Skip to main content

Home/ Groups/ Future of the Web
Paul Merrell

#Vault7: CIA's secret cyberweapon can infiltrate world's most secure networks - RT Viral - 0 views

  • WikiLeaks’ latest release in its Vault7 series details how the CIA’s alleged ‘Brutal Kangaroo’ program is being used to penetrate the most secure networks in the world.
  • Brutal Kangaroo, a tool suite for Microsoft Windows, targets closed air gapped networks by using thumb drives, according to WikiLeaks.

    Air gapping is a security measure employed on one or more computers to ensure that a secure computer network is physically isolated from unsecured networks.

  • These networks are used by financial institutions, military and intelligence agencies, the nuclear power industry, as well as even some advanced news networks to protect sources, according to La Repubblica journalist Stefania Maurizi.

    READ MORE: ‘CIA’s Cherry Bomb’: WikiLeaks #Vault7 reveals wireless network targets

    These newly released documents show how closed networks not connected to the internet can be compromised by this malware. However, the tool only works on machines with a Windows operating system.

    Firstly, an internet-connected computer within the targeted organization is infected with the malware. When a user inserts a USB stick into this computer, the thumbdrive itself is infected with a separate malware.

    Once this is inserted into a single computer on the air gapped network the infection jumps – like a kangaroo – across the entire system, enabling sabotage and data theft.

    If multiple computers on the closed network are under CIA control, they “form a covert network to coordinate tasks and data exchange,” according to Wikileaks.

    Data can be returned to the CIA once again, although this does depend on someone connecting the USB used on the closed networ

  • ...1 more annotation...
  • While it may not appear to be the most efficient CIA project, it allows the intelligence agency to infiltrate otherwise unreachable networks.

    This method is comparable to the Stuxnet virus, a cyberweapon purportedly built by the US and Israel. Stuxnet is thought to have caused substantial damage to Iran's nuclear program in 2010.

    The CIA allegedly began developing the Brutal Kangaroo program in 2012 – two years after Stuxnet incident in Iran.

    The most recent of these files were to intended to remain secret until at least 2035. The documents released by WikiLeaks are dated February 2016, indicating that the scheme was likely being used until that point.

Paul Merrell

White House, Intel Chiefs Want To Make Digital Spying Law Permanent | HuffPost - 0 views

  • The White House and U.S. intelligence chiefs Wednesday backed making permanent a law that allows for the collection of digital communications of foreigners overseas, escalating a fight in Congress over privacy and security.

    The law, enshrined in Section 702 of the Foreign Intelligence Surveillance Act, is due to expire on December 31 unless Congress votes to reauthorize it, but is considered vital by U.S. intelligence agencies.

    Privacy advocates have criticized the law though for allowing the incidental collection of data belonging to millions of Americans without a search warrant.

    The push to make the law permanent may lead to a contentious debate over renewal of Section 702 in Congress, where lawmakers in both parties are deeply divided over whether to adopt transparency and oversight reforms

  • Reuters reported in March that the Trump administration supported renewal of Section 702 without any changes, citing an unnamed White House official, but it was not clear at the time whether it wanted the law made permanent.
Paul Merrell

FCC Turns Itself into a Deregulatory Agency - WhoWhatWhy - 2 views

  • Since taking office, President Donald Trump has wasted no time in proposing rollbacks to Obama-era federal regulations. So, it should come as no surprise that the Federal Communications Commission (FCC) voted last month to propose changes to current regulations on Internet service providers.

    Spearheaded by Ajit Pai — the Trump-appointed FCC chairman and former lawyer for Verizon — the 2-1 vote is the first step in dismantling the Open Internet Order. The lone FCC Democrat, Mignon Clyburn, was overruled by Pai and fellow commissioner Michael O’Reilly.

    The 2015 order classified broadband internet as a utility under Title II of the Communications Act of 1934. Opponents of the current state of net neutrality argue that the rules are archaic and place unnecessary — even harmful — restrictions on internet service providers (ISPs), leading to lack of innovation and investment.

