Monday, 21 May, 2018

NSA's powerful Windows hacking tools leaked online

Cyber security experts said the US National Security Agency sought to monitor messaging traffic by hacking into firms NSA's powerful Windows hacking tools leaked online
Sherri Watson | 19 April, 2017, 00:30

Misner noted on the TechNet site that Microsoft has already patched numerous Windows exploits revealed in the leak.

Hackers have released documents and files that cybersecurity experts say indicate the US National Security Agency had accessed the SWIFT interbank messaging system, allowing it to monitor money flows among some Middle Eastern and Latin American banks.

Suiche recommended that users, even those still running the continues-to-be-patched Windows 7, upgrade to the newest SKU, Windows 10. It is possible that Microsoft was privately contacted by someone within the NSA who was aware that Shadow Brokers was going to leak the exploits.

"Our engineers have investigated the disclosed exploits, and most of the exploits are already patched", the company said in a blog post late on Friday. Considering that those hacking tools were a few years old, it's barely surprising to learn they don't really work anymore on newer OS versions.

"The reports of an alleged hacker-compromised EastNets Service Bureau network is totally false and unfounded".

The NSA did not immediately return emails seeking comment. Swift is used by about 11,000 banks to transfer money between countries.

Have the most recent Microsoft exploits been keeping you up at night? The allegation is that third parties - known as Swift Service Bureaus - that provide access to Swift's network were targeted by the NSA, rather than Swift itself.

The release also included a number of exploits targeting Windows, but Microsoft said in a statement late on Friday night that none of the issues involved affect fully patched versions of now supported systems.

"We have no evidence to suggest that there has ever been any unauthorised access to our network or messaging services".

Earlier Friday, Microsoft had said the company had not been warned by the government or other outsiders about the stolen programs.

March was the last month for which such bulletins were issued in the same style as they have been for more than a decade; from this month, Microsoft changed the style of issuing details of its monthly security updates.

On Friday the Shadow Brokers, a mysterious hacker or group of hackers, released the "Microsoft apocalypse" that wasn't.

Due to the detailed description of service bureau infrastructure in the Shadow Brokers documents, Suiche believes the leak could be harmful to the SWIFT network. The three others affected old, unsupported products.

Mustafa Al-Bassam, a computer science researcher at University College London, said on Twitter that the Shadow Brokers documents show that the "NSA hacked a bunch of banks, oil and investment companies in Palestine, UAE, Kuwait, Qatar, Yemen, more". In a company blog post, Microsoft said that it had addressed all of the vulnerabilities either on or before March 14. This would normally mean either that Microsoft somehow found (or purchased) all the vulnerabilities The Shadow Brokers were auctioning off, or perhaps that someone anonymously alerted Microsoft about the bugs.

Back in August of 2016 reported on a hacking organization called the Shadow Brokers and their dealings with the NSA.