Jim Risen writes a long and interesting article about his battles with the US government and the New York Times to report government secrets. Powered by WPeMatico
Category: cia
Auto Added by WPeMatico
WikiLeaks is still dumping CIA cyberweapons on the Internet. Its latest dump is something called “Pandemic”: The Pandemic leak does not explain what the CIA’s initial infection vector is, but does describe it as a persistent implant. “As the name suggests, a single computer on a local network with shared drives that is infected with … Read More “CIA’s Pandemic Toolkit” »
There’s something going on inside the intelligence communities in at least two countries, and we have no idea what it is. Consider these three data points. One: someone, probably a country’s intelligence organization, is dumping massive amounts of cyberattack tools belonging to the NSA onto the Internet. Two: someone else, or maybe the same someone, … Read More “Who is Publishing NSA and CIA Secrets, and Why?” »
WikiLeaks is obviously playing their Top Secret CIA data cache for as much press as they can, leaking the documents a little at a time. On Friday they published their fourth set of documents from what they call “Vault 7”: 27 documents from the CIA’s Grasshopper framework, a platform used to build customized malware payloads … Read More “Fourth WikiLeaks CIA Attack Tool Dump” »
WikiLeaks has started publishing a large collection of classified CIA documents, including information on several — possibly many — unpublished (i.e., zero-day) vulnerabilities in computing equipment used by Americans. Despite assurances that the US government prioritizes defense over offense, it seems that the CIA was hoarding vulnerabilities. (It’s not just the CIA; last year we … Read More “WikiLeaks Not Disclosing CIA-Hoarded Vulnerabilities to Companies” »
Useful best practices for malware writers, courtesy of the CIA. Seems like a lot of good advice. General: DO obfuscate or encrypt all strings and configuration data that directly relate to tool functionality. Consideration should be made to also only de-obfuscating strings in-memory at the moment the data is needed. When a previously de-obfuscated value … Read More “The CIA's “Development Tradecraft DOs and DON'Ts”” »
If I had to guess right now, I’d say the documents came from an outsider and not an insider. My reasoning: One, there is absolutely nothing illegal in the contents of any of this stuff. It’s exactly what you’d expect the CIA to be doing in cyberspace. That makes the whistleblower motive less likely. And … Read More “More on the CIA Document Leak” »
WikiLeaks just released a cache of 8,761 classified CIA documents from 2012 to 2016, including details of its offensive Internet operations. I have not read through any of them yet. If you see something interesting, tell us in the comments. EDITED TO ADD: There’s a lot in here. Many of the hacking tools are redacted, … Read More “WikiLeaks Releases CIA Hacking Tools” »