    While it’s true that policies conceived in the 1930s could hardly anticipate the complexities of the modern Internet, a complete rollback of Title II protections would leave ISPs free to favor their own services and whichever company pays for upgraded service. Considering relaxed FEC rules on media ownership and lack of antitrust enforcement, some could argue that a rollback of net neutrality is even more toxic to innovation and affordable pricing.

    That is, fast lanes could be created for companies with deeper pockets, effectively giving them an advantage over companies and individuals who can’t pay extra. This approach effectively penalizes small businesses, nonprofits and innovative start-ups.

    Today’s Internet is so vast and so pervasive that it’s hard to grasp the impact that an abandonment of net neutrality would have on every aspect of our culture.

  • While the FCC’s proposed change will touch most Americans, net neutrality remains a mystifying concept to non-techies. To help our readers better understand the issue, we have compiled some videos that explain net neutrality and its importance.

    The FCC will be accepting comments from the public on their website until August 16, 2017.

Paul Merrell

FCC Votes To Start Slashing Net Neutrality Protections - 0 views

  • The Federal Communications Commission (FCC) under President Donald Trump on Thursday afternoon voted to begin slashing regulations protecting a free and open internet.

    The decision (pdf) ran along party lines, with the FCC’s two Republican members voting to dismantle net neutrality. Mignon Clyburn, the Commission’s Democratic member, was the sole dissenting vote.

    “While the majority engages in flowery rhetoric about light-touch regulation and so on, the endgame appears to be no-touch regulation and a wholesale destruction of the FCC’s public interest authority in the 21st century,” Clyburn wrote in her dissent, according to The Hill.

Paul Merrell

NSA Based Malware Used In Massive Cyber-Attack Hitting 74 Countries - 0 views

  • Apparent National Security Agency (NSA) malware has been used in a global cyber-attack, including on British hospitals, in what whistleblower Edward Snowden described as the repercussion of the NSA’s reckless decision to build the tools.

    “Despite warnings, @NSAGov built dangerous attack tools that could target Western software. Today we see the cost,” Snowden tweeted Friday.

    At least two hospitals in London were forced to shut down and stop admitting patients after being attacked by the malware, which operates by locking out the user, encrypting data, and demanding a ransom to release it. The attacks hit dozens of other hospitals, ambulance operators, and doctors’ offices as well.

  • The Blackpool Gazette in the northwest reported that medical staff had resorted to using pen and paper when phone and computer systems shut down. Elsewhere, journalist Ollie Cowan tweeted a photo of ambulances “backed up” at Southport Hospital as the staff attempted to cope with the crisis.
  • Other disruptions were reported in at least 74 countries, including Russia, Spain, Turkey, and Japan, and the number is “growing fast,” according to Kaspersky Lab chief Costin Raiu. Security architect Kevin Beau said it was spreading into the U.S. as well.

    The malware, which Microsoft tested briefly earlier this year, was leaked by a group calling itself the Shadow Brokers, which has been releasing NSA hacking tools online since last year, the New York Times reports.

    Times journalists Dan Bilefsky and Nicole Perlroth wrote:

    Microsoft rolled out a patch for the vulnerability in March, but hackers apparently took advantage of the fact that vulnerable targets—particularly hospitals—had yet to update their systems.

    The malware was circulated by email. Targets were sent an encr

  • ...2 more annotations...
  • A Twitter account with the handle @HackerFantastic, the co-founder of the cyber security company Hacker House, tweeted that the firm had “warned the NHS with Sky news about vulnerabilities they had last year, this was inevitable and bound to happen at some stage.”

    “In light of today’s attack, Congress needs to be asking @NSAgov if it knows of any other vulnerabilities in software used in our hospitals,” Snowden tweeted. “If @NSAGov had privately disclosed the flaw used to attack hospitals when they *found* it, not when they lost it, this may not have happened.”

    Disclosing the vulnerability when it was found would have given hospitals years, not months, to update their systems and prepare for an attack, he added.

  • witter user @MalwareTechBlog added, “Something like this is incredibly significant, we’ve not seen P2P spreading on PC via exploits at this scale in nearly a decade.”

