NSA | Breaking Cybersecurity News | The Hacker News

The National Security Agency (NSA) — the United States intelligence agency which is known for its secrecy and working in the dark — has finally joined GitHub and launched an official GitHub page. The NSA employs genius-level coders and brightest mathematicians, who continually work to break codes, gather intelligence on everyone, and develop hacking tools like EternalBlu e that was leaked by the Shadow Brokers in April and abused by the WannaCry ransomware last month to wreak havoc worldwide. The intelligence agency mostly works in secret, but after Edward Snowden leaks in 2013, the NSA has started (slowly) opening itself to the world. It joined Twitter in the same year after Snowden leaks and now opened a Github account. GitHub is an online service designed for sharing code amongst programmers and open source community, and so far, the NSA is sharing 32 different projects as part of the NSA Technology Transfer Program ( TTP ), while some of these are 'coming soon.'

Brace yourselves for a possible 'second wave' of massive global cyber attack, as SMB ( Server Message Block) was not the only network protocol whose zero-day exploits created by NSA were exposed in the Shadow Brokers dump last month. Although Microsoft released patches for SMB flaws for supported versions in March and unsupported versions immediately after the outbreak of the WannaCry ransomware, the company ignored to patch other three NSA hacking tools, dubbed " EnglishmanDentist ," " EsteemAudit ," and " ExplodingCan ." It has been almost two weeks since WannaCry ransomware began to spread, which infected nearly 300,000 computers in more than 150 countries within just 72 hours, though now it has been slowed down. For those unaware, WannaCry exploited a Windows zero-day SMB bug that allowed remote hackers to hijack PCs running on unpatched Windows OS and then spread itself to other unpatched systems using its wormable capability.

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

A security researcher has identified a new strain of malware that also spreads itself by exploiting flaws in Windows SMB file sharing protocol, but unlike the WannaCry Ransomware that uses only two leaked NSA hacking tools , it exploits all the seven. Last week, we warned you about multiple hacking groups exploiting leaked NSA hacking tools, but almost all of them were making use of only two tools: EternalBlue and DoublePulsar. Now, Miroslav Stampar, a security researcher who created famous 'sqlmap' tool and now a member of the Croatian Government CERT, has discovered a new network worm, dubbed EternalRocks , which is more dangerous than WannaCry and has no kill-switch in it. Unlike WannaCry, EternalRocks seems to be designed to function secretly in order to ensure that it remains undetectable on the affected system. However, Stampar learned of EternalRocks after it infected his SMB honeypot . The NSA exploits used by EternalRocks, which Stampar called " Do

Script kiddies and online criminals around the world have reportedly started exploiting NSA hacking tools leaked last weekend to compromise hundreds of thousands of vulnerable Windows computers exposed on the Internet. Last week, the mysterious hacking group known as Shadow Brokers leaked a set of Windows hacking tools targeting Windows XP, Windows Server 2003, Windows 7 and 8, and Windows 2012, allegedly belonged to the NSA's Equation Group. What's Worse? Microsoft quickly downplayed the security risks by releasing patches for all exploited vulnerabilities , but there are still risks in the wild with unsupported systems as well as with those who haven't yet installed the patches. Multiple security researchers have performed mass Internet scans over the past few days and found tens of thousands of Windows computers worldwide infected with DoublePulsar , a suspected NSA spying implant, as a result of a free tool released on GitHub for anyone to use. Security r

The latest dump of hacking tools allegedly belonged to the NSA is believed to be the most damaging release by the Shadow Brokers till the date. But after analyzing the disclosed exploits, Microsoft security team says most of the windows vulnerabilities exploited by these hacking tools, including EternalBlue, EternalChampion, EternalSynergy, EternalRomance and others, are already patched in the last month's Patch Tuesday update. " Most of the exploits that were disclosed fall into vulnerabilities that are already patched in our supported products. Customers still running prior versions of these products are encouraged to upgrade to a supported offering, " Microsoft Security Team said in a blog post  published today. On Good Friday, the Shadow Brokers released a massive trove of Windows hacking tools allegedly stolen from NSA that works against almost all versions of Windows, from Windows 2000 and XP to Windows 7 and 8, and their server-side variants such as Serve

