#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

NSA | Breaking Cybersecurity News | The Hacker News

Latest Hacking Tools Leak Indicates NSA Was Targeting SWIFT Banking Network

Latest Hacking Tools Leak Indicates NSA Was Targeting SWIFT Banking Network
Apr 14, 2017
Update: Most of the exploits made publicly available (mentioned in this article) by the Shadow Brokers group are already patched by Microsoft in the last month's Patch Tuesday update. So, it is always recommended that you keep your systems up-to-date in order to prevent you from being hacked. The Shadow Brokers – a hackers group that claimed to have stolen a bunch of hacking tools from the NSA – released today more alleged hacking tools and exploits that target earlier versions of Windows operating system, along with evidence that the Intelligence agency also targeted the SWIFT banking system of several banks around the world. Last week, the hacking group released the password for an encrypted cache of Unix exploits , including a remote root zero-day exploit for Solaris OS, and the TOAST framework the group put on auction last summer. The hacking tools belonged to " Equation Group " – an elite cyber attack unit linked to the National Security Agency (NSA).

Shadow Brokers Group Releases More Stolen NSA Hacking Tools & Exploits

Shadow Brokers Group Releases More Stolen NSA Hacking Tools & Exploits
Apr 08, 2017
Remember The Shadow Brokers ? They are back. A hackers group that previously claimed to have stolen a bunch of hacking tools (malware, zero-day exploits, and implants) created by the NSA and gained popularity last year for leaking a portion of those tools is back. Today, The Shadow Brokers group released more alleged hacking tools and exploits that, the group claims, belonged to " Equation Group " – an elite cyber attack unit linked to the NSA. Besides dumping some NSA's hacking tools back in August 2016, the Shadow Brokers also released an encrypted cache of files containing more NSA's hacking tools and exploits in an auction, asking for 1 Million Bitcoins (around $568 Million). However, after failed auction , the group put up those hacking tools and exploits for direct sale on an underground website, categorizing them into a type — like "exploits," "Trojans," and "implant" — each of which ranged from 1 to 100 Bitcoins (fr

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future
Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu

Lavabit — Encrypted Email Service Once Used by Snowden, Is Back

Lavabit — Encrypted Email Service Once Used by Snowden, Is Back
Jan 21, 2017
Texas-based Encrypted Email Service ' Lavabit ,' that was forced to shut down in 2013 after not complying with a court order demanding access to SSL keys to snoop on Edward Snowden's emails , is relaunching on Friday. Lavabit CEO Ladar Levison had custody of the service's SSL encryption key that could have helped the government obtain Snowden's password. Although the FBI insisted it was only after Snowden's account, that was the key to the kingdom that would have helped the FBI agents obtain other users' credentials as well. But rather than complying with the federal request that could compromise the communications of all of its customers, Levison preferred to shut down his encrypted email service, leaving its 410,000 users unable to access their email accounts. Now, Levison has announced that he is reviving Lavabit with a new architecture that fixes the SSL problem — which according to him, was the biggest threat — and includes other privacy-enhancin

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

Stolen NSA "Windows Hacking Tools" Now Up For Sale!

Stolen NSA "Windows Hacking Tools" Now Up For Sale!
Jan 10, 2017
The Shadow Brokers who previously stole and leaked a portion of the NSA hacking tools and exploits is back with a Bang! The hacking group is now selling another package of hacking tools, " Equation Group Windows Warez ," which includes Windows exploits and antivirus bypass tools, stolen from the NSA-linked hacking unit, The Equation Group. For those unfamiliar with the topic, The Shadow Brokers is a notorious group of black-hat hackers who, in August 2016, leaked exploits, security vulnerabilities, and "powerful espionage tools" created by The Equation Group. On Saturday, the Shadow Brokers posted a message on their ZeroNet based website, announcing the sale of the entire " Windows Warez " collection for 750 Bitcoin (around US$678,630). The data dump contains many windows hacking tools, categorized as following: Fuzzing tools (used to discover errors and security loopholes) Exploit Framework Network Implants Remote Administration Tools (RAT) Remot