    Patrick Toomey, a staff attorney with the American Civil Liberties Union’s (ACLU) National Security Project, said, “It would be shocking if the NSA knew about this vulnerability but failed to disclose it to Microsoft until after it was stolen.”

    “These attacks underscore the fact that vulnerabilities will be exploited not just by our security agencies, but by hackers and criminals around the world,” Toomey said. “It is past time for Congress to enhance cybersecurity by passing a law that requires the government to disclose vulnerabilities to companies in a timely manner. Patching security holes immediately, not stockpiling them, is the best way to make everyone’s digital life safer.”

Paul Merrell

UK government is secretly planning to break encryption and spy on people's phones, reve... - 0 views

  • The UK government is secretly planning to force technology companies to build backdoors into their products, to enable intelligence agencies to read people’s private messages.

    A draft document leaked by the Open Rights Group details extreme new surveillance proposals, which would enable government agencies to spy on one in 10,000 citizens – around 6,500 people – at any one time. 

    The document, which follows the controversial Investigatory Powers Act, reveals government plans to force mobile operators and internet service providers to provide real-time communications of customers to the government “in an intelligible form”, and within one working day.

  • This would effectively ban encryption, an important security measure used by a wide range of companies, including WhatsApp and major banks, to keep people’s private data private and to protect them from hackers and cyber criminals. 
Paul Merrell

'You Betrayed Us' Billboards Targeting Anti-Privacy Lawmakers Erected - 0 views

  • Billboards targeting legislators who voted to end online privacy measures earlier this year have gone up in key districts, as promised by activists.

    Digital rights group Fight for the Future vowed to put up the ads against Reps. Marsha Blackburn (R-Tenn.) and John Rutherford (R-Fla.), Sens. Jeff Flake (R-Ariz.) and Dean Heller (R-Nev.), as well as other lawmakers after they voted in favor of a resolution, introduced by Flake, that overturned federal rules preventing broadband providers from selling user data to third parties without consent.

    Blackburn, Rutherford, Flake, and Heller took large contributions from the telecommunications industry before supporting the resolution, Fight for the Future said. The billboards—paid for through a crowdfunded campaign—encourage viewers to contact the lawmakers’ offices and ask why they voted against their constituents’ privacy rights.

  • Flake’s resolution was introduced under the Congressional Review Act (CRA), which gives lawmakers the authority to overturn recently-introduced agency rules with a simple majority. The Federal Communications Commission (FCC) implemented the data-sharing ban in October.

    Once a rule is repealed under the CRA, an agency cannot reintroduce it without specific authorization by a new law.

Paul Merrell

WikiLeaks Reveals Details Of CIA "Archimedes" Tool Used To Hack Local Area Networks - 0 views

  • In its seventh CIA leak since March 23rd, WikiLeaks has just revealed the user manual of a CIA hacking tool known as ‘Archimedes’ which is purportedly used to attack computers inside a Local Area Network (LAN).  The CIA tool works by redirecting a target’s

    The CIA tool works by redirecting a target’s web page search to a CIA server which serves up a web page that looks exactly like the original page they were expecting to be served, but which contains malware.

    It’s only possible to detect the attack by examining the page source.

Paul Merrell

Sorry for the SPAM today - 0 views

That's a subscriber that got by me. He's been banned so won't bother you again on this group.

admin

started by Paul Merrell on 25 Apr 17 no follow-up yet
Paul Merrell

Google Caves to Russian Federal Antimonopoly Service, Agrees to Pay Fine - nsnbc intern... - 0 views

  • Google ultimately caved to Russia’s Federal Antimonopoly Service, agreeing to pay $7.8 million (438 million rubles) for violating antitrust laws. The corporate Colossus will also pay two other fines totaling an additional $18,000 (1 million rubles) for failing to comply with past orders issued by state regulators. Last year Google caved to similar demands by the European Union.
  • In August 2016 Russia’s Federal Antimonopoly Service responded to a complaint by Russian search engine operator Yandex and fined the U.S.-based Google 438 million rubles for abusing its dominant market position to force manufacturers to make Google applications the default services on devices using Android.