Update: Most of the exploits made publicly available (mentioned in this article) by the Shadow Brokers group are already patched by Microsoft in the last month's Patch Tuesday update. So, it is always recommended that you keep your systems up-to-date in order to prevent you from being hacked. The Shadow Brokers – a hackers group that claimed to have stolen a bunch of hacking tools from the NSA – released today more alleged hacking tools and exploits that target earlier versions of Windows operating system, along with evidence that the Intelligence agency also targeted the SWIFT banking system of several banks around the world. Last week, the hacking group released the password for an encrypted cache of Unix exploits , including a remote root zero-day exploit for Solaris OS, and the TOAST framework the group put on auction last summer. The hacking tools belonged to " Equation Group " – an elite cyber attack unit linked to the National Security Agency (NSA).

Remember The Shadow Brokers ? They are back. A hackers group that previously claimed to have stolen a bunch of hacking tools (malware, zero-day exploits, and implants) created by the NSA and gained popularity last year for leaking a portion of those tools is back. Today, The Shadow Brokers group released more alleged hacking tools and exploits that, the group claims, belonged to " Equation Group " – an elite cyber attack unit linked to the NSA. Besides dumping some NSA's hacking tools back in August 2016, the Shadow Brokers also released an encrypted cache of files containing more NSA's hacking tools and exploits in an auction, asking for 1 Million Bitcoins (around $568 Million). However, after failed auction , the group put up those hacking tools and exploits for direct sale on an underground website, categorizing them into a type — like "exploits," "Trojans," and "implant" — each of which ranged from 1 to 100 Bitcoins (fr

Texas-based Encrypted Email Service ' Lavabit ,' that was forced to shut down in 2013 after not complying with a court order demanding access to SSL keys to snoop on Edward Snowden's emails , is relaunching on Friday. Lavabit CEO Ladar Levison had custody of the service's SSL encryption key that could have helped the government obtain Snowden's password. Although the FBI insisted it was only after Snowden's account, that was the key to the kingdom that would have helped the FBI agents obtain other users' credentials as well. But rather than complying with the federal request that could compromise the communications of all of its customers, Levison preferred to shut down his encrypted email service, leaving its 410,000 users unable to access their email accounts. Now, Levison has announced that he is reviving Lavabit with a new architecture that fixes the SSL problem — which according to him, was the biggest threat — and includes other privacy-enhancin

The Shadow Brokers who previously stole and leaked a portion of the NSA hacking tools and exploits is back with a Bang! The hacking group is now selling another package of hacking tools, " Equation Group Windows Warez ," which includes Windows exploits and antivirus bypass tools, stolen from the NSA-linked hacking unit, The Equation Group. For those unfamiliar with the topic, The Shadow Brokers is a notorious group of black-hat hackers who, in August 2016, leaked exploits, security vulnerabilities, and "powerful espionage tools" created by The Equation Group. On Saturday, the Shadow Brokers posted a message on their ZeroNet based website, announcing the sale of the entire " Windows Warez " collection for 750 Bitcoin (around US$678,630). The data dump contains many windows hacking tools, categorized as following: Fuzzing tools (used to discover errors and security loopholes) Exploit Framework Network Implants Remote Administration Tools (RAT) Remot

The hacker group calling itself the Shadow Brokers, who previously claimed to have leaked a portion of the NSA's hacking tools and exploits, is back with a Bang! The Shadow Brokers published more files today, and this time the group dumped a list of foreign servers allegedly compromised by the NSA-linked hacking unit, Equation Group, in various countries to expand its espionage operations. Top 3 Targeted Countries — China, Japan, and Korea The data dump  [ Download / File Password: payus ] that experts believe contains 306 domain names, and 352 IP addresses belong to at least 49 countries. As many as 32 domains of the total were run by educational institutes in China and Taiwan. A few target domains were based in Russia, and at least nine domains include .gov websites. The top 10 targeted countries include China, Japan, Korea, Spain, Germany, India, Taiwan, Mexico, Italy, and Russia. The latest dump has been signed by the same key as the first Shadow Brokers' dump of

