That was fast: Thousands of computers now compromised with leaked NSA tools, researchers say

Thousands of Microsoft Windows machines worldwide are infected with an NSA-developed backdoor that hackers installed by reusing leaked executable code from an outdated hacking toolkit belonging to the spy agency, multiple security researchers tell CyberScoop. The mysterious Shadow Brokers group published a package of internal NSA documents last week, containing among other things the computer code for a series of exploits, implants and other hacking tools. In the days since the leak first became public, hackers have mulled over the trove and begun reverse-engineering and recycling some of the capabilities, CyberScoop previously reported. One of these hacking tools, a backdoor implant codenamed DOUBLEPULSAR — which is used to run malicious code on an already compromised box — has already been installed on 30,000 to 50,000 hosts, according to Phobos Group founder Dan Tentler. Other researchers have also engineered different detection scripts to quickly scan the internet for infected computers. John Matherly, […]

The post That was fast: Thousands of computers now compromised with leaked NSA tools, researchers say appeared first on Cyberscoop.

Continue reading That was fast: Thousands of computers now compromised with leaked NSA tools, researchers say

Leaked NSA hacking tools are a hit on the dark web

A shadowy cast of random hackers are now sharing, promoting and working to adopt executable computer code evident in NSA documents that were published last week by the Shadow Brokers, private sector intelligence analysts tell CyberScoop. Underground hacking communities began developing and uploading tutorials on how to utilize some of the tools the same day the NSA documents were originally published, according to researchers at Israel-based dark web intelligence firm SenseCy. Forum members have shown a particular interest in a leaked framework similar to Metasploit that’s unique to the NSA called Fuzzbunch. SenseCy, a firm focused on the dark web staffed by former intelligence officials, identified a series of conversations occurring in a hidden Russian cybercrime forum discussing how members could exploit a bug in Windows Server Message Block, a network file sharing protocol. “Hackers [have] shared the leaked [NSA] information on various platforms, including explanations [for how to use the tools] published by Russian-language […]

The post Leaked NSA hacking tools are a hit on the dark web appeared first on Cyberscoop.

Continue reading Leaked NSA hacking tools are a hit on the dark web

Amazon third party sellers: A new threat

On Monday, the Wall Street Journal reported a wave of hijacked Amazon seller accounts that proceeded to fleece buyers for large sums of money. As reported here, attackers would use credentials harvested from other breaches to take over the account, th… Continue reading Amazon third party sellers: A new threat

Is My Password Safe? Practices for People Who Know Better

A couple of weeks back a report came out where [Tavis Ormandy], a widely known security researcher for Google Project-Zero, showed how it was possible to abuse Lastpass RPC commands and steal user passwords. Irony is… Lastpass is a software designed to keep all your passwords safe and it’s designed in a way that even they can’t access your passwords, the passwords are stored locally using strong cryptography, only you can access them via a master-key. Storing all your passwords in only place has its downfalls. By the way, there is no proof or suggestion that this bug was abused …read more

Continue reading Is My Password Safe? Practices for People Who Know Better

Friction by design: FBI, DHS disagree on when to tell victims they’ve been hacked

Competing interests exist between two of the predominant federal agencies tasked with stopping hackers from attacking the U.S., officials say, and that dynamic shapes how and when the government notifies Americans if they’ve been breached. The Homeland Security Department and FBI follow distinctly different missions, and this extends into cyberspace, according to John Felker, director of the National Cybersecurity and Communications Integration Center. NCCIC is DHS’s around-the-clock office for incident awareness and response. Occasionally, DHS’s efforts to rapidly deploy software updates and immediately notify a victim when a cybersecurity incident occurs clashes with the FBI’s work to fully investigate and ultimately prosecute cybercriminals, Felker said Thursday. “There’s always going to be some tension between our mission space at DHS, which is asset response, threat mitigation — stop the bleeding, if you will — and law enforcement’s threat response, which is to catch a bad guy and make a successful prosecution,” Felker said during McAfee’s […]

The post Friction by design: FBI, DHS disagree on when to tell victims they’ve been hacked appeared first on Cyberscoop.

