NSA

Pierluigi Paganini December 01, 2018
ETERNALSILENCE – 270K+ devices vulnerable to UPnProxy Botnet build using NSA hacking tools

Over 270,000 connected devices run vulnerable implementations of UPnP, threat actors are attempting to recruit them in a multi-purpose botnet. In April, Akamai reported that threat actors compromised 65,000 home routers by exploiting vulnerabilities in Universal Plug’N’Play (UPnP), experts tracked the botnet as UPnProxy.  Now the company provided an update to its initial analysis revealing […]

Pierluigi Paganini October 21, 2018
DarkPulsar and other NSA hacking tools used in hacking operations in the wild

Attackers are targeting high-value servers using a three of hacking tools from NSA arsenal, including DarkPulsar, that were leaked by the Shadow Brokers hacker group. The hackers used the powerful cyber weapons to compromise systems used in aerospace, nuclear energy, R&D, and other industries. According to experts from Kaspersky Lab, threat actors leverage NSA tools DarkPulsar, DanderSpritz and Fuzzbunch […]

Pierluigi Paganini September 26, 2018
Former NSA TAO hacker sentenced to 66 months in prison over Kaspersky Leak

Former NSA TAO hacker was sentenced to 66 months in prison because he leaked top-secret online documents related to the US government ban on Kaspersky. A former member of the NSA’s Tailored Access Operations hacking team was sentenced to 66 months in prison because he leaked top-secret online documents related to the US government ban on Kaspersky software. The former NSA hacker is Nghia […]

Pierluigi Paganini July 02, 2018
NSA began deleting all call detail records (CDRs) acquired since 2015

NSA is deleting hundreds of millions of records of phone calls and text messages dating back to 2015 due to technical irregularities. The US National Security Agency announced it is deleting hundreds of millions of records of phone calls and text messages dating back to 2015 due to technical irregularities in some data received from telecommunications service providers. “Consistent with […]

Pierluigi Paganini June 28, 2018
Ops … the DoublePulsar NSA-Linked implant now works also on Windows Embedded devices

This is a very bad news for security community, the NSA-linked DoublePulsar exploit can now target Windows Embedded devices. The DoublePulsar exploit was released publicly in April 2017 by ShadowBrockers hackers that allegedly stole them from the NSA. The hackers leaked a huge trove of hacking tools and exploit codes used by the US intelligence agency, most of […]

Pierluigi Paganini June 19, 2018
Ex-CIA employee Joshua Adam Schulte charged with leaking Vault 7 dumps

An Ex-CIA employee, Joshua Adam Schulte (29), has been charged with stealing classified national defense information and sharing Vault 7 dumps with WikiLeaks. Yesterday, the Department of Justice announced that Schulte has been charged with 13 count indictment. In middle May, both The New York Times and The Washington Post, revealed the name of the alleged source of the Vault 7 […]

Pierluigi Paganini June 01, 2018
Yes, Germany BND foreign intelligence service can spy on the world’s biggest internet exchange

This week, a federal court has ruled that Germany’s BND foreign intelligence service can monitor major internet hubs for strategic security interests. Recently, the operator of the world’s top Internet Hub sued the BND foreign intelligence service for the surveillance activity conducted by the spy agency. The operator wants to be sure that the agency is […]

Pierluigi Paganini May 12, 2018
Wannacry outbreak anniversary: the EternalBlue exploit even more popular now

WannaCry ransomware outbreak anniversary – According to researchers from ESET, the popularity of EternalBlue increase significantly over the past months. Exactly one year ago, on May 12, the WannaCry ransomware infected hundreds of thousands of computers worldwide. The success of the malware was the use of the EternalBlue exploit that was stolen by Shadow Brokers […]

Pierluigi Paganini April 18, 2018
A flaw could allow easy hack of LG Network-attached storage devices

Network-attached storage devices manufactured by LG Electronics are affected by a critical remote code execution vulnerability that could be exploited by attackers to gain full control of the devices. The experts at the security firm VPN Mentor found a pre-auth remote command injection vulnerability that affects the majority of LG NAS device models. “we found a way to […]

Pierluigi Paganini March 08, 2018
Leaked NSA dump contains tools developed by NSA Territorial Dispute to track state-sponsored hackers

A specific NSA unit, dubbed NSA Territorial Dispute (TeDi) developed these scripts to monitor activities of nation-state actors. Security experts at CrySyS Lab and Ukatemi have revealed that the NSA dump leaked one year ago by the Shadow Brokers hacker group also contains a collection of scripts and scanning tools the NSA uses to track operations of foreign state-sponsored […]