Category Archives: intelligence community

Report: Obama admin planted cyber ‘bombs’ inside Russian infrastructure

Posted on by

The Obama Administration reportedly planted cyber weapons within Russian infrastructure in 2016 to use in response to potential threats made by the Kremlin, according to the Washington Post. Through collaboration with members of the NSA, CIA and U.S. Cyber Command, according to the Washington Post, Obama gave his signature to a covert cyber operation designed “to be triggered remotely as part of retaliatory cyber-strike in the face of Russian aggression, whether an attack on a power grid or interference in a future presidential race.” The cyber weapons were “the digital equivalent of bombs that could be detonated if the United States found itself in an escalating exchange with Moscow,” but the project, including the “time sensitive” weapons, were never fully completed under Obama and the option for potential retaliation now rests with President Donald Trump. The Obama administration publicly announced a set of sanctions in December 2016 aimed at cracking […]

The post Report: Obama admin planted cyber ‘bombs’ inside Russian infrastructure appeared first on Cyberscoop.

Continue reading Report: Obama admin planted cyber ‘bombs’ inside Russian infrastructure

The leaked NSA hacking tool that will wreak havoc for years to come

Posted on by

A powerful hacking tool original used by the National Security Agency and subsequently leaked in April by the Shadow Brokers will give defenders problems for years to come as hackers continue to adopt and repurpose the malicious computer code, experts and former U.S. intelligence officials tell CyberScoop. The tool, codenamed EternalBlue, effectively leverages two different coding flaws in older versions of Microsoft Windows to propagate malware on a targeted computer network. In practice, this exploit breaks a network file sharing protocol known as the server message block, or SMB. Although Microsoft promptly released several software updates for affected versions of Windows in March, and then again most recently in May, millions of systems remain unpatched and therefore vulnerable to hackers using EternalBlue. Experts believe that the high-quality exploit will be used in the coming years by both amateurish hackers and sophisticated threat actors to steal information. “EternalBlue will exist and […]

The post The leaked NSA hacking tool that will wreak havoc for years to come appeared first on Cyberscoop.

Continue reading The leaked NSA hacking tool that will wreak havoc for years to come

PATCH Act Calls for VEP Review Board

Posted on by

The PATCH Act proposes the formation of a review board that would formalize and make transparent the processes by which the government determines whether it will use or disclose a zero-day vulnerability. Continue reading PATCH Act Calls for VEP Review Board

Where former spies go to become cybersecurity startup founders

Posted on by

In a half-constructed lot in Fulton, Maryland, behind a nondescript strip mall, sits a unique startup development firm with a team comprised by former intelligence officers, hackers and tech industry insiders. The brainchild of SEAL Team 6 alumnus Mike Janke, CIA officer-turned-entrepreneur Steven Witt and Silicon Valley money man Bob Ackerman, DataTribe is in the business of turning one-time spies into successful startup founders. Unassuming in name alone, DataTribe quietly oversees an investment fund of approximately $35 million, which it uses to guide early stage cybersecurity companies towards an acquisition or initial public offering. Most seed-stage-centric firms operate with much less capital than DataTribe. “We build gold cup startups,” Janke blankly stated during an interview at the firm’s headquarters. “We make it an unfair fight” by providing portfolio companies with an ample amount of resources. The fund is fueled by a close group of business partners, including several prominent private […]

The post Where former spies go to become cybersecurity startup founders appeared first on Cyberscoop.

Continue reading Where former spies go to become cybersecurity startup founders

IARPA director: New homomorphic crypto is ‘math magic’

Posted on by

The latest kind of advanced encryption could soon allow classified computing to be done on unclassified computer systems, a senior intelligence official said Thursday. “That’s really one of the next places [we’re] likely to look — Can we use homomorphic encryption to do secure multiparty computation?” Jason Matheny, director of the Intelligence Advanced Research Projects Activity, told the Billington Cybersecurity Summit. Matheny said that his agency had first started researching homomorphic encryption in 2011 to fix a gap in the way data was kept secure. The method allows analysis on encrypted data without the need for decryption. “We were good at protecting [data] at rest, we were good at protecting it in transit, but not while it was being processed,” Matheny said. The problem: In order to perform any computational function, even as simple as a search, the data had to be decrypted, then processed. And at that point an adversary who […]

The post IARPA director: New homomorphic crypto is ‘math magic’ appeared first on Cyberscoop.