    Regulators set the fine at 9 percent of Google’s reported profits on the Russian market in 2014, plus inflation. Similar to the case against the European Union Google challenged the penalty in several appellate courts before finally agreeing this week to meet the government’s demands.

    The corporation also agreed to stop requiring manufacturers to install Google services as the default applications on Android-powered devices. The agreement is valid for six years and nine months, Russia’s Antimonopoly Service reported.

    Last year Google, after a protracted battle, caved to similar antitrust regulations by the European Union, but the internet giant has also come under fire elsewhere. In 2015 Australian treasurer Joe Hockey implied Google in his list of corporate tax thieves. In January 2016 British lawmakers decided to fry Google over tax evasion. Google and taxes were compared to the Bermuda Triangle.

    One year ago the dispute between the European Union’s competition watchdog and Google, culminated<

Paul Merrell

WikiLeaks just dropped the CIA's secret how-to for infecting Windows | Ars Technica - 0 views

  • WikiLeaks has published what it says is another batch of secret hacking manuals belonging to the US Central Intelligence Agency as part of its Vault7 series of leaks. The site is billing Vault7 as the largest publication of intelligence documents ever.

    Friday's installment includes 27 documents related to "Grasshopper," the codename for a set of software tools used to build customized malware for Windows-based computers. The Grasshopper framework provides building blocks that can be combined in unique ways to suit the requirements of a given surveillance or intelligence operation. The documents are likely to be of interest to potential CIA targets looking for signatures and other signs indicating their Windows systems were hacked. The leak will also prove useful to competing malware developers who want to learn new techniques and best practices.

    "Grasshopper is a software tool used to build custom installers for target computers running Microsoft Windows operating system," one user guide explained. "An operator uses the Grasshopper builder to construct a custom installation executable."

Paul Merrell

'Shadow Brokers' give away more NSA hacking tools - 0 views

  • The elusive Shadow Brokers didn't have much luck selling the NSA's hacking tools, so they're giving more of the software away -- to everyone. In a Medium post, the mysterious team supplied the password for an encrypted file containing many of the Equation Group surveillance tools swiped back in 2016. Supposedly, the group posted the content in "protest" at President Trump turning his back on the people who voted for him. The leaked data appears to check out, according to researchers, but some of it is a couple of decades old and focused on platforms like Linux.

    If anything, the leak might backfire. Edward Snowden notes that while the leak is "nowhere near" representing the NSA's complete tool set, there's enough that the NSA should "instantly identify" where and how the kit leaked. This doesn't mean the Shadow Broker

Paul Merrell

Symantec: CIA Linked To Cyberattacks In 16 Countries - 0 views

  • Internet and computer security company Symantec has issued a statement today related to the Vault 7 WikiLeaks documents leaked from the CIA, saying that the methods and protocols described in the documents are consistent with cyberattacks they’d been tracking for years.

    Symantec says they now believe that the CIA hacking tool Fluxwire is a malware that had been known as Corentry, which Symantec had previously attributed to an unknown cyberespionage group called Longhorn, which apparently was the CIA.

    They described Longhorn as having been active since at least 2011, and responsible for attacks in at least 16 countries across the world, targeting governments and NGOs, as well as financial, energy, and natural resource companies, things that would generally be of interest to a nation-state.

  • While the WikiLeaks themselves have been comparatively short on details, as WikiLeaks continues to share specific vulnerabilities with companies so they can fix them before the details are leaked to the general public, the ability of security companies like Symantec to link the CIA to known hacking operations could prove to be even more enlightening as to the scope of CIA cyber-espionage the world over.
Paul Merrell

MoA - The Khan Sheikoun Show - A New President Proudly Presented By Trump Productions - 0 views

Paul Merrell

Race to Introduce Fascist Internet Regulations in Russia Continues - Now under the Bann... - 0 views

  • Russian lawmaker Vitaly Milonov, on Monday, proposed a bill aimed to ban children under the age of 14 from social media. Although the bill is touted under the banner of child protection, it also aims to introduce the mandatory submission of passport data. In January Russia introduced semi-fascist regulations to severely curb the rights of bloggers and independent media.
  • Vitaly Milnov, generally known for being ultra-conservative, introduced the controversial bill on Monday. Touting the bill under the banner of wanting to protect children and limit their access to social media the bill has far deeper implications. Parents could very well self-regulate their children’s access to social media.

