Hacker group Shadow Brokers released a fresh batch of alleged NSA hacking tools, which security experts said contain a whole host of exploits capable of causing widespread cyber panic.
One such tool uncovered by security researchers hints at the first real connection between the NSA and the infamous Stuxnet worm, which made headlines in 2010 after it was used against Iran, in what is considered as one of the first targeted cyberespionage attacks. Previous reports indicate that Stuxnet has long been suspected to have been developed by a collaborative effort between the NSA and Israel.Read more
Regin's complex nature suggests a nation state is behind the cyberespionage tool's development, Symantec reports. An advanced piece of malware has been uncovered, which has been in use as far back as 2008 to spy on governments, companies and individuals.
The cyberespionage tool uses several stealth features to avoid detection that required a significant investment of time and resources, suggesting it's the product of a nation state, the antivirus software maker warned, without suggesting which country was behind it. The malware's design makes it highly suited for long-term mass surveillance. Other infections were identified monitoring network traffic and analyzing email from Exchange databases.Read more
Zero day actually refers to two things — a zero-day vulnerability or a zero-day exploit. Zero-day vulnerability refers to a security hole in software — such as browser software or operating system software — that is yet unknown to the software maker or to antivirus vendors.
This means the vulnerability is also not yet publicly known, though it may already be known by attackers who are quietly exploiting it. Because zero day vulnerabilities are unknown to software vendors and to antivirus firms, there is no patch available yet to fix the hole and generally no antivirus signatures to detect the exploit, though sometimes antivirus scanners can still detect a zero day using heuristics.Read more
After analyzing a lot of Stuxnet files collected over a two-year period, experts could identify the first victims of the Stuxnet worm. After Stuxnet was discovered over four years ago as one of the most sophisticated and dangerous malicious programs, researchers can now provide insight into the question: what were the goals of the Stuxnet operation?
Initially security researchers had no doubt that the whole attack had a targeted nature. The code of the worm looked professional and exclusive; there was evidence that extremely expensive zero-day vulnerabilities were used. However, it wasn’t yet known what kind of organizations were attacked first and how the malware ultimately made it right.Read more