Epidemic of cryptojacking can be traced to escaped NSA superweapon

The epidemic of cryptojacking malware isn't merely an outgrowth of the incentive created by the cryptocurrency bubble -- that's just the motive, and the all-important the means and opportunity were provided by the same leaked NSA superweapon that powered last year's Wannacry ransomware epidemic. Read the rest

News report claims Dutch spies hacked Russian cyberwar operation and pwned their CCTVs, then recorded video of Russian government hackers attacking the DNC

Dutch left-leaning daily de Volkskrant has published a remarkable -- but thinly sourced -- report claiming that a Dutch spy agency called the General Intelligence and Security Service of the Netherlands (AIVD) hacked into the network of a notorious Russian spy group called "Cozy Bear" or APT29, thought to be an arm of the Russian spy apparatus, and obtained direct evidence of Russian state involvement in the hacking of the DNC during the 2016 US election campaign. Read the rest

The NSA's new "core values" statement no longer includes "honor," "honesty" or "openness"

Ironically, the most honest thing the NSA has done since its founding might just be deleting the word "honesty" from its statement of core values, in January 12th's revisions to the earlier version that also once included "openness." Read the rest

#FISA: Senate passes bill to give NSA 6 more years of warrantless surveillance on Americans

The U.S. Senate today passed a bill that will renew the National Security Agency’s warrantless internet surveillance program for six years with no substantive changes. It's bad news, say privacy and security advocates, but not a surprise.

Read the rest

EFF to NSA: you scammed your way to another six years of warrantless spying, and you'd better enjoy it while it lasts

Last week, cowards from both sides of the aisle caved into America's lawless spy agencies, and today bipartisan senators reprised that cowardice to ensure that the Senate would not get a chance to vote on amendments to the renewal of Section 702, the rule that has allowed the NSA to conduct mass, warrantless surveillance on Americans in secret, without meaningful oversight or limits. Read the rest

Congressional Democrats have so little faith in Trump's leadership that they've awarded him the power to conduct limitless, warrantless mass surveillance of Americans

When Congress voted last week to renew the NSA's controversial Section 702 powers, which gives the spy agency the power to conduct mass, secret, warrantless surveillance on Americans, they also voted down a bipartisan amendment that would have limited the president's ability to abuse these powers, injecting the barest minimum of accountability and proportionality into a system that Republican and Democratic presidents alike have abused for decades. Read the rest

Congress votes to give NSA 6 more years of spying on Americans without a warrant

On January 11, the House passed the Foreign Intelligence Surveillance Act bill which renews a controversial NSA surveillance program that allows the spy agency to intercept the communications of Americans without a warrant.

Read the rest

A detailed look at how US police forces collude with spy agencies to cover up the origin of evidence in criminal cases

Since the 1970s, spy agencies have been feeding police forces tips about who to arrest and where to look for evidence, despite the illegality of their practicing surveillance within the USA. Read the rest

The NSA can't recruit or retain hackers because the pay sucks and the Agency is a bureaucratic mess

The Washington Post reports that the NSA "is losing its top talent at a worrisome rate as highly skilled personnel" because of a mix of low-pay, uninspiring leaders, and a bureaucratic re-org that everyone hates. Read the rest

ACT NOW: Only hours remain to stop Congress from sneaking in massive new NSA spying powers

There's only hours remaining before Congress will vote to renew the Section 702 powers that let the NSA conduct mass surveillance; powers that expand in 12 days. Read the rest

NSA employee pleads guilty of taking classified info that was later stolen by hackers

Former National Security Agency employee Nghia H. Pho said in a Baltimore courtroom today he'd illegally taken home classified documents from NSA that are understood to have later “been stolen from his home computer by hackers working for Russian intelligence,” the NYT reports.

Nghia H. Pho, 67, of Ellicott City, Md., pleaded guilty to one count of removal and retention of national defense information, an offense that carries a possible 10-year sentence. Prosecutors agreed not to seek more than eight years, however, and Mr. Pho’s attorney, Robert Bonsib, will be free to ask for a more lenient sentence. He remains free while awaiting sentencing.

Mr. Pho had been charged in secret, though some news reports had given a limited description of the case. Officials unsealed the charges on Friday, resolving the long-running mystery of the defendant’s identity.

Mr. Pho, who worked as a software developer for N.S.A., was born in Vietnam but is a naturalized United States citizen. Prosecutors withheld from the public many details of his government work and of the criminal case against him, which is linked to a continuing investigation of Russian hacking.

Read the rest

US Army doxes itself, reveals $100 million NSA spy program that got flushed before it was ever used

Chris Vickery from Upguard found an Army Amazon Web Services instance with no password or encryption, containing 100GB of data on a defunct NSA program called Red Disk. Read the rest

Teardown of a consumer voice/location cellular spying device that fits in the tip of a USB cable

Mich from ha.cking bought a $25 "S8 data line locator" device -- a cellular spying tool, disguised as a USB cable and marketed to the general public -- and did a teardown of the gadget, offering a glimpse into the world of "trickle down surveillance" where the kinds of surveillance tools used by the NSA are turned into products and sold to randos over the internet for $25. Read the rest

Origin story of the Mimikatz password cracker is a parable about security, disclosure, cyberwar, and crime

Five years ago, Benjamin Delpy was working for an unspecified French government agency and teaching himself to program in C, and had discovered a vital flaw in the way that Windows protected its users' passwords. Read the rest

A new, virulent ransomware epidemic is fuelled by yet another leaked NSA cyberweapon

The global epidemic of Wannacry ransomware infections was the result of petty criminals fusing an old ransomware strain with a leaked NSA cyberweapon that was released by The Shadow Brokers, and the result was tens of millions of dollars' worth of economic harm. Read the rest

Kaspersky's explanation for possessing secret NSA cyberweapons is a doozy

Kaspersky -- a respected Russia-based security company -- has been under a cloud since they were accused of stealing NSA cyberweapons on behalf of the Russian government. But the company has a perfectly innocent -- if complicated and at times bizarre explanation for how it came to be in possession of the NSA's crown jewels. Read the rest

Trump's war on leakers has neutered the intelligence community's whistleblower program, which diverts leakers

The Intelligence Community Inspector General office is the place where spies and spook contractors who discover wrongdoing are supposed to be able to confidentially report their suspicions and know that they'll be investigated and acted upon. Dan Meyer, who is in charge of liasing with whistleblowers is now prohibited from talking with whistleblowers, from briefing agencies or congress or send out the office's newsletter. He has been stripped of his deputy and staff. Read the rest

More posts