    The bill, however, implies that it would become mandatory for social media users to submit their passport data. Moreover, the bill also proposes that the use of pseudonyms will be banned. The proposed legislation also aims to introducing strict rules, requiring two-party consent before the publication of screenshots of online correspondence.

    The bill reads, among others: “Social networks create a special virtual world where a person spends significant part of their life, contacting other people and essentially doing everything that they would do in real world. This world can’t be left unregulated by law. Especially now, when growing number of users are falling victim to different types of fraud.”

    Even though Milonov is generally viewed as ultra-conservative, there are about 62 percent of Russians who according to polls support the ban of social networks for children while 39 percent supported using passport data to create an online account, a poll by the state-funded pollster VTsIOM revealed Monday.

  • Social media has come under intense scrutiny in Russia in recent months. Disturbingly, there are very few Russians who have received independent information about the not so overtly advertised implications of this scrutiny, of the proposed bill, and of plans to create a “Russian internet” to filter “unwanted foreign content. Russia also cracks down on independent bloggers and journalists.

    On January 1, 2016 the Russian Federation implemented amendments to laws that further censor the internet and potentially independent media. These laws are being sold under the guise of empowering internet users and the right to protect personal information. The amendments follow legislation from 2014 that infringed on the rights of bloggers.

Paul Merrell

WikiLeaks - Vault 7: Projects - 0 views

  • Today, March 31st 2017, WikiLeaks releases Vault 7 "Marble" -- 676 source code files for the CIA's secret anti-forensic Marble Framework. Marble is used to hamper forensic investigators and anti-virus companies from attributing viruses, trojans and hacking attacks to the CIA.

    Marble does this by hiding ("obfuscating") text fragments used in CIA malware from visual inspection. This is the digital equivallent of a specalized CIA tool to place covers over the english language text on U.S. produced weapons systems before giving them to insurgents secretly backed by the CIA.

    Marble forms part of the CIA's anti-forensics approach and the CIA's Core Library of malware code. It is "[D]esigned to allow for flexible and easy-to-use obfuscation" as "string obfuscation algorithms (especially those that are unique) are often used to link malware to a specific developer or development shop."

    The Marble source code also includes a deobfuscator to reverse CIA text obfuscation. Combined with the revealed obfuscation techniques, a pattern or signature emerges which can assist forensic investigators attribute previous hacking attacks and viruses to the CIA. Marble was in use at the CIA during 2016. It reached 1.0 in 2015.

  • The source code shows that Marble has test examples not just in English but also in Chinese, Russian, Korean, Arabic and Farsi. This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, --- but there are other possibilities, such as hiding fake error messages.

    The Marble Framework is used for obfuscation only and does not contain any vulnerabilties or exploits by itself.

  •  
    But it was the Russians who hacked the 2016 U.S. election. Really.
Paul Merrell

Internet users raise funds to buy lawmakers' browsing histories in protest | TheHill - 0 views

  • Great news! The House just voted to pass SJR34. We will finally be able to buy the browser history of all the Congresspeople who voted to sell our data and privacy without our consent!” he wrote on the fundraising page.

    Another activist from Tennessee has raised more than $152,000 from more than 9,800 people.

    A bill on its way to President Trump’s desk would allow internet service providers (ISPs) to sell users’ data and Web browsing history. It has not taken effect, which means there is no growing history data yet to purchase.

    A Washington Post reporter also wrote it would be possible to buy the data “in theory, but probably not in reality.”

    A former enforcement bureau chief at the Federal Communications Commission told the newspaper that most internet service providers would cover up this information, under their privacy policies. If they did sell any individual's personal data in violation of those policies, a state attorney general could take the ISPs to court.

