Infosecurity Magazine |
Shadow Brokers Attack Tools Light Up Chinese and Russian Darknet
Infosecurity Magazine Russian and Chinese “cyber-communities” have been actively researching and sharing information on the recent Shadow Brokers leak of alleged NSA attack tools, suggesting cyber-criminals and state hackers could be looking to capitalize on unpatched … |
Enlarge (credit: NSA)
Contrary to what Ars and the rest of the world reported Friday, none of the published exploits stolen from the National Security Agency work against currently supported Microsoft products. This is according to a Microsoft blog post published late Friday night.
That’s because the critical vulnerabilities for four exploits previously believed to be zerodays were patched in March, exactly one month before a group called Shadow Brokers published Friday’s latest installment of weapons-grade attacks. Those updates—which Microsoft indexes as MS17-010, CVE-2017-0146, and CVE-2017-—make no mention of the person or group who reported the vulnerabilities to Microsoft. The lack of credit isn’t unprecedented, but it’s uncommon, and it’s generating speculation that the reporters were tied to the NSA. In a vaguely worded statement issued Friday, Microsoft seemed to say it had had no contact with NSA officials concerning any of the exploits contained in Friday’s leak.
Microsoft provided the following table showing when various vulnerabilities were patched:
Read 7 remaining paragraphs | Comments
Security Intelligence (blog) |
Zero–Day Deals? Shadow Brokers Looking for Windows Exploit Buyer
Security Intelligence (blog) Now these cybercriminals are at it again, this time selling what appears to be a zero–day Windows exploit, which, according to Softpedia, may target the Server Message Block (SMB) function on Windows machines and permit the compromise of sensitive … |
Having failed in its attempt to auction off a collection of hacking tools, implants and software exploits stolen from the NSA, the mysterious Shadow Brokers group are now offering them individually for sale on the web.
Read more in my article on the Hot for Security blog.