Continue reading IARPA director: New homomorphic crypto is ‘math magic’

Legal peril looms over companies hoping to acquire CIA intel from WikiLeaks

Posted on by

A cloud of uncertainty hangs over a cohort of private companies that hope to receive software vulnerability information from WikiLeaks, according to top national security lawyers. “The law is unsettled as to whether tech companies can receive stolen, classified information from WikiLeaks for the purpose of patching security vulnerabilities that the CIA has allegedly been exploiting,” said Edward McAndrew, a former federal cybercrime prosecutor in the U.S. Attorney’s Offices for the Eastern District of Virginia. The transparency organization published thousands of internal, classified CIA documents two weeks ago in an effort to highlight apparent contradictions between how the U.S. government values digital espionage capabilities over the security and privacy of private technology companies. In a press conference live-streamed to Twitter on March 9, WikiLeaks’ Julian Assange claimed he would work with affected technology companies by privately providing them with executable code and other technical details that had been redacted from the […]

The post Legal peril looms over companies hoping to acquire CIA intel from WikiLeaks appeared first on Cyberscoop.

Continue reading Legal peril looms over companies hoping to acquire CIA intel from WikiLeaks

Dancho Danchev’s 2010 Disappearance – An Elaboration – Part Two

Posted on by

UPDATE: I can be reached at dancho.danchev@hush.com or at +359 87 68 93 890 in case of an emergency.

UPDATE: It appears that recently a car belonging to local police department (hxxp://troyan-police.com; police_troyan@abv.bg) was stopped somewhere aro… Continue reading Dancho Danchev’s 2010 Disappearance – An Elaboration – Part Two

Some companies listed in CIA leak have yet to receive assistance from WikiLeaks

Posted on by

After publishing a trove of internal CIA documents, WikiLeaks founder Julian Assange announced last week that his organization will exclusively share the computer code for hacking tools owned by the spy agency with targeted technology firms identified in the leaked documents. As of late Monday, however, a significant number of affected companies told CyberScoop that WikiLeaks had yet to contact them. Assange’s pledge to offer assistance to these businesses, including household names like Microsoft, Google and Cisco, comes after WikiLeaks revealed that an unnamed defense contractor had provided nearly 9,000 documents from a digital library belonging to the CIA’s Engineering Development Group — an office reportedly tasked with developing computer espionage capabilities. More than 15 major technology vendors are mentioned in the leaked documents published last Tuesday. In some cases, an internal description for a private sector company’s technology also carries a discussion about how to compromise a product for […]

The post Some companies listed in CIA leak have yet to receive assistance from WikiLeaks appeared first on Cyberscoop.

Continue reading Some companies listed in CIA leak have yet to receive assistance from WikiLeaks

WikiLeaks releases supposed CIA documents detailing U.S. hacking operations

Posted on by

WikiLeaks has published a cache of 8,761 files it claims provide insight into the CIA’s extensive computer hacking operations, including a description of tools and targeted technologies. In what is apparently the first in series of upcoming releases dubbed “Vault 7,” the controversial transparency organization claims that this will be the most comprehensive publication of confidential documents in CIA history. The series’ first installment is named “Year Zero.” It contains information related to dozens of supposed zero-day exploits developed for use against software and hardware created by prominent American technology firms like Apple, Google and Microsoft, among others. In theory, such capabilities would allow spies to compromise older operating systems found on iPhones and Android smartphones. WikiLeaks has yet to release any of the code behind these exploits, claiming that it will not do so “until a consensus emerges on the technical and political nature of the CIA’s program and […]

The post WikiLeaks releases supposed CIA documents detailing U.S. hacking operations appeared first on Cyberscoop.

Continue reading WikiLeaks releases supposed CIA documents detailing U.S. hacking operations