https://theintercept.com/2017/04/14/leaked-nsa-malware-threatens-windows-users-around-the-world/
The ShadowBrokers, an entity previously confirmed by The Intercept to have leaked authentic malware
used by the NSA to attack computers around the world, today released
another cache of what appears to be extremely potent (and previously
unknown) software capable of breaking into systems running Windows. The
software could give nearly anyone with sufficient technical knowledge
the ability to wreak havoc on millions of Microsoft users.
The leak includes a litany of typically codenamed software “implants”
with names like ODDJOB, ZIPPYBEER, and ESTEEMAUDIT, capable of breaking
into — and in some cases seizing control of — computers running version
of the Windows operating system earlier than the most recent Windows
10. The vulnerable Windows versions ran more than 65 percent of desktop
computers surfing the web last month, according to estimates from the tracking firm Net Market Share.
The crown jewel of the implant collection appears to be a program
named FUZZBUNCH, which essentially automates the deployment of NSA
malware, and would allow a member of agency’s Tailored Access Operations
group to more easily infect a target from their desk.
According to security researcher and hacker Matthew Hickey, co-founder of Hacker House,
the significance of what’s now publicly available, including “zero day”
attacks on previously undisclosed vulnerabilities, cannot be
overstated: “I don’t think I have ever seen so much exploits and 0day
[exploits] released at one time in my entire life,” he told The
Intercept via Twitter DM, “and I have been involved in computer hacking
and security for 20 years.” Affected computers will remain vulnerable
until Microsoft releases patches for the zero-day vulnerabilities and,
more crucially, until their owners then apply those patches.
“This is as big as it gets,” Hickey said. “Nation-state attack tools
are now in the hands of anyone who cares to download them…it’s literally
a cyberweapon for hacking into computers…people will be using these
attacks for years to come.”
Hickey provided The Intercept with a video of FUZZBUNCH being used to compromise a virtual computer running Windows Server 2008–an industry survey from 2016 cited this operating system as the most widely used of its kind.
Susan Hennessey, an editor at Lawfare and former NSA attorney, wrote
on Twitter that the leak will cause “immense harm to both U.S. intel
interests and public security simultaneously.”
A Microsoft spokesperson told The Intercept “We are reviewing the
report and will take the necessary actions to protect our customers.” We
asked Microsoft if the NSA at any point offered to provide information
that would help protect Windows users from these attacks, given that the
leak has been threatened since August 2016, to which they replied “our
focus at this time is reviewing the current report.” The company later
clarified that “At this time, other than reporters, no individual or
organization has contacted us in relation to the materials released by
Shadow Brokers.”
Friday, April 14, 2017
Tuesday, April 4, 2017
SEI CERT C Coding Standard
https://www.securecoding.cert.org/confluence/display/c/SEI+CERT+C+Coding+Standard
The C rules and recommendations in this wiki are a work in progress
and reflect the current thinking of the secure coding community. Because
this is a development website, many pages are incomplete or contain
errors. As rules and recommendations mature, they are published in
report or book form as official releases. These releases are issued as
dictated by the needs and interests of the secure software development
community.
Create a sign-in account if you want to comment on existing content. If you wish to be more involved and directly edit content on the site, you still need an account, but you'll also need to request edit privileges.
Create a sign-in account if you want to comment on existing content. If you wish to be more involved and directly edit content on the site, you still need an account, but you'll also need to request edit privileges.
Front Matter
-
Page:
-
Page:
Rules
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
Back Matter
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
Tuesday, March 28, 2017
Subscribe to:
Posts (Atom)