Today Yahoo! is all over the Internet, but in a way the company would never have expected. It all started days ago when Reuters cited some anonymous sources and reported that Yahoo built a secret software to scan the emails of hundreds of millions of its users at the request of a U.S. intelligence service. At this point, we were not much clear about the intelligence agency: the National Security Agency or the FBI? The news outlet then reported that the company installed the software at the behest of Foreign Intelligence Surveillance Act (FISA) court order. Following the report, the New York Times reported that Yahoo used its system developed to scan for child p*rnography and spam to search for emails containing an undisclosed digital "signature" of a certain method of communication employed by a state-sponsored terrorist organization. Although Yahoo denied the reports, saying they are "misleading," a series of anonymous sources, therefore, unaccounta

Users are still dealing with the Yahoo's massive data breach that exposed over 1 Billion Yahoo accounts and there's another shocking news about the company that, I bet, will blow your mind. Yahoo might have provided your personal data to United States intelligence agency when required. Yahoo reportedly built a custom software programmed to secretly scan all of its users' emails for specific information provided by US intelligence officials, according to a report by Reuters . The tool was built in 2015 after company complied with a secret court order to scan hundreds of millions of Yahoo Mail account at the behest of either the NSA or the FBI, according to the report that cites three separate sources who are familiar with the matter. According to some experts, this is the first time when an American Internet company has agreed to such an extensive demand by a spy agency's demand by searching all incoming emails, examining stored emails or scanning a small number

If you are a hacker, you might have enjoyed the NSA's private zero-day exploits , malware and hacking tools that were leaked last month. But the question is: How these hacking tools ended up into the hands of hackers? It has been found that the NSA itself was not directly hacked, but a former NSA employee carelessly left those hacking tools on a remote server three years ago after an operation and a group of Russian hackers found them, sources close to the investigation told Reuters . The leaked hacking tools, which enable hackers to exploit vulnerabilities in systems from big vendors like Cisco Systems, Juniper, and Fortinet, were dumped publicly online by the group calling itself " The Shadow Brokers ." NSA officials have also admitted to the FBI that their careless employee acknowledged the error shortly afterward, and hence the agency was aware of its operative's mistake from last three years. But instead of warning the affected companies that their c

Last week, a group calling itself " The Shadow Brokers " published what it said was a set of NSA "cyber weapons," including some working exploits for the Internet's most crucial network infrastructure, apparently stolen from the agency's Equation Group in 2013. Well, talking about the authenticity of those exploits, The Intercept published Friday a new set of documents from the Edward Snowden archive, which confirms that the files leaked by the Shadow Brokers contain authentic NSA software and hacking tools used to secretly infect computers worldwide. As I previously mentioned , the leaked documents revealed how the NSA was systematically spying on customers of big technology companies like Cisco, Fortinet, and Juniper for at least a decade. Hacking tools from The Shadow Brokers leak named ExtraBacon, EpicBanana, and JetPlow, contain exploits that can compromise Cisco firewall products including devices from the Adaptive Security Appliance (ASA) li

You might have heard about the recent ongoing drama of NSA hack that has sparked a larger debate on the Internet concerning abilities of US intelligence agencies as well as their own security. Saturday morning the news broke that a mysterious group of hackers calling themselves "The Shadow Brokers" claimed it hacked an NSA-linked group and released some NSA hacking tools with a promise to sell more private "cyber weapons" to the highest bidder. The group dumped a bunch of private hacking tools from " Equation Group " – an elite cyber attack unit linked to the NSA – on GitHub and Tumblr. The Shadow Brokers hacking group has published the leaked data in two parts; one includes many hacking tools designed to inject malware into various servers and another encrypted file containing the "best files" that they made available for sale for 1 Million Bitcoins. However, GitHub deleted the files from its page, not due to any government pressur

It seems like the NSA has been HACKED! Update: The NSA Hack — What, When, Where, How, Who & Why? Explained Here. An unknown hacker or a group of hackers just claimed to have hacked into " Equation Group " -- a cyber-attack group allegedly associated with the United States intelligence organization NSA -- and dumped a bunch of its hacking tools (malware, private exploits, and hacking tools) online. I know, it is really hard to believe, but some cybersecurity experts who have been examining the leak data, exploits and hacking tools, believe it to be legitimate. Hacker Demands $568 Million in Bitcoin to Leak All Tools and Data Not just this, the hackers, calling themselves " The Shadow Brokers ," are also asking for 1 Million Bitcoins ( around $568 Million ) in an auction to release the 'best' cyber weapons and more files. Also Read:   Links Found between NSA, Regin Spy tool and QWERTY Keylogger Widely believed to be part of the NSA, Equati