Language Selection

English French German Italian Portuguese Spanish

Windows Intruded by CIA

Filed under
Microsoft
Security
  • Athena

    Today, May 19th 2017, WikiLeaks publishes documents from the "Athena" project of the CIA. "Athena" - like the related "Hera" system - provides remote beacon and loader capabilities on target computers running the Microsoft Windows operating system (from Windows XP to Windows 10). Once installed, the malware provides a beaconing capability (including configuration and task handling), the memory loading/unloading of malicious payloads for specific tasks and the delivery and retrieval of files to/from a specified directory on the target system. It allows the operator to configure settings during runtime (while the implant is on target) to customize it to an operation.

    According to the documentation (see Athena Technology Overview), the malware was developed by the CIA in cooperation with Siege Technologies, a self-proclaimed cyber security company based in New Hampshire, US. On their website, Siege Technologies states that the company "... focuses on leveraging offensive cyberwar technologies and methodologies to develop predictive cyber security solutions for insurance, government and other targeted markets.". On November 15th, 2016 Nehemiah Security announced the acquisition of Siege Technologies.

  • WikiLeaks Reveals 'Athena' CIA Spying Program Targeting All Versions of Windows

    WikiLeaks has published a new batch of the ongoing Vault 7 leak, detailing a spyware framework – which "provides remote beacon and loader capabilities on target computers" – allegedly being used by the CIA that works against every version of Microsoft's Windows operating systems, from Windows XP to Windows 10.

    Dubbed Athena/Hera, the spyware has been designed to take full control over the infected Windows PCs remotely, allowing the agency to perform all sorts of things on the target machine, including deleting data or uploading malicious software, and stealing data and send them to CIA server.

  • Microsoft held back free patch that could have slowed WannaCry

More in Tux Machines

Linux 4.15 Expected To Be Released Today, But It Might Be 4.15-rc9

After going through release candidates the past eight weeks, the Linux 4.15 kernel is expected to be released later today by Linus Torvalds. Normally after RC7, the kernel is baked, but all the changes last week due to the fallout from Spectre/Meltdown led to RC8. But this past week, the pace of change has continued with many fixes still coming in. We'll likely see Linux 4.15.0 out today as Torvalds commented last week, but it wouldn't really be surprising if overtime is extended and instead we get 4.15-rc9 due to all of the changes this week and ongoing work still happening around Spectre and Meltdown mitigation. Read more

Leftovers: Audiocasts, Linux Graphics, and OnePlus Breach (JS)

FOSS in Cambodia, Open Source HIT Project

  • Open source casino tech biz TGG enters Cambodia
    The firm provides “all essential source codes with open API [application program interface] for game designers to create customisable premium content for casino operators, enabling the operators to focus on making the best possible gaming experience for their players worldwide without additional investment in information technology infrastructure,” added its release.
  • Global Open Source HIT Project Gets $1M Donation From Cryptocurrency Philanthropy
    OpenMRS, Inc., an open source medical records platform used in developing countries, has received a $1 million donation from the Pineapple Fund, an $86 million cryptocurrency philanthropy created by an anonymous donor known only as “Pine.”

Debian and Ubuntu: TLCockpit, Google, ROS and Ubuntu Core

  • TLCockpit v0.8
    Today I released v0.8 of TLCockpit, the GUI front-end for the TeX Live Manager tlmgr. I spent the winter holidays in updating and polishing, but also in helping me debug problems that users have reported. Hopefully the new version works better for all.
  • Google's Linux workstations are switching from Ubuntu to Debian
    Like many companies, Google uses a variety of operating systems in-house. macOS and Windows are used by a large number of employees, a modified build of Debian Linux is used on its servers (as of 2014, at least), and Chrome OS and Android devices are commonplace. In work environments where Linux is needed, Google uses a customized version of Ubuntu 14.04 called 'Goobuntu,' which has never been released publicly.
  • Your first robot: Introduction to the Robot Operating System [2/5]
    This is the second blog post in this series about creating your first robot with ROS and Ubuntu Core. In the previous post we walked through all the hardware necessary to follow this series, and introduced Ubuntu Core, the operating system for IoT devices. We installed it on our Raspberry Pi, and used it to go through the CamJam worksheets. In this post, I’m going to introduce you to the Robot Operating System (ROS), and we’ll use it to move our robot.
  •