Archive for the ‘NSA’ Category

From his Russia exile, NSA ‘traitor’ Snowden shows savvy on the … – Sacramento Bee

From his Russia exile, NSA 'traitor' Snowden shows savvy on the ...
Sacramento Bee
Former NSA contractor Edward Snowden rakes in healthy fees in weekly video chats to universities and conventions, speaking on issues of secrecy and ...

and more »

Here is the original post:
From his Russia exile, NSA 'traitor' Snowden shows savvy on the ... - Sacramento Bee

Shadow Brokers leak links NSA to alleged US-Israeli Stuxnet malware that targeted Iran – RT

Published time: 17 Apr, 2017 17:26

Malicious computer malware that caused substantial damage to Irans nuclear program may be the work of the NSA, researchers burrowing into the latest leak from hacking group Shadow Brokers have discovered within the computer data.

A tool found in Fridays leak matched one used by the notorious Stuxnet malware.

First detected in 2010, Stuxnet is believed to be the joint work of the US and Israel; a claim that Edward Snowden backed up in a 2013 interview but which has never been acknowledged by either government.

Designed to target industrial control systems used in infrastructure facilities, Stuxnet modifies data on controller software affecting their automated processes.

Computer code found in last weeks leak from Shadow Brokers, alleged to have been stolen from the NSA, was also found to match that used in Stuxnet.

Officials, who spoke under anonymity to The Washington Post, said in 2012 that the worm, developed under George W.Bushs administration and continued under Barack Obamas, was designed to damage Irans nuclear capabilities.

When it infected Irans nuclear facility in Natanz, it reportedly destroyed a fifth of their centrifuges after causing them to spin out of control, all the while relaying readings back to technicians at the plant that operations were normal.

"There is a strong connection between Stuxnet and the Shadow Brokers dump," Symantec researcher Liam O'Murchu told Motherboard. "But not enough to definitively prove a connection."

A definite link will be almost impossible to prove as Stuxnets script was later copied and used in an open-source hacking toolkit, allowing it to be replicated numerous times online.

However, O'Murchu said the script found in Fridays leak was last compiled on September 9, 2010 - three months after Stuxnet was first identified and shortly before it was added to the hacking toolkit.

Also contained in the leak was ASCII art of a medal with the words Won the gold medal!!! above it. Stuxnet was reportedly given the codename Olympic Games.

Security architect Kevin Beaumont tweeted the results of an antivirus program check on the Shadow Brokers exploits leaked on Friday, which returned that it had detected Stuxnet.

The latest evidence against the NSA was contained in Fridays leak from Shadow Brokers, which also detailed hacks aimed at Windows PCs and the SWIFT network, used to process payment orders.

READ MORE: What the hack? The leaks that shaped 2016

Read more from the original source:
Shadow Brokers leak links NSA to alleged US-Israeli Stuxnet malware that targeted Iran - RT

Microsoft says users are protected from alleged NSA malware – New Pittsburgh Courier

PARIS (AP) _ Up-to-date Microsoft customers are safe from the purported National Security Agency spying tools dumped online, the software company said Saturday, tamping down fears that the digital arsenal was poised to wreak havoc across the internet .

In a blog post , Microsoft Corp. security manager Phillip Misner said that the software giant had already built defenses against nine of the 12 tools disclosed by TheShadowBrokers, a mysterious group that has repeatedly published NSA code . The three others affected old, unsupported products.

Most of the exploits are already patched, Misner said.

The post knocked back warnings from some researchers that the digital espionage toolkit made public by TheShadowBrokers took advantage of undisclosed vulnerabilities in Microsofts code. That would have been a potentially damaging development because such tools could swiftly be repurposed to strike across the companys massive customer base.

Those fears appear to have been prompted by experts using even slightly out-of-date versions of Windows in their labs. One of Microsofts fixes, also called a patch, was only released last month .

I missed the patch, said British security architect Kevin Beaumont, jokingly adding, Im thinking about going to live in the woods now.

Beaumont wasnt alone. Matthew Hickey, of cybersecurity firm Hacker House, also ran the code against earlier versions of Windows on Friday. But he noted that many organizations put patches off, meaning many servers will still be affected by these flaws.

Everyone involved recommended keeping up with software updates.

We encourage customers to ensure their computers are up-to-date, Misner said.

