Informations about SSL certificates and networks security
Auto Added by WPeMatico
Last August, an unknown group called the Shadow Brokers released a bunch of NSA tools to the public. The common guesses were that the tools were discovered on an external staging server, and that the hack and release was the work of the Russians (back then, that wasn’t controversial). This was me: Okay, so let’s … Read More “Shadow Brokers Releases the Rest of Their NSA Hacking Tools” »
NSA Deputy Director Richard Ledgett described a 2014 Russian cyberattack against the US State Department as “hand-to-hand” combat: “It was hand-to-hand combat,” said NSA Deputy Director Richard Ledgett, who described the incident at a recent cyber forum, but did not name the nation behind it. The culprit was identified by other current and former officials. … Read More “Incident Response as “Hand-to-Hand Combat”” »
Every year, the NSA has a competition for the best cybersecurity paper. Winners get to go to the NSA to pick up the award. (Warning: you will almost certainly be fingerprinted while you’re there.) Submission guidelines and nomination page. Powered by WPeMatico
Here is a listing of all the documents that the NSA has in its archives that are dated earlier than 1930. Powered by WPeMatico
WikiLeaks has started publishing a large collection of classified CIA documents, including information on several — possibly many — unpublished (i.e., zero-day) vulnerabilities in computing equipment used by Americans. Despite assurances that the US government prioritizes defense over offense, it seems that the CIA was hoarding vulnerabilities. (It’s not just the CIA; last year we … Read More “WikiLeaks Not Disclosing CIA-Hoarded Vulnerabilities to Companies” »
The New York Times reports that Uber developed apps that identified and blocked government regulators using the app to find evidence of illegal behavior: Yet using its app to identify and sidestep authorities in places where regulators said the company was breaking the law goes further in skirting ethical lines — and potentially legal ones, … Read More “Uber Uses Ubiquitous Surveillance to Identify and Block Regulators” »
At a talk last week, the head of US Cyber Command and the NSA Mike Rogers talked about the US buying cyberweapons from arms manufacturers. “In the application of kinetic functionality — weapons — we go to the private sector and say, ‘Build this thing we call a [joint directed-attack munition], a [Tomahawk land-attack munition].’ … Read More “Adm. Rogers Talks about Buying Cyberweapons” »
The Intercept has a long article on the relationship between Palantir Technologies and the NSA, based on the Snowden documents. Powered by WPeMatico
These days, it’s rare that we learn something new from the Snowden documents. But Ben Buchanan found something interesting. The NSA penetrates enemy networks in order to enhance our defensive capabilities. The data the NSA collected by penetrating BYZANTINE CANDOR’s networks had concrete forward-looking defensive value. It included information on the adversary’s “future targets,” including … Read More “NSA Using Cyberattack for Defense” »
Duqu 2.0 is a really impressive piece of malware, related to Stuxnet and probably written by the NSA. One of its security features is that it stays resident in its host’s memory without ever writing persistent files to the system’s drives. Now, this same technique is being used by criminals: Now, fileless malware is going … Read More “Duqu Malware Techniques Used by Cybercriminals” »