Mediaboss Marketing

Cybercriminals have taken the EternalBlue exploits and used them to build more effective Trojans.

A leaked NSA exploit which helped the WannaCry ransomware outbreak become so prolific is now being used to distribute Trojan malware.

A Windows security flaw known as EternalBlue was one of many allegedly known to US intelligence services and used to carry out surveillance before being leaked by the Shadow Brokers hacking group.

The exploit leverages a version of Windows' Server Message Block (SMB) networking protocol to spread itself across an infected network using wormlike capabilities.

But while, for the most part, the spread of WannaCry has been stopped, cybercriminals and hackers are still using the leaked EternalBlue exploit to carry out a much more discreet form of cyberattack, say researchers at FireEye.

This time, the SMB vulnerabilities are being used to distribute Backdoor.Nitol - a Trojan horse which opens a backdoor on the infected computer - and Gh0st RAT, a form of malware capable of taking full control of a machine in addition to conducting espionage and stealing data.

The latter is particularly dangerous and is repeatedly a thorn in the side of the aerospace and defence industries, as well as government agencies and even activists. Now those behind this new Gh0st RAT campaign are using EternalBlue exploits in an effort to compromise Singapore, while Nitol is attacking the wider South Asia region.

Researchers note that machines vulnerable to the SMB exploit are attacked by hackers using the EternalBlue exploit to gain shell access to the machine.

The initial exploit used at the SMB level is similar to what's been seen in WannaCry attacks, but this time, instead of being used to deploy ransomware, the attack opens a shell to write instructions into a VBScript file which is when executed to retrieve the payload from another server in order to create the required backdoor into the machine using Nitol or Gh0st RAT.

While neither attack is new - both have plagued victims for years - the addition EternalBlue adds additional potency to attacks, although nothing so far has suggested that it could spread so widely as quickly as WannaCry did.

And with the EternalBlue exploits now out in the open for any malicious actor to use, it's likely that we'll see it used again and again in new types of attacks.

"The addition of the EternalBlue exploit has made it easy for threat actors to exploit these vulnerabilities. In the coming weeks and months, we expect to see more attackers leveraging these vulnerabilities and to spread such infections with different payloads," said researchers at FireEye Dynamic Threat Intelligence.

"It is critical that Microsoft Windows users patch their machines and update to the latest software versions as soon as possible," they add.

While WannaCry exploited the vulnerability to infect networks across the globe, poor-coding behind the ransomware played a part in it not being as damaging as it could've been, resulting in those behind it not making much money, considering the scale of the campaign.

However, if something like Nitol or Gh0st RAT could simultaneously infected hundreds of thousands across the globe - and the nature of the Trojan attacks means they wouldn't be obvious about it - then future attacks could have much worse consequences.

Read the rest here:
Leaked NSA hacking exploit used in WannaCry ransomware is now powering Trojan malware - ZDNet

WATCH LIVE

A woman was arrested for leaking a top-secret National Security Agency document that reveals details about Russian hacking's influence on the U.S. presidential election, asenior federal official told NBC News.

Reality Leigh Winner, 25, was arrested Saturday and charged with "gathering, transmitting, or losing defense information" to The Intercept. The Department of Justice said in a statement that she did this around May 9, and mailed the information shortly after.

The story published Monday features a secret NSA document that notes efforts by the Russian government to hack into a voting software company approximately a week before the election. It details tactics allegedly used by Russian intelligence to dupe U.S. government employees and officials with spear-phishing emails and Microsoft documents.

The document was classified at some of the highest levels.

The FBI said when they approached Winner she admitted to printing out the document, removing it from her place of work and mailing it to The Intercept. Winner told authorities she did this knowing the information was highly confidential.

The report is published just a days after NBC's Megyn Kelly sat down with Russian President Vladimir Putin to discuss the hacking accusations, which Putin vehemently denies. Putin said that "it wouldn't make sense" for Russia to interfere with the election.

"Releasing classified material without authorization threatens our nations security and undermines public faith in government," said Deputy Attorney General Rod J. Rosenstein in a statement. "People who are trusted with classified information and pledge to protect it must be held accountable when they violate that obligation."

Authorities were alerted to the leak on June 1. Officials contacted the FBI after The Intercept called them regarding a story involving the document.

Winner is identified as being a contractor with Pluribus International Corporation since mid-February. The NSA has a facility in Georgia.

