shadow brokers – Page 7 – WindowsTechs.com

Massive Cyber Attack Cripples UK Hospitals, Spreads Globally

Posted on May 12, 2017 by Jack Laidlaw

A massive ransomware attack is currently under way. It was first widely reported having crippled the UK hospital system, but has since spread to numerous other systems throughout the world including FedEx in the US, the Russian Interior Ministry, and telecommunications firms in Spain and Russia.

The virus is known by names WannaCrypt, WannaCry, and a few other variants. It spreads using the ExternalBlue exploit in unpatched Windows machines older than version 10. The tools used to pull off this attack were likely from an NSA toolset leaked by the Shadow Brokers.

So far the strongest resource for technical information …read more

Continue reading Massive Cyber Attack Cripples UK Hospitals, Spreads Globally→

Iran-linked hackers used Microsoft Word flaw against Israeli targets, security firm says

Posted on April 27, 2017 by Patrick Howell O'Neill

Hackers allegedly linked to the Iranian government launched a digital espionage operation this month against more than 250 different Israel-based targets by using a recently disclosed and widely exploited Microsoft Word vulnerability, cybersecurity experts tell CyberScoop. The hacking group, dubbed OilRig by security researchers and believed to be tied to Iranian intelligence services, utilized a software flaw in Word officially known as CVE-2017-0199 that allows attackers to execute a remote computer intrusion to take full control of a target device while leaving little or no trace, said Michael Gorelik, vice president of Israeli security firm Morphisec. Over the last month, Morphisec has investigated the incident on behalf of multiple victims. Clients showed forensic evidence on their respective networks that could be linked back to OilRig. After its disclosure in March, CVE-2017-0199 was quickly exploited by nation-states and cybercriminals alike. OilRig has been around since at least 2015, according to numerous security industry experts who have […]

The post Iran-linked hackers used Microsoft Word flaw against Israeli targets, security firm says appeared first on Cyberscoop.

Continue reading Iran-linked hackers used Microsoft Word flaw against Israeli targets, security firm says→

Leaked NSA tools, now infecting over 200,000 machines, will be weaponized for years

Posted on April 24, 2017 by Patrick Howell O'Neill

More than 200,000 machines have been infected by an NSA backdoor leaked nearly two weeks ago by the Shadow Brokers hacking group, according to the latest scans and estimates. Experts expect to see the exploits, implants and other NSA-built hacking tools in use for as long as a decade into the future. U.S. computers are by far the most frequently hit targets of DOUBLEPULSAR, a backdoor implant allowing attackers to stealthily collect information and run malicious code on a target’s machine, according to the Swiss security firm Binary Edge, which counted 183,107 infected machines as of early Monday morning. More than 67,000 of those machines were American, while China, Russia and the U.K. have suffered several thousand infections each. On Friday, that number was 100,000 globally. An average of 25,000 machines have been infected globally every day over the last week. Experts say the actual number is higher than Monday’s assessment because each count is slow and does always not catch everything […]

The post Leaked NSA tools, now infecting over 200,000 machines, will be weaponized for years appeared first on Cyberscoop.

Continue reading Leaked NSA tools, now infecting over 200,000 machines, will be weaponized for years→

Tens of thousands Windows systems implanted with NSA’s DoublePulsar

Posted on April 24, 2017 by Zeljka Zorz

Has your Windows machine been implanted with NSA’s DoublePulsar backdoor? If you haven’t implemented the security updates released by Microsoft in March, chances are good that it has. What is DoublePulsar? DoublePulsar is a backdoor implant that enables the injection and running of DLLs – potentially malicious ones – on Windows computers. It was recently leaked by the Shadow Brokers, and hackers have been using it – in conjunction with the EternalBlue exploit – to … More → Continue reading Tens of thousands Windows systems implanted with NSA’s DoublePulsar→

That was fast: Thousands of computers now compromised with leaked NSA tools, researchers say

Posted on April 21, 2017 by Chris Bing

Thousands of Microsoft Windows machines worldwide are infected with an NSA-developed backdoor that hackers installed by reusing leaked executable code from an outdated hacking toolkit belonging to the spy agency, multiple security researchers tell CyberScoop. The mysterious Shadow Brokers group published a package of internal NSA documents last week, containing among other things the computer code for a series of exploits, implants and other hacking tools. In the days since the leak first became public, hackers have mulled over the trove and begun reverse-engineering and recycling some of the capabilities, CyberScoop previously reported. One of these hacking tools, a backdoor implant codenamed DOUBLEPULSAR — which is used to run malicious code on an already compromised box — has already been installed on 30,000 to 50,000 hosts, according to Phobos Group founder Dan Tentler. Other researchers have also engineered different detection scripts to quickly scan the internet for infected computers. John Matherly, […]

The post That was fast: Thousands of computers now compromised with leaked NSA tools, researchers say appeared first on Cyberscoop.

