Language Selection

English French German Italian Portuguese Spanish

Windows Intruded by CIA

Filed under
Microsoft
Security
  • Athena

    Today, May 19th 2017, WikiLeaks publishes documents from the "Athena" project of the CIA. "Athena" - like the related "Hera" system - provides remote beacon and loader capabilities on target computers running the Microsoft Windows operating system (from Windows XP to Windows 10). Once installed, the malware provides a beaconing capability (including configuration and task handling), the memory loading/unloading of malicious payloads for specific tasks and the delivery and retrieval of files to/from a specified directory on the target system. It allows the operator to configure settings during runtime (while the implant is on target) to customize it to an operation.

    According to the documentation (see Athena Technology Overview), the malware was developed by the CIA in cooperation with Siege Technologies, a self-proclaimed cyber security company based in New Hampshire, US. On their website, Siege Technologies states that the company "... focuses on leveraging offensive cyberwar technologies and methodologies to develop predictive cyber security solutions for insurance, government and other targeted markets.". On November 15th, 2016 Nehemiah Security announced the acquisition of Siege Technologies.

  • WikiLeaks Reveals 'Athena' CIA Spying Program Targeting All Versions of Windows

    WikiLeaks has published a new batch of the ongoing Vault 7 leak, detailing a spyware framework – which "provides remote beacon and loader capabilities on target computers" – allegedly being used by the CIA that works against every version of Microsoft's Windows operating systems, from Windows XP to Windows 10.

    Dubbed Athena/Hera, the spyware has been designed to take full control over the infected Windows PCs remotely, allowing the agency to perform all sorts of things on the target machine, including deleting data or uploading malicious software, and stealing data and send them to CIA server.

  • Microsoft held back free patch that could have slowed WannaCry

More in Tux Machines

Programming: Node.js, Python, OpenCL, GitLab, GCC

  • Node.js announces the first release in its latest 10.x release line
    Node.js has announced 10.0.0, the first release in its 10.x line. Starting in October 2018, the Node.js 10.x releases will be the new release line with Long Term Support. Releases in the Long Term Support line focus on stability, extended support, and providing a reliable platform for applications of any scale.
  • Enhance your Python with an interactive shell
    The Python programming language has become one of the most popular languages used in IT. One reason for this success is it can be used to solve a variety of problems. From web development to data science, machine learning to task automation, the Python ecosystem is rich in popular frameworks and libraries. This article presents some useful Python shells available in the Fedora packages collection to make development easier.
  • Best Free Python Web Frameworks – Rapid Development
    Python is an increasingly popular programming language. It ranks very highly on sites listing the popularity of programming languages, such as the TIOBE Index, IEEE Spectrum ranking, and the PYPL PopularitY of Programming Language. The prominence of Python is, in part, due to its flexibility, with the language frequently used by web and desktop developers, system administrators, data scientists, and machine learning engineers. It’s easy to learn and powerful to develop any kind of system with the language. Python’s large user base offers a virtuous circle. There’s more support available from the open source community for budding programmers seeking assistance.
  • Intel OpenCL NEO Compute Stack Moves To "Production" Quality OpenCL 2.1
    This year Intel open-sourced their "NEO" OpenCL compute stack included a new compute runtime, a new LLVM/Clang-based compiler, makes use of the Intel Graphics Memory Management Library (GMMLIB), etc. While we don't hear too much from the NEO effort on an ongoing basis, their OpenCL 2.1 support for recent hardware generations is now to production quality. From early March was my last reporting and testing on the Intel OpenCL NEO effort in Trying Out The New Intel Open-Source OpenCL NEO Compute Driver.
  • GitLab 10.7 Released with Open Source Web IDE and Extended SAST Support
  • GCC 8.1 RC1 Released, The Big Compiler Update Could Officially Debut Next Week
    This morning I wrote about GCC 8 being branched and development on the master branch now being open for GCC 9.0. The GCC 8.1 release candidate has now been issued with the official release perhaps coming next week. Jakub Jelinek of Red Hat announced on the mailing list that they reached zero P1 regressions (the most critical) and less than 100 P2/P3 regressions, so the GCC 8 code was branched. As part of this status report he mentioned that if no show-stopper bugs appear, the developers would like to officially release GCC 8.1.0 by the end of next week or soon thereafter. But if any important fixes come about, a second release candidate may be warranted.
  • GCC 8 Has Been Branched, GCC 9.0 Development On Main
    The GNU Compiler Collection 8 stable release (GCC 8.1) is almost ready to make its debut. As of this morning, the GCC 8 code has been branched from master. The branched GCC 8 code is now marked as a pre-release.

Should we open source election software?

Late last year, R. James Woolsey and Brian Fox wrote an op-ed piece about the security benefits of open sourcing election software. Woolsey is a former director of the Central Intelligence Agency. Fox is the creator of several open source components, including the GNU Bash shell, and a board member of the National Association of Voting Officials. Woolsey and Fox assert as a main piece of their argument that open source software exposes the code to the larger developer community, allowing many eyes to comb through that code for security vulnerabilities, transparency that makes it more secure than software developed by commercial organizations. If the open source model for voting systems gains traction, as the editorial advocates, effective management of open source security will become extremely important. At the 2017 DEF CON 25 convention it took only a few hours for white hat hackers to break into five different voting machines, one via a vulnerability in an open-source component. The reality is that all software, whether developed in a transparent manner or otherwise, contains defects. Regardless of available resources and expertise, uncovering a defect can be challenging. Read more

Android Leftovers

What Do High School Students Know or Understand about Open Source Software?

Only 20 years after the label "Open Source" was coined, the entire tech ecosystem has embraced its values of sharing, collaboration and freedom. Although Open Source Software is pervasive to our everyday life, does everyone and especially the younger generation realize how to leverage it? Last summer, over the course of 3 weeks, High School students with no prior experience in Computer Science (CS) joined Holberton School’s first Immersion Coding Camp to learn how to code and build their own website. Read more