___

Online:

Raphael Satter is reachable on: http://raphaelsatter.com

Also On New Pittsburgh Courier:

Read more here:
Microsoft says users are protected from alleged NSA malware - New Pittsburgh Courier

Whispers from the Past: Political Figures Caught Up in NSA Intercepts – War on the Rocks

Word that President Donald Trump as well as some of his family and associates may have appeared in National Security Agency (NSA) intercepts as masked (and in some cases later unmasked) identities has caused a great deal of sturm und drang in the United States. Many Americans are convinced that the mentions of Trump-linked personalities in signals intelligence reports indicates that the deep state or the Obama administration was surveilling them and that this is a dangerous politicization of the intelligence community. Eli Lake of Bloomberg View, for instance, wrote:

One U.S. official familiar with the reports said they contained valuable political information on the Trump transition such as whom the Trump team was meeting, the views of Trump associates on foreign policy matters and plans for the incoming administration.

Lakes source is doubtless correct that these reports contained valuable political information, even if his conclusion that there is a legitimate unmasking scandal afoot is off base. Because America is important, foreigners spend a lot of time talking amongst themselves about Americans. The NSA targets the communications of influential foreigners, so we should expect the names of Americans to appear on a routine basis. Moreover, American officials who are named in intercepts often have reason to be grateful for that fact.

Consider this recently declassified NSA intercept from January 1973, part of a substantial collection of once extremely sensitive intercepts the agency posted without fanfare on its website. Back in the day, NSA entitled this particular report, U.S. Ambassador to Rome Reportedly to Succeed [U.S. Ambassador Ellsworth] Bunker in Saigon; Kissinger Reportedly Apprehensive About Possible Negotiations Failure, Surprised by Nixons Defense of [South Vietnamese President Nguyen Van] Thieu. On its face, this title makes it look like NSA is collecting on the ins and outs of State Department personnel deliberations and on the activities of President Richard Nixon and his senior aides. Shady stuff, indeed.

Actually, not really. Reading the full report makes clear that nothing of the sort was going on. In fact, the NSA says the series of intercepts

provided National Security Advisor Henry Kissinger and other senior American negotiators with unique insights into how their South Vietnamese allies were reacting to developments at the Paris Peace Talks with North Vietnamese envoy Le Duc Tho.

This particular report gave the text of a message from South Vietnamese Ambassador Pham Dang Lam in Paris to Thieu in Saigon. Saigons ambassador reported that an unnamed source close to the White House told him that U.S. diplomat Graham Martin had agreed to become ambassador to South Vietnam and had sought and received assurances from Nixon that the Communists would not be allowed to take over South Vietnam. Lam also advised Thieu that Washington Post reporter Murrey Marder had told him that National Security Advisor Henry Kissinger seemed afraid that the Paris Peace Talks would fail and was at odds with President Nixon over certain unspecified points.

This was potentially valuable information to Nixon and Kissinger because it gave them insight into what the South Vietnamese government thought the White House was planning. This information could be used to keep a step ahead of the South Vietnamese. The intercept also hinted to Nixon and Kissinger that Murrey Marder could possibly be used to influence the South Vietnamese or pass a deniable message to them. Also, the information about Kissingers pessimism and the disagreement with Nixon was potentially invaluable. If Kissinger meant to convey those impressions, then the intercept told him that he had succeeded. If, on the other hand, he had accidentally shown some of his cards, he was now aware of it and could take steps to repair the damage.

Nixon and Kissinger realized the value of having the NSA report foreign views of what they were doing. That is why you will see the notation TOHAK on this intercept and others in this lengthy series. TOHAK means to Henry A. Kissinger.

This is why I would say to Trump: Calm down, ask to read the intercepts in which you, your family members, and associates are allegedly named. The intercepts can be valuable to you. They may tell you what foreign actors really think of you and the people around you. Surely a great negotiator like you can find a way to exploit that knowledge to produce a win for the United States.

Dr. Mark Stout directs graduate programs in Global Security Studies and Intelligence at Johns Hopkins Krieger School of Arts and Sciences Advanced Academic Programs in Washington, DC. He has previously worked for the Department of the Army, the State Department, the CIA, and the Institute for Defense Analyses.

Continue reading here:
Whispers from the Past: Political Figures Caught Up in NSA Intercepts - War on the Rocks

Hacking Group Claims NSA Infiltrated Mideast Banking System – New York Times


New York Times
Hacking Group Claims NSA Infiltrated Mideast Banking System
New York Times
Among the leaks on Friday was an extensive list of PowerPoint and Excel documents that, if authentic, indicate that the N.S.A. has successfully infiltrated EastNets, a company based in Dubai that helps to manage transactions in the international bank ...
Hacker Documents Show NSA Tools for Breaching Global Money Transfer SystemU.S. News & World Report
Shadow Brokers Leak Reveals The NSA's Deep Access Into SWIFT Banking NetworkForbes
Mysterious Microsoft patch killed 0days released by NSA-leaking Shadow BrokersArs Technica
Aljazeera.com -Washington Post -The Intercept -Blogs TechNet - Microsoft
all 131 news articles »

Follow this link:
Hacking Group Claims NSA Infiltrated Mideast Banking System - New York Times