Shadow Brokers reveals list of Servers Hacked by the NSA

Shadow Brokers reveals list of Servers Hacked by the NSA
Oct 31, 2016
The hacker group calling itself the Shadow Brokers, who previously claimed to have leaked a portion of the NSA's hacking tools and exploits, is back with a Bang! The Shadow Brokers published more files today, and this time the group dumped a list of foreign servers allegedly compromised by the NSA-linked hacking unit, Equation Group, in various countries to expand its espionage operations. Top 3 Targeted Countries — China, Japan, and Korea The data dump  [ Download / File Password: payus ] that experts believe contains 306 domain names, and 352 IP addresses belong to at least 49 countries. As many as 32 domains of the total were run by educational institutes in China and Taiwan. A few target domains were based in Russia, and at least nine domains include .gov websites. The top 10 targeted countries include China, Japan, Korea, Spain, Germany, India, Taiwan, Mexico, Italy, and Russia. The latest dump has been signed by the same key as the first Shadow Brokers' dump of

Yahoo Email Spying Scandal — Here's Everything that has Happened So Far

Yahoo Email Spying Scandal — Here's Everything that has Happened So Far
Oct 08, 2016
Today Yahoo! is all over the Internet, but in a way the company would never have expected. It all started days ago when Reuters cited some anonymous sources and reported that Yahoo built a secret software to scan the emails of hundreds of millions of its users at the request of a U.S. intelligence service. At this point, we were not much clear about the intelligence agency: the National Security Agency or the FBI? The news outlet then reported that the company installed the software at the behest of Foreign Intelligence Surveillance Act (FISA) court order. Following the report, the New York Times reported that Yahoo used its system developed to scan for child p*rnography and spam to search for emails containing an undisclosed digital "signature" of a certain method of communication employed by a state-sponsored terrorist organization. Although Yahoo denied the reports, saying they are "misleading," a series of anonymous sources, therefore, unaccounta

Yahoo Built a Secret Tool to Scan Your Email Content for US Spy Agency

Yahoo Built a Secret Tool to Scan Your Email Content for US Spy Agency
Oct 04, 2016
Users are still dealing with the Yahoo's massive data breach that exposed over 1 Billion Yahoo accounts and there's another shocking news about the company that, I bet, will blow your mind. Yahoo might have provided your personal data to United States intelligence agency when required. Yahoo reportedly built a custom software programmed to secretly scan all of its users' emails for specific information provided by US intelligence officials, according to a report by Reuters . The tool was built in 2015 after company complied with a secret court order to scan hundreds of millions of Yahoo Mail account at the behest of either the NSA or the FBI, according to the report that cites three separate sources who are familiar with the matter. According to some experts, this is the first time when an American Internet company has agreed to such an extensive demand by a spy agency's demand by searching all incoming emails, examining stored emails or scanning a small number

Leaked NSA Hacking Tools Were 'Mistakenly' Left By An Agent On A Remote Server

Leaked NSA Hacking Tools Were 'Mistakenly' Left By An Agent On A Remote Server
Sep 23, 2016
If you are a hacker, you might have enjoyed the NSA's private zero-day exploits , malware and hacking tools that were leaked last month. But the question is: How these hacking tools ended up into the hands of hackers? It has been found that the NSA itself was not directly hacked, but a former NSA employee carelessly left those hacking tools on a remote server three years ago after an operation and a group of Russian hackers found them, sources close to the investigation told Reuters . The leaked hacking tools, which enable hackers to exploit vulnerabilities in systems from big vendors like Cisco Systems, Juniper, and Fortinet, were dumped publicly online by the group calling itself " The Shadow Brokers ." NSA officials have also admitted to the FBI that their careless employee acknowledged the error shortly afterward, and hence the agency was aware of its operative's mistake from last three years. But instead of warning the affected companies that their c

