HNNEpisode120

From Paul's Security Weekly
Jump to: navigation, search


News

Cyberpatriot

http://www.uscyberpatriot.org/

http://www.uscyberpatriot.org/Pages/Announcements/Congratulations-to-the-CyberPatriot-IX-National-Champions!.aspx

Shadow Brokers http://boingboing.net/2017/04/14/windows-0-days-too.html -- NSA Shadow Brokers bank exploits -- so is this a false flag? The exploits particulary target Middle Eastern Banks and provide a lot of zero day stuff basically telling you how to do it in Borat-esque language

Targeting easily hackable banks in the Middle East (SWIFT among others). Egregiousblunder is an example.

TAO is the Tailored Access Operations NSA Hacking Division

Most of the code is from 2013, same as timing for Snowden leaks.

http://www.npr.org/sections/thetwo-way/2016/08/17/490329015/shadow-brokers-claim-to-have-hacked-the-nsas-hackers -- 1.6 bitcoins bid so far -- they asked for about half a billion. The tools look legit. Are these James Bond villianesque kinds of messages being sent (viz. keep it up and we will hurt you) SETEC Astronomy

http://www.zdnet.com/article/recently-patched-microsoft-word-bug-was-exploited-for-surveillance-and-espionage/ Zero Day Doc exploit

and

https://www.engadget.com/2017/04/15/microsoft-says-it-already-patched-several-shadow-brokers-nsa-l/ -- MS patched leaks

Jan -- Exploits revealed - Feb patch tuesday is skipped -- March flaws are fixed. Did MS buy up the exploits early from Shadow Brokers?

Expert Commentary: Jason Wood, Paladin Security

Jason Wood, Paladin Security[1]