Articles about NSA

It feels as though it has been a while since we heard anything from the hacking group TheShadowBrokers. The group's latest data dump sees the release of the NSA's UNITEDRAKE exploit tool, and there's also a promise of two data dumps a month moving forward.

UNITEDRAKE is a remote access hacking tool that can be used to target Windows machines. Modular in nature, the malware can be expanded through the use of plugins to increase its capabilities so it can capture footage from webcams, tap into microphones, capture keystrokes, and more.

Continue reading →

Kim Dotcom has been of interest to the US government and law enforcement agencies for some time, and it was ruled that the Mega and Megaupload founder could be extracted to the US. But now it seems that the NSA was spying on the internet entrepreneur after surveillance was supposed to have stopped.

New Zealand's Government Communications Security Bureau (GCSB) had been working with the NSA on a joint surveillance operation called Operation Debut. While surveillance was supposed to have stopped in January 2012, it has emerged that the NSA continued to use GCSB's technology without its knowledge.

Continue reading →

When Donald Trump met with Vladimir Putin, the pair apparently discussed the idea of the two nations forming an "impenetrable Cyber Security unit." It's an unlikely partnership, to say the least, and NSA Director Mike Rogers has voiced his disapproval of the move.

Given the, erm, interesting relationship between the US and Russia, the controversy surrounding Russia's possible hacking of the last election, and Trump's ongoing problems defending himself over rumored Russian ties, it's perhaps little surprise that the NSA chief says "now is probably not the best time" for the two superpowers to work together on such a project.

Continue reading →

BlackBerry has announced that it is now able to sell its secure messaging solutions to the US and Canadian governments. The news comes after the company received endorsement from the NSA's National Information Assurance Partnership for SecuSUITE for Government.

BlackBerry points out that governments have long had to contend with wiretapping and other forms of surveillance, and says that SecuSUITE for Government offers effective end-to-end encryption for voice calls and text messages.

Continue reading →

Section 702 of the FISA Amendments Act -- the legislation used to permit the NSA to conduct online surveillance -- is due to expire at the end of the year. We have already seen a number of the big names from the world of technology calling for a number of changes during reform.

As part of the reform, officials had promised that they would reveal broad details about the number of American citizens about whom information has been, and is, collected. This is no longer the case. The Director of National Intelligence has performed a u-turn on the promise.

Continue reading →

Security researchers have warned that more dangerous malware has been released from the recent NSA dump that resulted in the WannaCry ransomware outbreak.

Experts at Secarma have revealed that the attack could be hiding another malicious package, which could be as dangerous as WannaCry.

Continue reading →

New evidence has emerged detailing Russia's attempts to interfere in the 2016 US election. A leaked, top secret NSA report shared by the Intercept reveals that Russian intelligence agencies hacked the manufacturer of US voting systems.

The Intercept says that the authenticity of the documents has been independently verified, and they show a concerted Russian effort to sway the result of the battle between Trump and Clinton. Following the leak, a government contractor called Reality Leigh Winner has been arrested for allegedly removing classified material from a government facility in Georgia.

Continue reading →

TheShadowBrokers, the hacking group behind the leak of NSA malware, has announced further details of the "Data Dump of the Month" subscription service it has previously talked about. Now known as "TheShadowBrokers Monthly Dump Service," the launch sees the group switching from Bitcoin to Zcash as its currency of choice.

Signing up for the service will set interested parties back 100 ZEC (Zcash). As this equates to over $20,000, it's not a subscription that many people are likely to be taking out, particularly as there is no evidence that the group has more exploits to offer. The hacking group has previously said that it has Windows 10 vulnerabilities to expose.

Continue reading →

A letter signed by more than 30 major technology companies has been sent to the House Judiciary Committee calling for a number of key changes to be made to NSA surveillance. The letter, signed by the likes of Facebook, Twitter, Google and Mozilla, asks lawmakers to make a number of considerations when reforming Section 702 of the FISA Amendments Act.