Leaked Exploits are Legit and Belong to NSA: Cisco, Fortinet and Snowden Docs Confirm

Leaked Exploits are Legit and Belong to NSA: Cisco, Fortinet and Snowden Docs Confirm
Aug 20, 2016
Last week, a group calling itself " The Shadow Brokers " published what it said was a set of NSA "cyber weapons," including some working exploits for the Internet's most crucial network infrastructure, apparently stolen from the agency's Equation Group in 2013. Well, talking about the authenticity of those exploits, The Intercept published Friday a new set of documents from the Edward Snowden archive, which confirms that the files leaked by the Shadow Brokers contain authentic NSA software and hacking tools used to secretly infect computers worldwide. As I previously mentioned , the leaked documents revealed how the NSA was systematically spying on customers of big technology companies like Cisco, Fortinet, and Juniper for at least a decade. Hacking tools from The Shadow Brokers leak named ExtraBacon, EpicBanana, and JetPlow, contain exploits that can compromise Cisco firewall products including devices from the Adaptive Security Appliance (ASA) li

The NSA Hack — What, When, Where, How, Who & Why?

The NSA Hack — What, When, Where, How, Who & Why?
Aug 17, 2016
You might have heard about the recent ongoing drama of NSA hack that has sparked a larger debate on the Internet concerning abilities of US intelligence agencies as well as their own security. Saturday morning the news broke that a mysterious group of hackers calling themselves "The Shadow Brokers" claimed it hacked an NSA-linked group and released some NSA hacking tools with a promise to sell more private "cyber weapons" to the highest bidder. The group dumped a bunch of private hacking tools from " Equation Group " – an elite cyber attack unit linked to the NSA – on GitHub and Tumblr. The Shadow Brokers hacking group has published the leaked data in two parts; one includes many hacking tools designed to inject malware into various servers and another encrypted file containing the "best files" that they made available for sale for 1 Million Bitcoins. However, GitHub deleted the files from its page, not due to any government pressur

NSA's Hacking Group Hacked! Bunch of Private Hacking Tools Leaked Online

NSA's Hacking Group Hacked! Bunch of Private Hacking Tools Leaked Online
Aug 15, 2016
It seems like the NSA has been HACKED! Update: The NSA Hack — What, When, Where, How, Who & Why? Explained Here. An unknown hacker or a group of hackers just claimed to have hacked into " Equation Group " -- a cyber-attack group allegedly associated with the United States intelligence organization NSA -- and dumped a bunch of its hacking tools (malware, private exploits, and hacking tools) online. I know, it is really hard to believe, but some cybersecurity experts who have been examining the leak data, exploits and hacking tools, believe it to be legitimate. Hacker Demands $568 Million in Bitcoin to Leak All Tools and Data Not just this, the hackers, calling themselves " The Shadow Brokers ," are also asking for 1 Million Bitcoins ( around $568 Million ) in an auction to release the 'best' cyber weapons and more files. Also Read:   Links Found between NSA, Regin Spy tool and QWERTY Keylogger Widely believed to be part of the NSA, Equati

NSA wants to Exploit Internet of Things and Biomedical Devices

NSA wants to Exploit Internet of Things and Biomedical Devices
Jun 11, 2016
The cyber attack vectors available to hackers will continue to grow as the Internet of Things (IoTs) become more commonplace, making valuable data accessible through an ever-widening selection of entry points. Although it's not the hackers alone, the NSA is also behind the Internet of Things. We already know the United States National Security Agency's (NSA) power to spy on American as well as foreign people – thanks to the revelations made by whistleblower Edward Snowden in 2013. But, now the agency is looking for new ways to collect even more data on foreign intelligence, and for this, the NSA is researching the possibilities of exploiting internet-connected biomedical devices ranging from thermostats to pacemakers. During a military technology conference in Washington D.C. on Friday, NSA deputy director Richard Ledgett said his agency officials are "looking at it sort of theoretically from a research point of view right now." Ledgett totally agreed o