Word of the arrest was tweeted out by the Justice Department barely an hour after The Intercept published the story.

Published 40 minutes ago | Updated 4 minutes ago

More:
Woman Charged With Leaking Top-Secret NSA Report on Russian Hacking to Media - NBC Bay Area

Software Simplified Linux.com (blog) In 2015, geneticist Guy Reeves was trying to configure a free software system called Galaxy to get his bioinformatics projects off the ground. After a day or two of frustration, he asked members of his IT department for help. They installed Docker, a ...

Read more from the original source:
Software Simplified - Linux.com (blog)

Several high-profile bills lawmakers passed during the 2017 session were officially sent to Gov. Rick Scott's desk this afternoon -- including a controversial shift in the state's Stand Your Ground law, an expansive public records exemption that would permanently seal millions of criminal and arrest records, and a higher education reform bill that's a top priority of Senate President Joe Negron, R-Stuart.

Scott now has 15 days to decide whether they should become law. He can either sign them, veto them or let them become law by default.

Negron's higher ed bill (SB 374) was one of several budget-related measures from the Senate that were sent to Scott on Monday, marking another key step in the process of adopting spending for the 2017-18 fiscal year that begins July 1. (Scott approved the main budget act on Friday, with several substantial vetoes that included base state funding for K-12 schools -- a chunk of spendinglawmakers will do-over in a three-day special session later this week.)

The Senate's "conforming" bills are complementary to the main budget and deal with specific issues, such as colleges and universities, the state pension system, health care and the clerks of court. The House has its own conforming bills, amongwhich is HB 7069,a highly contentious K-12 public schools bill; none of those have been sent to Scott yet.

The change to Florida's Stand Your Ground law (SB 128) -- which shifts the burden of proof in pretrial hearings to prosecutors -- passed the Legislature on the final day of the regularly scheduled session as part of a deal to also pass a bill dealing with religious expression in public K-12 schools (SB 436). That legislation was also sent to Scott Monday.

Meanwhile, SB 118 could virtually eliminate Floridians access to many individuals criminal histories in the name of addressing stigma against those accused, but not convicted, of crimes. It has drawn opposition from open government advocates and is one of several bills the First Amendment Foundation has asked Scott to veto.

More here:
Senate budget bills, Stand Your Ground change among 24 proposals sent to Gov. Scott today - Tampabay.com (blog)

ANALYSIS/OPINION:

Yes indeed, the Second Amendment does save.

The latest instance of a gun saving a potential victim from a would-be crime comes by way of Oklahoma, where a Poteau resident, acting quickly, shot and killed a neighbor who was trying to drown his own twin, 3-month-old babies in a bathtub.

KFOR-TV reported Leland Foster, 27, was killed by his neighbor, Cash Freeman. The details?

City of Ada spokeswoman Lisa Bratcher told reporters that [Foster] died from gunshot wound after a 12-year-old girl ran from the home and alerted a neighbor for help, Fox News reported. Bratcher said the neighbor, identified as Cash Freeman, told police he went to the home armed with a handgun and shot Foster twice after seeing him holding the infants under water in a bathtub while threatening the childrens mother with a knife.

Sick.

Whats more, Foster, it was later learned, had been arrested in 2011 for domestic abuse by strangulation and arson.

Good thing Freeman had a gun. The babies were taken to the hospital and reported in stable condition.

He saved their lives by shooting Foster.

But now? Now Freemans worried he may face charges.

The district attorneys office is apparently deciding the matter now. But lets be real here: Only in the lefts mind would Freeman be considered criminal.

To everyone else to all the sane-thinking of the country?

Freemans a hero. A fast-acting, quick-thinking, cape-wearing hero. He couldve simply dialed 9-1-1 and waited probably too late for the police to arrive. He couldve dismissed the 12-year-old as delusional. He couldve done nothing stayed in his home, refused to answer the door, turned up the television to drown out the knocking.

Instead, he grabbed his gun and raced to the rescue. And because of that decision because of the fact, too, America has a Second Amendment that allows for private citizens to own weapons for this very purpose of self-defense and saving two little 3-month-old babies are still alive and well.

Let the lefties lurking in the political background, looking for reasons to strip innocent Americans of their firearms and occasions to blot the Second Amendment from the Constitution, chew on that for a while.

See the original post here:
2nd Amendment saves, as Oklahoman shoots babies' would-be killer - Washington Times