The signatories refer to themselves as "U.S.-based companies that provide consumer and business technology, products, and services around the world through the use of electronic data." Their letter is timed to coincide with debate about the reform of Section 702 which is used to justify NSA surveillance programs, and is due to expire at the end of the year. There are calls for increased transparency and controls, as well as the suggestion that surveillance should be reined in.

Continue reading →

A federal appeals court has ruled that the Wikimedia Foundation may sue the NSA for its warrantless use of the "Upstream" surveillance program. The ruling overturns an earlier one which said the foundation could not sue due to an inability to prove that Wikimedia communication was being monitored either directly or indirectly.

The ruling by the United States Court Of Appeals for The Fourth Circuit means that the foundation is now able to proceed with legal action that was previously blocked. The amount of traffic generated by Wikimedia proved key to winning the appeal.

Continue reading →

News over the past week has been dominated by the fallout from the WannaCry ransomware. Now the hacking group that released the NSA's hacking tool kit into the wild has announced plans to start an exploit subscription service in June.

ShadowBrokers used a blog post to announce that next month will see the launch of "TheShadowBrokers Data Dump of the Month" service. Described as "being like wine of month club," such a subscription service would attract a great deal of interest from intelligence agencies and would-be hackers alike, particularly if -- as the group suggests -- it includes access to Windows 10 exploits.

Continue reading →

With Russia being blamed for having a hand in fixing both the US and French elections, Russian President Vladimir Putin must be feeling at least a little smug that the WannaCrypt ransomware currently wreaking havoc around the world has nothing to do with his country.

Asked about the threat while at an international summit in Beijing, Putin said it was "worrisome" but that the United States, not Russia, was to blame.

Continue reading →

The "WannaCrypt" ransomware has proven to be a disaster globally. This malware will encrypt a user's files and then demand some Bitcoin ransom to decrypt them. While the amount being demanded is relatively low at $300 or $600, the scam can be modified for even larger amounts. Heck, even after the ransom is paid, there is no guarantee that the bad guys will follow through with the decryption, making it quite the gamble. As the ransomware has disrupted government agencies, medical services, and other critical computers, the ransom is being paid by some, as it can literally be the the difference between life and death -- surgeries and other procedures have been delayed.

While there are many directions in which you can point the finger of blame, Microsoft should absolutely not shoulder any of the responsibility. After all, the vulnerability that led to the disaster was patched back in March. It never even affected the most recent version of the operating system, Windows 10. The company has even since patched the archaic Windows XP! So who is to blame? Users and administrators that failed to keep their systems up to date are partially at fault. The biggest blame belongs to an unlikely party -- the US Government! You see, an agency of our own government -- the NSA -- knew about the exploit, and rather than alert Microsoft, it chose to stockpile it for intelligence purposes. Sadly, the exploit itself got leaked, and as a result, it landed into the hands of evildoers.

Continue reading →

The government is supposed to work for the people, but sometimes, it can feel like it is against them. In a democratic country like the USA, where many officials are elected by citizens, you would think this wouldn't be the case, but sadly, it often is. As Edward Snowden revealed in his leaks, the US government has programs where it spies on its own people, doing things like scanning and reading their emails.

Today, the National Security Agency announces -- somewhat begrudgingly -- that it will stop the collection of some American emails that simply mention known foreign targets. It will instead only collect communications to and from the target directly. While this is a big win for the privacy of American people, the NSA is seemingly implying that it could have negative implications for safety. In fact, the agency tries very hard to distance itself from any wrongdoing by making it clear that the reading of these emails were legal and allowed.

Continue reading →

Last year, hacking group TheShadowBrokers released a number of NSA exploits into the wild, showing how the agency was able to exploit big-name firewalls. At the same time it also released a second cache of documents, encrypted and password protected. Now, in protest against Donald Trump, the group has released the password for the encrypted data.

TheShadowBrokers used a Medium post over the weekend to express their disgust at Trump's presidency. The documents and tools released allegedly demonstrate that the US government, through the NSA, has been actively hacking foreign government networks, and reveal an exploit for the Unix-based Solaris operating system.

Continue reading →