Author Topic: Geeks Review and Advise  (Read 108 times)

Offline Nemo

  • U.S.S. Legend
  • *******
  • Posts: 9731
  • Location: West Central Va
  • Man of Myth and Legend
    • View Profile
Geeks Review and Advise
« on: 14 Apr 2017 - 21:21:37 »
So what do I have to be concerned about?

Nemo

https://theintercept.com/2017/04/14/leaked-nsa-malware-threatens-windows-users-around-the-world/


Quote
Leaked NSA Malware Threatens Windows Users Around the World
Sam Biddle, April 14 2017

The ShadowBrokers, an entity previously confirmed by The Intercept to have leaked authentic malware used by the NSA to attack computers around the world, today released another cache of what appears to be extremely potent (and previously unknown) software capable of breaking into systems running Windows. The software could give nearly anyone with sufficient technical knowledge the ability to wreak havoc on millions of Microsoft users.

The leak includes a litany of typically codenamed software “implants” with names like ODDJOB, ZIPPYBEER, and ESTEEMAUDIT, capable of breaking into — and in some cases seizing control of — computers running version of the Windows operating system earlier than the most recent Windows 10. The vulnerable Windows versions ran more than 65 percent of desktop computers surfing the web last month, according to estimates from the tracking firm Net Market Share.

The crown jewel of the implant collection appears to be a program named FUZZBUNCH, which essentially automates the deployment of NSA malware, and would allow a member of agency’s Tailored Access Operations group to more easily infect a target from their desk.

According to security researcher and hacker Matthew Hickey, co-founder of Hacker House, the significance of what’s now publicly available, including “zero day” attacks on previously undisclosed vulnerabilities, cannot be overstated: “I don’t think I have ever seen so much exploits and 0day [exploits] released at one time in my entire life,” he told The Intercept via Twitter DM, “and I have been involved in computer hacking and security for 20 years.” Affected computers will remain vulnerable until Microsoft releases patches for the zero-day vulnerabilities and, more crucially, until their owners then apply those patches.

“This is as big as it gets,” Hickey said. “Nation-state attack tools are now in the hands of anyone who cares to download them…it’s literally a cyberweapon for hacking into computers…people will be using these attacks for years to come.”

Hickey provided The Intercept with a video of FUZZBUNCH being used to compromise a virtual computer running Windows Server 2008–an industry survey from 2016 cited this operating system as the most widely used of its kind.

Susan Hennessey, an editor at Lawfare and former NSA attorney, wrote on Twitter that the leak will cause “immense harm to both U.S. intel interests and public security simultaneously.”

A Microsoft spokesperson told The Intercept “We are reviewing the report and will take the necessary actions to protect our customers.” We asked Microsoft if the NSA at any point offered to provide information that would help protect Windows users from these attacks, given that the leak has been threatened since August 2016, to which they replied “our focus at this time is reviewing the current report.” The company later clarified that “At this time, other than reporters, no individual or organization has contacted us in relation to the materials released by Shadow Brokers.”


If you need a second magazine its time to call in air support.

I came into this world kicking, screaming, covered in someone else's blood. I certainly don't mind leaving the same way

God created Man, Col. Sam Colt made him equal, John Moses Browning turned equality to perfection, Gaston Glock turned perfection into plastic fantastic junk.

Offline Kevron

  • Global Moderator
  • U.S.S. Distinguished Expert
  • ******
  • Posts: 2099
  • Location: The woods by your house.
  • Wish I had a Portal Gun
    • View Profile
    • My Blog
Re: Geeks Review and Advise
« Reply #1 on: 18 Apr 2017 - 08:27:04 »
Everything. 

There isn't a whole lot you can do to avoid the .gov spying on you.  There are some ways to "mask" where you go on the internet.  But if they have access to your computer it's pretty pointless.  You could build your computer and OS 100% yourself.. but as soon as you connect to the internet you are at risk.
panem et circenses


Bloggerific - kbakerdrums.wordpress.com

Offline Nemo

  • U.S.S. Legend
  • *******
  • Posts: 9731
  • Location: West Central Va
  • Man of Myth and Legend
    • View Profile
Re: Geeks Review and Advise
« Reply #2 on: 19 Apr 2017 - 19:15:27 »
Yeah, figured that.

Nemo


If you need a second magazine its time to call in air support.

I came into this world kicking, screaming, covered in someone else's blood. I certainly don't mind leaving the same way

God created Man, Col. Sam Colt made him equal, John Moses Browning turned equality to perfection, Gaston Glock turned perfection into plastic fantastic junk.