Just One Device? No, Government wants Apple to Unlock 12 More iPhones

Just One Device? No, Government wants Apple to Unlock 12 More iPhones
Feb 24, 2016
Until now, the FBI is asking for Apple's help in unlocking the iPhone belonging to one of the terrorists in the San Bernardino shootings that killed 14 and injured 24 in December. However, in addition to iPhone 5C belonged to San Bernardino shooter Syed Farook, the U.S. Justice Department is looking at court orders forcing Apple to help officials unlock at least 12 iPhones. Citing sources, the Wall Street Journal reported that the federal authorities want to extract data from iPhones seized in a variety of criminal investigations are involved in undisclosed cases where prosecutors are compelling Apple to help them bypass iPhone's lockscreen. Although more details of these cases are not yet publicly disclosed, these dozen or so cases are all distinct from San Bernardino shooter's case and involve many iPhones using an older iOS version that has fewer security barriers to bypass. Also Read:    Police Reset Shooter's Apple ID that leaves iPhone Data U

NSA Data Center Experiencing 300 Million Hacking Attempts Per Day

NSA Data Center Experiencing 300 Million Hacking Attempts Per Day
Feb 22, 2016
Utah State computer systems are experiencing a massive cyber attack on up to 300 Million Hacking attempts per day due to National Security Agency's (NSA) data center in the state. Yes, 300,000,000 hacking attempts in a day! According to the statistical survey, it is evident that the computer systems in the US State of Utah began to experience the hacking attack a few years back, precisely, soon after the NSA revelations by global surveillance whistleblower Edward Snowden. It is a less-known fact that the NSA has built its new data center near the city of Bluffdale, Utah. However, a couple of years back, when Snowden revealed the presence of the data center, the attacks have constantly been going on. The PRISM spying program by Big Brothers at NSA might have shifted the attention of hackers for the retaliation against mass-surveillance and flared up this heightened cyber attacks against the spying agency. According to Utah Commissioner of public safety, Keith S

NSA's Top-Secret SKYNET May Be Killing Thousands of Innocent Civilians

NSA’s Top-Secret SKYNET May Be Killing Thousands of Innocent Civilians
Feb 17, 2016
So what do you expect from an Artificially intelligent program run by the government intelligence agency? Possibly killing innocent people. The real-life SKYNET , the fictional malevolent artificial intelligence in the Terminator movies, run by the US National Security Agency (NSA) is a surveillance program that uses cell phone metadata to track the GPS location and call activities of suspected terrorists, who may be shot by a Hellfire missile. Now, a new analysis of previously published NSA documents leaked by former NSA staffer Edward Snowden suggests that many of those people killed based on metadata may have been innocent. Last year, the leaked documents detailing the NSA's SKYNET programme published by The Intercept showed that NSA had used a machine learning algorithm on the cellular network metadata of 55 Million people in Pakistan to rate each citizen's likelihood of being a terrorist. You need to know that the US drone bombing campaigns in Pa

How Spy Agencies Hacked into Israeli Military Drones to Collect Live Video Feeds

How Spy Agencies Hacked into Israeli Military Drones to Collect Live Video Feeds
Feb 01, 2016
Featured Image Only. See Original leaked images below. In a joint surveillance program, the US intelligence agency NSA ( National Security Agency ) and the British intelligence agency GCHQ ( Government Communications Headquarters ) hacked into, decrypted, and tracked live video feeds of Israeli Military Drones and Fighter Jets . This could be one of the most shocking and embarrassing disclosures for Israel, who is the United States' ally and prides itself on its technical capabilities. Published by The Intercept, the newly released documents from the former NSA contractor Edward Snowden revealed that in an operation dubbed " Anarchist ," UK and US intelligence officials have been… ...regularly accessing Israeli drone cameras, allowing them to watch live video feeds from drones and fighter jets while Israel bombed Gaza and spied on Syria. But, how the intelligence officials were able to do so. Also Read: Google Wants to Fly Drones Over Your Head
Cybersecurity Resources