  malware  wikileaks  gov2.0  daring_fireball  hack  shadow_brokers 
may 2017 by rgl7194
More on the CIA Document Leak - Schneier on Security
If I had to guess right now, I'd say the documents came from an outsider and not an insider. My reasoning: One, there is absolutely nothing illegal in the contents of any of this stuff. It's exactly what you'd expect the CIA to be doing in cyberspace. That makes the whistleblower motive less likely. And two, the documents are a few years old, making this more like the Shadow Brokers than Edward Snowden. An internal leaker would leak quickly. A foreign intelligence agency -- like the Russians -- would use the documents while they were fresh and valuable, and only expose them when the embarrassment value was greater.
James Lewis agrees:
But James Lewis, an expert on cybersecurity at the Center for Strategic and International Studies in Washington, raised another possibility: that a foreign state, most likely Russia, stole the documents by hacking or other means and delivered them to WikiLeaks, which may not know how they were obtained. Mr. Lewis noted that, according to American intelligence agencies, Russia hacked Democratic targets during the presidential campaign and gave thousands of emails to WikiLeaks for publication.
security  privacy  gov2.0  CIA  hack  tools  wikileaks  shadow_brokers 
march 2017 by rgl7194

related tags

0day  cia  daring_fireball  edward_snowden  encryption  exploit  gov2.0  hack  hackers  leak  malware  microsoft  national_security  nsa  nytimes  politics  privacy  ransomware  security  snowden  spying  subscription  tools  vulnerabilities  wikileaks  windows 

Copy this bookmark: