NSA

US intelligence confirms actor 'likely Russian in origin' behind the SolarWinds hacking campaign

The operation appears to be an intelligence gathering effort, rather than an act of cyber warfare, agencies say

• Hacking
• 06 January 2021

NSA: Russian hackers are targeting a VMware vulnerability to steal data

The bug could allow attackers to forge SAML credentials to access protected data

• Hacking
• 08 December 2020

VMware rolls out security updates to address zero-day bug

The bug could enable an attacker to take control of a vulnerable machine running VMware Workspace One Access and other software

• Threats and Risks
• 07 December 2020

NSA details top 25 vulnerabilities to patch immediately

The NSA says Chinese state-sponsored hackers are actively exploiting these bugs in the wild

• Threats and Risks
• 21 October 2020

NSA and FBI expose Russian 'Drovorub' malware used to target Linux systems

The malware is being deployed in real-world attacks by hackers working for Russian military intelligence unit, they state

• Threats and Risks
• 14 August 2020

NSA pilots secure DNS model to protect against malware attacks

System will be rolled out to US defence contractors

• Security Technology
• 19 June 2020

Hackers linked with Russian military intelligence are exploiting Exim mail transfer agent bug to target US organisations, NSA warns

The particular group is referred to as "Sandworm" in cyber security community

• Hacking
• 29 May 2020

NSA, ASD publish advisory for detecting and mitigating web shell malware

Malicious web shells can evade detection from most security tools, so they are difficult to detect

• Threats and Risks
• 24 April 2020

CIA was behind 11-year cyber campaign against China, claims Qihoo 360

China’s Qihoo-360 names former CIA intelligence officer it claims was behind China cyber attacks, linking him to Vault 7 trove of attack tools

• Security
• 03 March 2020

Microsoft releases patch for Windows crypto vulnerability disclosed by the NSA

Serious Windows security flaw affects the Windows CryptoAPI module, which provides services for encrypting and decrypting data

• Security
• 15 January 2020

'DarkUniverse' APT referenced in 2017 Shadow Brokers leak uncovered by Kaspersky

DarkUniverse developed its full-featured malware from scratch but went quiet shortly after the Shadow Brokers leak

• Security
• 06 November 2019

Tiny $2 spy chip can be added to IT hardware, claims security researcher Monta Elkins

Bloomberg has been widely derided for its Supermicro spy-chip story, but Elkins claims it's feasible and low cost

• Security
• 14 October 2019

China's APT10 hacking group suspected of cyber attacks against Airbus suppliers

Four major attacks on Airbus's supply chain have been detected in the past 12 months

• Hacking
• 27 September 2019

US government sues Edward Snowden over autobiography claiming it breaks NDAs

Legal action will relieve Snowden of any US royalties he'll earn from his autobiography

• Security
• 18 September 2019

China-linked APT3 group developed NSA-style hacking tools by observing their network traffic

APT3 used NSA-linked exploit tools before 'Shadow Brokers' leaks in 2016 and 2017

• Security
• 06 September 2019

NSA to build new features into its open-source malware analysis tool Ghidra

New enhancements will improve accuracy, claims NSA

• Security
• 09 August 2019

Russian search giant Yandex hacked by Western intelligence agencies to spy on developers

Yandex hack occurred between October and November 2018 when Regin malware associated with the NSA was found

• Security
• 28 June 2019

Chinese hackers repurposed captured NSA hacking tools to carry out cyber attacks in 2016

Symantec says group linked with China's Ministry of State Security acquired NSA tools months before they were leaked by Shadow Brokers

• Security
• 07 May 2019

Ex-NSA staffer jailed for taking malware work home - where it was detected by his Kaspersky anti-virus software

Five-and-a-half years for Nghia Hoang Pho for taking top-secret NSA malware home

• Security
• 27 September 2018

Wikileaks 'Vault 7' leak suspect named - but charged with harbouring images of child abuse

Former CIA and NSA staffer Joshua Schulte cited as suspect in Vault 7 leak of US secret services' hacking tools to Wikileaks

• Cloud and Infrastructure
• 16 May 2018

NSA's Microsoft SMB protocol exploit EternalBlue returns with WannaMine cryptocurrency-jacking malware

If you haven't patched against EternalBlue yet, you probably deserve to be crypto-jacked

• Security
• 02 February 2018

Patching isn't working and end-users ignore breaches, says ex-NSA security VP David Venable

Vendors need to be liable when their software is breached, says David Venable

• Threats and Risks
• 30 January 2018

NSA accidentally leaks more secrets after 'Red Disk' was left on unsecured AWS server

Who needs Edward Snowden when the NSA is so careless with its own data?

• Security
• 30 November 2017

Kaspersky NSA hacking report suggests contractor's PC was riddled with malware

Kaspersky identified more than 120 different types of malware on NSA contractor's PC

• Privacy
• 17 November 2017