Continue reading That was fast: Thousands of computers now compromised with leaked NSA tools, researchers say→

>10,000 Windows computers may be infected by advanced NSA backdoor

Posted on April 21, 2017 by Dan Goodin

Did script kiddies use DoublePulsar code released by NSA-leaking Shadow Brokers? Continue reading >10,000 Windows computers may be infected by advanced NSA backdoor→

Oracle databases at risk because of a leaked NSA hacking tool, researcher says

Posted on April 20, 2017 by Chris Bing

The recent leak of NSA hacking tools designed to compromise SWIFT Service Alliance servers comes with a key to pry open thousands of Oracle databases around the globe, new research suggests. While most of the hacking tools revealed April 14 by the group known as the Shadow Brokers target vulnerabilities in outdated versions of Microsoft Windows operating systems, the release also contained an implant and two scripts apparently engineered by the NSA to breach and exfiltrate data from Oracle databases. Those tools were part of an expansive U.S. espionage operation aimed at hacking into Middle Eastern SWIFT service bureaus. SWIFT is an international computer network that acts as a ledger and enables financial institutions to send and receive information about financial transactions. Some banks rely on service bureaus to effectively access SWIFT’s architecture. Service bureaus in the Middle East commonly host and manage transaction data from regional banks on Oracle databases. These Oracle […]

The post Oracle databases at risk because of a leaked NSA hacking tool, researcher says appeared first on Cyberscoop.

Continue reading Oracle databases at risk because of a leaked NSA hacking tool, researcher says→

April 18, 2017 – Hack Naked News #220

Posted on April 20, 2017 by Paul Asadoorian

Doug White and Jason Wood discuss Cyberpatriot, Shadow Brokers, and more on this episode of Hack Naked News! Full Show Notes Visit http://hacknaked.tv to get all the latest episodes! http://traffic.libsyn.com/hntvaudio/Hack_Naked_News__220_-_April_18_2… Continue reading April 18, 2017 – Hack Naked News #220→

Leaked NSA hacking tools are a hit on the dark web

Posted on April 20, 2017 by Chris Bing

A shadowy cast of random hackers are now sharing, promoting and working to adopt executable computer code evident in NSA documents that were published last week by the Shadow Brokers, private sector intelligence analysts tell CyberScoop. Underground hacking communities began developing and uploading tutorials on how to utilize some of the tools the same day the NSA documents were originally published, according to researchers at Israel-based dark web intelligence firm SenseCy. Forum members have shown a particular interest in a leaked framework similar to Metasploit that’s unique to the NSA called Fuzzbunch. SenseCy, a firm focused on the dark web staffed by former intelligence officials, identified a series of conversations occurring in a hidden Russian cybercrime forum discussing how members could exploit a bug in Windows Server Message Block, a network file sharing protocol. “Hackers [have] shared the leaked [NSA] information on various platforms, including explanations [for how to use the tools] published by Russian-language […]

The post Leaked NSA hacking tools are a hit on the dark web appeared first on Cyberscoop.

Continue reading Leaked NSA hacking tools are a hit on the dark web→

Shadow Brokers Release Dangerous NSA Hacking Tools

Posted on April 19, 2017 by Darknet

It’s not the first time Shadow Brokers has been on the radar with NSA Hacking Tools, in August 2016 they exposed a bunch of 0-day exploits (also from 2013). This cache of tools appears to be from 2013, so was properly snatched during the same intrusion. This is somewhat more dangerous though as it provides […]

The post Shadow Brokers…

Read the full post at darknet.org.uk

Continue reading Shadow Brokers Release Dangerous NSA Hacking Tools→