Displaying items by tag: shadow brokers

A group, which has been given the name Buckeye, was in possession of, and utilising, NSA exploits well before they were leaked on the Web by the Shadow Brokers, the American security firm Symantec claims.

ANALYSIS Predicting the future is generally a game for mugs but it is possible to say with a high degree of certainty that there will be no details of any American advanced persistent threats or APTs unveiled during Kaspersky Lab's annual Security Analyst Summit that kicks off in Singapore on Monday.

Former NSA contractor Harold Martin, who has been in jail for allegedly taking a massive horde of security material to his house, is set to plead guilty to the charges on Friday (Thursday US time).

Nearly three years after a leak of NSA exploits by a group calling itself the Shadow Brokers disclosed the open secret that the agency keeps knowledge of vulnerabilities to itself, the Australian Signals Directorate, the equivalent agency Down Under, has posted a document indicating that it, too, does not disclose all vulnerabilities it finds, but retains some for offensive purposes.

ANALYSIS Ex-NSA employees are the most likely sources for a yarn that ran in the American website Politico last week, claiming that researchers from Russian security firm Kaspersky Lab had tipped off the NSA that one of its employees, Harold Martin, could be worth investigating, after he allegedly sent Twitter messages to them.

It is somewhat ironic that the director-general of the Australian Signals Directorate, Mike Burgess, has chosen to vent about so-called myths around the new encryption law, when the man himself has been spreading a myth about 5G technology.

It has taken just three days for the Bloomberg claims about China spying on US firms through the implant of chips on server mainboards sold by the US firm, Supermicro, to lose most of their sheen.

A former member of the NSA's elite Tailored Access Operations unit has been sentenced to 5½ years in jail, followed by three years of supervised release, for what the US Justice Department has characterised as "willfull retention of classified national defence information".

A newly discovered threat actor or advanced persistent threat, that is targeting government and private sector organisations in the Middle East, is using NSA exploits leaked by the Shadow Brokers in April last year as part of its arsenal of threats, the security firm Symantec claims.

The US Justice Department's indictment of 12 Russians for alleged hacking offences connected to the 2016 US presidential election on Friday has got at least one ex-NSA hacker fearing a reprisal.

A group of researchers from the University College London, who have completed a study on the privacy-focused digital currency Zcash, may have provided a means of finding out who received payment for NSA exploits that were put on sale by a group known as the Shadow Brokers.

The US Government has named a suspect in the theft of documents from the CIA, which WikiLeaks released under the name Vault 7 from March last year, but has been unable to file charges against the man even though he has been detained since a week after the first leak.

A year after a leaked NSA Windows exploit known as EternalBlue was used to create the WannaCry ransomware that caused chaos around the world, a security researcher says it is being used more than ever by attackers in crafting threats.

At times, it does not pay to be the brightest kid on the block. But Kaspersky Lab, which has been in the forefront of A-V research for some time, would have got away even with this, had it not been for a catastrophic leak of Windows vulnerabilities crafted by the NSA via a group that has called itself the Shadow Brokers.

The holders of three accounts are believed to be involved in "fraudulent remittances" from India's City Union Bank to the tune of about US$2 million.

American intelligence agencies have been making an undercover effort to recover from Russian operatives material stolen from the NSA and, in part, exposed on the Web by a group known as the Shadow Brokers, a report claims.

Last year, the three big mainstream US newspapers ran articles that more or less spelt the death knell for Kaspersky Lab's deals with the American public sector. The new year has hardly begun, but The Wall Street Journal has been quick off the mark to recycle old claims against the Russian security firm, apparently relying on the old adage that if mud is thrown, then some will stick.

Former Washington Post employee Brian Krebs has taken down a story he wrote recently, claiming that a man with a Russian name could be the person who leaked NSA exploits to a group known as the Shadow Brokers.

More "evidence" has emerged this week, once again from a security company, this one based in Washington DC, that appears to point the finger at Russian involvement in the leaking of NSA exploits on the Web last year.

The NSA's counter-intelligence arm, the Q Group, and the FBI have no clue as to how exploits created by the NSA's Tailored Access Operations group leaked to the outside world, despite 15 months of investigation.