Continue reading Friction by design: FBI, DHS disagree on when to tell victims they’ve been hacked

Leaked CIA documents show just how complicated computer warfare really is

Providing context to the CIA documents published last week by WikiLeaks has proven challenging because of the prevalence of codenames, unfamiliar acronyms and other unique jargon in the material. But with the help of a former U.S. intelligence official, CyberScoop has been able to identify an internal conversation evident in the leaked documents that shows employees of the spy agency discussing how to remotely disrupt a video player likely being used by a terrorist. An author identified only as “User #71468” in one apparent internal CIA discussion forum published by WikiLeaks describes the use of an old hacking tool to “trash somebody’s files.” The author’s post is classified “SECRET//NOFORN,” meaning secret and not for review by foreign nationals. User #71468’s comment reads: “We were trashing data. It was awesome. We were even overwriting files opened for exclusive write by using direct writes to the physical drive (XP only folks, Vista […]

The post Leaked CIA documents show just how complicated computer warfare really is appeared first on Cyberscoop.

Continue reading Leaked CIA documents show just how complicated computer warfare really is

Some companies listed in CIA leak have yet to receive assistance from WikiLeaks

After publishing a trove of internal CIA documents, WikiLeaks founder Julian Assange announced last week that his organization will exclusively share the computer code for hacking tools owned by the spy agency with targeted technology firms identified in the leaked documents. As of late Monday, however, a significant number of affected companies told CyberScoop that WikiLeaks had yet to contact them. Assange’s pledge to offer assistance to these businesses, including household names like Microsoft, Google and Cisco, comes after WikiLeaks revealed that an unnamed defense contractor had provided nearly 9,000 documents from a digital library belonging to the CIA’s Engineering Development Group — an office reportedly tasked with developing computer espionage capabilities. More than 15 major technology vendors are mentioned in the leaked documents published last Tuesday. In some cases, an internal description for a private sector company’s technology also carries a discussion about how to compromise a product for […]

The post Some companies listed in CIA leak have yet to receive assistance from WikiLeaks appeared first on Cyberscoop.

Continue reading Some companies listed in CIA leak have yet to receive assistance from WikiLeaks

WikiLeaks Unveils Treasure Trove of CIA Documents

The latest from WikiLeaks is the largest collection of documents ever released from the CIA. The release, called ‘Vault 7: CIA Hacking Tools Revealed’, is the CIA’s hacking arsenal.

While Vault 7 is only the first part in a series of leaks of documents from the CIA, this leak is itself massive. The documents, available on the WikiLeaks site and available as a torrent, detail the extent of the CIA’s hacking program.

Of note, the CIA has developed numerous 0-day exploits for iOS and Android devices. The ‘Weeping Angel’ exploit for Samsung smart TVs,  “places the target TV in a …read more

Continue reading WikiLeaks Unveils Treasure Trove of CIA Documents

American Bar Association to offer cybersecurity insurance to law firms

After a year which saw multiple law firms end up in the headlines for data breaches, the American Bar Association expanded its insurance program Tuesday to offer cybersecurity coverage.  The new offering, ABA President Linda A. Klein said in a statement, comes at a time when “the number of cyber breaches increases everywhere and throughout […]

The post American Bar Association to offer cybersecurity insurance to law firms appeared first on Cyberscoop.

Continue reading American Bar Association to offer cybersecurity insurance to law firms

Internet of Things Teddy Bear Leaked 2 Million Parent and Kids Message Recordings

A company that sells “smart” teddy bears leaked 800,000 user account credentials—and then hackers locked it and held it for ransom. Continue reading Internet of Things Teddy Bear Leaked 2 Million Parent and Kids Message Recordings