NSA

NSA, ASD publish advisory for detecting and mitigating web shell malware

Malicious web shells can evade detection from most security tools, so they are difficult to detect

• Threats and Risks
• 24 April 2020

CIA was behind 11-year cyber campaign against China, claims Qihoo 360

China’s Qihoo-360 names former CIA intelligence officer it claims was behind China cyber attacks, linking him to Vault 7 trove of attack tools

• Security
• 03 March 2020

Microsoft releases patch for Windows crypto vulnerability disclosed by the NSA

Serious Windows security flaw affects the Windows CryptoAPI module, which provides services for encrypting and decrypting data

• Security
• 15 January 2020

'DarkUniverse' APT referenced in 2017 Shadow Brokers leak uncovered by Kaspersky

DarkUniverse developed its full-featured malware from scratch but went quiet shortly after the Shadow Brokers leak

• Security
• 06 November 2019

Tiny $2 spy chip can be added to IT hardware, claims security researcher Monta Elkins

Bloomberg has been widely derided for its Supermicro spy-chip story, but Elkins claims it's feasible and low cost

• Security
• 14 October 2019

China's APT10 hacking group suspected of cyber attacks against Airbus suppliers

Four major attacks on Airbus's supply chain have been detected in the past 12 months

• Hacking
• 27 September 2019

US government sues Edward Snowden over autobiography claiming it breaks NDAs

Legal action will relieve Snowden of any US royalties he'll earn from his autobiography

• Security
• 18 September 2019

China-linked APT3 group developed NSA-style hacking tools by observing their network traffic

APT3 used NSA-linked exploit tools before 'Shadow Brokers' leaks in 2016 and 2017

• Security
• 06 September 2019

NSA to build new features into its open-source malware analysis tool Ghidra

New enhancements will improve accuracy, claims NSA

• Security
• 09 August 2019

Russian search giant Yandex hacked by Western intelligence agencies to spy on developers

Yandex hack occurred between October and November 2018 when Regin malware associated with the NSA was found

• Security
• 28 June 2019

Chinese hackers repurposed captured NSA hacking tools to carry out cyber attacks in 2016

Symantec says group linked with China's Ministry of State Security acquired NSA tools months before they were leaked by Shadow Brokers

• Security
• 07 May 2019

Ex-NSA staffer jailed for taking malware work home - where it was detected by his Kaspersky anti-virus software

Five-and-a-half years for Nghia Hoang Pho for taking top-secret NSA malware home

• Security
• 27 September 2018

Wikileaks 'Vault 7' leak suspect named - but charged with harbouring images of child abuse

Former CIA and NSA staffer Joshua Schulte cited as suspect in Vault 7 leak of US secret services' hacking tools to Wikileaks

• Cloud and Infrastructure
• 16 May 2018

NSA's Microsoft SMB protocol exploit EternalBlue returns with WannaMine cryptocurrency-jacking malware

If you haven't patched against EternalBlue yet, you probably deserve to be crypto-jacked

• Security
• 02 February 2018

Patching isn't working and end-users ignore breaches, says ex-NSA security VP David Venable

Vendors need to be liable when their software is breached, says David Venable

• Threats and Risks
• 30 January 2018

NSA accidentally leaks more secrets after 'Red Disk' was left on unsecured AWS server

Who needs Edward Snowden when the NSA is so careless with its own data?

• Security
• 30 November 2017

Kaspersky NSA hacking report suggests contractor's PC was riddled with malware

Kaspersky identified more than 120 different types of malware on NSA contractor's PC

• Privacy
• 17 November 2017

Now GCHQ voices concerns over Kaspersky's alleged ties to Russian intelligence - and what its software might be doing on your machine

GCHQ concerned over Barclays' Kaspersky home banking giveaway

• Security
• 14 November 2017

Kaspersky admits filching NSA hacking tool source code via anti-virus software

Equation Group malware picked up by Kaspersky Anti-Virus in routine scan, company claims

• Security
• 25 October 2017

What SMBs can learn from WannaCry and the Vault 7 leaks

Do small businesses have anything to fear from the glut of anti-privacy tools?

• Hacking
• 05 July 2017

Author shuts down EternalRocks worm that could have out-damaged WannaCry

The developer of a worm using four different NSA exploits to spread has thrown in the towel

• Security
• 26 May 2017

New US IT security bill would force NSA to report WannaCry-style zero-day flaws

But not publicly, or to the software vendor itself

• Security
• 18 May 2017

SWIFT and Microsoft bid to ease fears over 'NSA hacking'

SWIFT and EastNets deny Shadow Brokers' claims, while Microsoft says it has patched any vulnerabilities

• Hacking
• 18 April 2017

Twitter warns developers not to create surveillance tools

Social network keen to restate its anti-surveillance stance

• Privacy
• 23 November 2016