Category Archives: shadow brokers

Shadow Brokers data dump reveals yet another NSA-Stuxnet link

Posted on by

When the Shadow Brokers dumped on Friday another batch of data allegedly stolen from the Equation Group, which has been linked to the NSA, security researchers dove right in. Their first disclosed findings were of Window exploits taking advantage of bugs that were believed to be still unpatched, and apparent evidence that the NSA has hacked into Dubai-based EastNets, a firm that oversees payments in the global SWIFT transaction system for a considerable number of … More Continue reading Shadow Brokers data dump reveals yet another NSA-Stuxnet link

Shadow Brokers latest leak a gold mine for both criminals and researchers

Posted on by

As information security enthusiasts continue to pour over the Shadow Brokers latest dump, the alleged cache of NSA tools is turning out to be a treasure trove for both researchers and criminals. Ransomware known as “AES-NI” has been updated with a so-called “NSA Exploit Edition” that the malware’s developer claims  is now using EsteemAudit and EternalBlue exploits to infect machines, encrypt files and demand ransom for release.  EsteemAudit and EternalBlue were two tools dumped in last week’s leak. A rash of forum posts show several ransomware victims running old, unpatched or unsupported Windows servers that have been infected. There has been no independent confirmation on how the new ransomware works, but the malware’s author claimed to CyberScoop that they are using NSA exploits. “We use SMB [Server Message Block] and RDP [Remote Desktop Protocol] exploits: Esteemaudit, Eternalblue,” the developer said. “They all are in public now.” Liam O’Murchu, the director of Symantec’s security […]

The post Shadow Brokers latest leak a gold mine for both criminals and researchers appeared first on Cyberscoop.

Continue reading Shadow Brokers latest leak a gold mine for both criminals and researchers

Shadow Brokers leaks show U.S. spies successfully hacked Russian, Iranian targets

Posted on by

The leaked NSA documents and tools published in recent months by the mysterious Shadow Brokers group have provided rare insight into the clandestine digital espionage operations pursued by the spy agency over the past few years, including information on operations aimed at Iran and Russia. Last Friday the rogue group released a new package of NSA files, this time detailing numerous tools designed to break into older versions of Microsoft Windows and a campaign to compromise banking networks in the Middle East. Additional targets were also mentioned one week prior in a separate archive that was largely ignored by most media outlets. Yet the document cache published April 8 provides evidence that the NSA had once launched a series of successful computer-based intrusions against multiple high-profile foreign targets, including the Office of the President of Iran and the Russian Federal Nuclear Center, said two former intelligence officials who spoke to CyberScoop on the condition of […]

The post Shadow Brokers leaks show U.S. spies successfully hacked Russian, Iranian targets appeared first on Cyberscoop.

Continue reading Shadow Brokers leaks show U.S. spies successfully hacked Russian, Iranian targets

Microsoft patched the flaws allowing leaked Windows exploits to work

Posted on by

Microsoft has patched the vulnerabilities that allowed nine of the exploits released by the Shadow Brokers on Friday to work, and said that of the three remaining exploits, none will work on supported platforms (Windows 7 and newer versions of the OS, or Exchange 2010 and newer versions of Exchange). The list of addressed vulnerabilities (and the exploits they allowed) is as follows: Roughly half of these flaws were fixed at one point or another … More Continue reading Microsoft patched the flaws allowing leaked Windows exploits to work

Your Government’s Hacking Tools Are Not Safe

Posted on by

From Cellebrite, to Shadow Brokers, to the CIA dump, so many recent data breaches have shown there is a real risk of exposure of government hacking tools. Continue reading Your Government’s Hacking Tools Are Not Safe