Paul Merrell

Wikileaks Releases &quot;NightSkies 1.2&quot;: Proof CIA Bugs &quot;Factory Fresh&quot; iPhones | Zero Hedge - 0 views

  • The latest leaks from WikiLeaks' Vault 7 is titled “Dark Matter” and claims that the CIA has been bugging “factory fresh” iPhones since at least 2008 through suppliers.
  • And here is the full press release from WikiLeaks:

    Today, March 23rd 2017, WikiLeaks releases Vault 7 "Dark Matter", which contains documentation for several CIA projects that infect Apple Mac Computer firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA's Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain 'persistence' on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware.

     

    Among others, these documents reveal the "Sonic Screwdriver" project which, as explained by the CIA, is a "mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting" allowing an attacker to boot its attack software for example from a USB stick "even when a firmware password is enabled". The CIA's "Sonic Screwdriver" infector is stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter.

     

    "DarkSeaSkies" is "an implant that persists in the EFI firmware of an Apple MacBook Air computer" and consists of "DarkMatter", "SeaPea" and "NightSkies", respectively EFI, kernel-space and user-space implants.

     

    Documents on the "Triton" MacOSX malware, its infector "Dark Mallet" and its EFI-persistent version "DerStake" are also included in this release. While the DerStake1.4 manual released today dates to 2013, other Vault 7 documents show that as of 2016 the CIA continues to rely on and update these systems and is working on the production of DerStarke2.0.

     

    Also included in this release is the manual for the CIA's "NightSkies 1.2" a "beacon/loader/implant tool" for the Apple iPhone. Notewort

Paul Merrell

Rand Paul Is Right: NSA Routinely Monitors Americans' Communications Without Warrants - 0 views

  • On Sunday’s Face the Nation, Sen. Rand Paul was asked about President Trump’s accusation that President Obama ordered the NSA to wiretap his calls. The Kentucky senator expressed skepticism about the mechanics of Trump’s specific charge, saying: “I doubt that Trump was a target directly of any kind of eavesdropping.” But he then made a broader and more crucial point about how the U.S. government spies on Americans’ communications — a point that is deliberately obscured and concealed by U.S. government defenders.

    Paul explained how the NSA routinely and deliberately spies on Americans’ communications — listens to their calls and reads their emails — without a judicial warrant of any kind:

    The way it works is, the FISA court, through Section 702, wiretaps foreigners and then [NSA] listens to Americans. It is a backdoor search of Americans. And because they have so much data, they can tap — type Donald Trump into their vast resources of people they are tapping overseas, and they get all of his phone calls.

    And so they did this to President Obama. They — 1,227 times eavesdrops on President Obama’s phone calls. Then they mask him. But here is the problem. And General Hayden said this the other day. He said even low-level employees can unmask the caller. That is probably what happened to Flynn.

    They are not targeting Americans. They are targeting foreigners. But they are doing it purposefully to get to Americans.

  • Paul’s explanation is absolutely correct. That the NSA is empowered to spy on Americans’ communications without a warrant — in direct contravention of the core Fourth Amendment guarantee that “the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause” — is the dirty little secret of the U.S. Surveillance State.

    As I documented at the height of the controversy over the Snowden reporting, top government officials — including President Obama — constantly deceived (and still deceive) the public by falsely telling them that their communications cannot be monitored without a warrant. Responding to the furor created over the first set of Snowden reports about domestic spying, Obama sought to reassure Americans by telling Charlie Rose: “What I can say unequivocally is that if you are a U.S. person, the NSA cannot listen to your telephone calls … by law and by rule, and unless they … go to a court, and obtain a warrant, and seek probable cause.”

    The right-wing chairman of the House Intelligence Committee at the time, GOP Rep. Mike Rogers, echoed Obama, telling CNN the NSA “is not listening to Americans’ phone calls. If it did, it is illegal. It is breaking the law.”

    Those statements are categorically false. A key purpose of the new 2008 FISA law — which then-Senator Obama voted for during the 2008 general election after breaking his primary-rac

1 - 20 of 3603 Next › Last »
Showing 20 items per page