#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

cia leak | Breaking Cybersecurity News | The Hacker News

Wikileaks Unveils Project Protego: CIA's Secret Missile Control System

Wikileaks Unveils Project Protego: CIA's Secret Missile Control System
Sep 07, 2017
Every week since March Wikileaks has been leaking secrets from the United States Central Intelligence Agency (CIA), which mainly focus on surveillance techniques and hacking tools employed by its agents. However this time, the whistleblower organisation has released something different from its previous Vault 7 leaks , because it's not about hacking and spying; instead, it's a—Missile Control System. Dubbed Project Protego , the PIC-based missile control system is installed on-board a Pratt and Whitney Aircraft (PWA) equipped with missile launch system, which gives it ability to hit air-to-air and air-to-ground targets. The latest leak contains four secret documents in total from the project Protego, along with "37 related documents (proprietary hardware/software manuals from Microchip Technology Inc)," WikiLeaks says. Leaked documents reveal system design, a guide on how to configure and build Protego images, and also suggest that all micro-controller un

Cisco Finally Patches 0-Day Exploit Disclosed In Wikileaks-CIA Leak

Cisco Finally Patches 0-Day Exploit Disclosed In Wikileaks-CIA Leak
May 10, 2017
Cisco Systems has finally released an update for its IOS and IOS XE software to address a critical vulnerability, disclosed nearly two months back in the CIA Vault 7 leak , that affects more than 300 of its switch models. The company identified the vulnerability in its product while analyzing "Vault 7" dump — thousands of documents and files leaked by Wikileaks, claiming to detail hacking tools and tactics of the U.S. Central Intelligence Agency (CIA). As previously reported , the vulnerability (CVE-2017-3881) resides in the Cluster Management Protocol (CMP) — which uses Telnet or SSH to deliver signals and commands on internal networks — in Cisco IOS and Cisco IOS XE Software. The vulnerability can be exploited remotely by sending "malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections," researchers say. The company warned users on April 10 that an exploit targeting

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future
Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu

Wikileaks Unveils CIA's Man-in-the-Middle Attack Tool

Wikileaks Unveils CIA's Man-in-the-Middle Attack Tool
May 06, 2017
Wikileaks has published a new batch of the Vault 7 leak , detailing a man-in-the-middle (MitM) attack tool allegedly created by the United States Central Intelligence Agency (CIA) to target local networks. Since March, WikiLeaks has published thousands of documents and other secret tools that the whistleblower group claims came from the CIA. This latest batch is the 7th release in the whistleblowing organization's 'Vault 7' series. Dubbed Archimedes , the newly released CIA tool, dumped on Friday, purportedly used to attack computers inside a Local Area Network (LAN). According to the leaked documents, this MitM tool was previously named 'Fulcrum' but later was renamed to 'Archimedes' with several improvements on the previous version, like providing a way to "gracefully shutting down the tool on demand," and adding "support for a new HTTP injection method based on using a hidden iFrame." The leaked documents describe Archimede

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

Source Code for CIA's Tool to Track Whistleblowers Leaked by Wikileaks

Source Code for CIA’s Tool to Track Whistleblowers Leaked by Wikileaks
Apr 28, 2017
Wikileaks has just published a new batch of the Vault 7 leak, exposing the documentation and source code for a CIA project known as "Scribbles." Scribbles, a.k.a. the "Snowden Stopper," is a piece of software allegedly designed to embed 'web beacon' tags into confidential documents, allowing the spying agency to track whistleblowers and foreign spies. Since March, as part of its "Vault 7" series, the Whistleblowing website has published thousands of documents and other confidential information that the whistleblower group claims came from the US Central Intelligence Agency (CIA). The CIA itself described Scribbles as a "batch processing tool for pre-generating watermarks and inserting those watermarks into documents that are apparently being stolen by FIO (foreign intelligence officers) actors." Here's How Scribbles Tool Works: Scribbles is coded in C# programming language and generates a random watermark for each docu

Wikileaks Reveals How CIA Was Hacking Your iPhones And MacBooks

Wikileaks Reveals How CIA Was Hacking Your iPhones And MacBooks
Mar 23, 2017
As part of its " Vault 7 " series, Wikileaks — the popular whistle-blowing platform — has just released another batch of classified documents focused on exploits and hacking techniques the Central Intelligence Agency (CIA) designed to target Apple MacOS and iOS devices. Dubbed " Dark Matter ," the leak uncovers macOS vulnerabilities and attack vectors developed by a special division of the CIA called Embedded Development Branch (EDB) – the same branch that created ' Weeping Angel ' attack – and focused specifically on hacking Mac and iOS firmware. CIA Infects Apple Devices With Unremovable Malware The newly released documents revealed that CIA had also been targeting the iPhone since 2008. The Agency has created a malware that is specially designed to infect Apple firmware in a way that the infection remains active on MacOS and iOS devices even if the operating system has been re-installed. According to Wikileaks, the released documents also gives a c
Cybersecurity Resources