Language Selection

English French German Italian Portuguese Spanish

Windows Intruded by CIA

Filed under
Microsoft
Security
  • Athena

    Today, May 19th 2017, WikiLeaks publishes documents from the "Athena" project of the CIA. "Athena" - like the related "Hera" system - provides remote beacon and loader capabilities on target computers running the Microsoft Windows operating system (from Windows XP to Windows 10). Once installed, the malware provides a beaconing capability (including configuration and task handling), the memory loading/unloading of malicious payloads for specific tasks and the delivery and retrieval of files to/from a specified directory on the target system. It allows the operator to configure settings during runtime (while the implant is on target) to customize it to an operation.

    According to the documentation (see Athena Technology Overview), the malware was developed by the CIA in cooperation with Siege Technologies, a self-proclaimed cyber security company based in New Hampshire, US. On their website, Siege Technologies states that the company "... focuses on leveraging offensive cyberwar technologies and methodologies to develop predictive cyber security solutions for insurance, government and other targeted markets.". On November 15th, 2016 Nehemiah Security announced the acquisition of Siege Technologies.

  • WikiLeaks Reveals 'Athena' CIA Spying Program Targeting All Versions of Windows

    WikiLeaks has published a new batch of the ongoing Vault 7 leak, detailing a spyware framework – which "provides remote beacon and loader capabilities on target computers" – allegedly being used by the CIA that works against every version of Microsoft's Windows operating systems, from Windows XP to Windows 10.

    Dubbed Athena/Hera, the spyware has been designed to take full control over the infected Windows PCs remotely, allowing the agency to perform all sorts of things on the target machine, including deleting data or uploading malicious software, and stealing data and send them to CIA server.

  • Microsoft held back free patch that could have slowed WannaCry

More in Tux Machines

OSS Leftovers

  • TIBCO Messaging now supports Apache Kafka
    Apache Kafka is a distributed open source publish-subscribe messaging system designed to replace traditional message brokers – as such, it can be classed as a stream-processing software platform. The project aims to provide a unified, high-throughput, low-latency platform for handling real-time data feeds. It is written in the Scala and Java programming languages.
  • Robo-Taxi Startup Voyage to Make its Autonomous Safety Systems Open Source
    Silicon Valley startup Voyage, which recently launched a pilot autonomous ride-hailing service in two retirement communities in California and Florida, is taken a proactive, safety first approach. Starting today, the company announced today it is opening its safety requirements, test scenarios, metrics, tools, and source code that it has developed for its own autonomous taxis.
  • Former Nimble CEO Becomes New Leader Of Open-Source Container Vendor Sysdig
  • Propy Announces An Open Source Developer Program and gets listed on Bittrex
    On April 17, 2018, global real estate store with a decentralized title registry Propy announced their open source Developer Program. The news were followed by an announcement from Bittrex, the most popular U.S.-based blockchain trading platform, on listing the PRO token. Propy users need tokens to execute the purchase process for real estate, located in California, as of today. The idea behind Propy: it allows anyone to buy or sell real estate, anywhere, online. Propy provides an efficient crypto and fiat payment and an immutable record on the blockchain, ensuring that title deeds and property rights will be there forever.

Programming: Node.js, Python, OpenCL, GitLab, GCC

  • Node.js announces the first release in its latest 10.x release line
    Node.js has announced 10.0.0, the first release in its 10.x line. Starting in October 2018, the Node.js 10.x releases will be the new release line with Long Term Support. Releases in the Long Term Support line focus on stability, extended support, and providing a reliable platform for applications of any scale.
  • Enhance your Python with an interactive shell
    The Python programming language has become one of the most popular languages used in IT. One reason for this success is it can be used to solve a variety of problems. From web development to data science, machine learning to task automation, the Python ecosystem is rich in popular frameworks and libraries. This article presents some useful Python shells available in the Fedora packages collection to make development easier.
  • Best Free Python Web Frameworks – Rapid Development
    Python is an increasingly popular programming language. It ranks very highly on sites listing the popularity of programming languages, such as the TIOBE Index, IEEE Spectrum ranking, and the PYPL PopularitY of Programming Language. The prominence of Python is, in part, due to its flexibility, with the language frequently used by web and desktop developers, system administrators, data scientists, and machine learning engineers. It’s easy to learn and powerful to develop any kind of system with the language. Python’s large user base offers a virtuous circle. There’s more support available from the open source community for budding programmers seeking assistance.
  • Intel OpenCL NEO Compute Stack Moves To "Production" Quality OpenCL 2.1
    This year Intel open-sourced their "NEO" OpenCL compute stack included a new compute runtime, a new LLVM/Clang-based compiler, makes use of the Intel Graphics Memory Management Library (GMMLIB), etc. While we don't hear too much from the NEO effort on an ongoing basis, their OpenCL 2.1 support for recent hardware generations is now to production quality. From early March was my last reporting and testing on the Intel OpenCL NEO effort in Trying Out The New Intel Open-Source OpenCL NEO Compute Driver.
  • GitLab 10.7 Released with Open Source Web IDE and Extended SAST Support
  • GCC 8.1 RC1 Released, The Big Compiler Update Could Officially Debut Next Week
    This morning I wrote about GCC 8 being branched and development on the master branch now being open for GCC 9.0. The GCC 8.1 release candidate has now been issued with the official release perhaps coming next week. Jakub Jelinek of Red Hat announced on the mailing list that they reached zero P1 regressions (the most critical) and less than 100 P2/P3 regressions, so the GCC 8 code was branched. As part of this status report he mentioned that if no show-stopper bugs appear, the developers would like to officially release GCC 8.1.0 by the end of next week or soon thereafter. But if any important fixes come about, a second release candidate may be warranted.
  • GCC 8 Has Been Branched, GCC 9.0 Development On Main
    The GNU Compiler Collection 8 stable release (GCC 8.1) is almost ready to make its debut. As of this morning, the GCC 8 code has been branched from master. The branched GCC 8 code is now marked as a pre-release.

Should we open source election software?

Late last year, R. James Woolsey and Brian Fox wrote an op-ed piece about the security benefits of open sourcing election software. Woolsey is a former director of the Central Intelligence Agency. Fox is the creator of several open source components, including the GNU Bash shell, and a board member of the National Association of Voting Officials. Woolsey and Fox assert as a main piece of their argument that open source software exposes the code to the larger developer community, allowing many eyes to comb through that code for security vulnerabilities, transparency that makes it more secure than software developed by commercial organizations. If the open source model for voting systems gains traction, as the editorial advocates, effective management of open source security will become extremely important. At the 2017 DEF CON 25 convention it took only a few hours for white hat hackers to break into five different voting machines, one via a vulnerability in an open-source component. The reality is that all software, whether developed in a transparent manner or otherwise, contains defects. Regardless of available resources and expertise, uncovering a defect can be challenging. Read more

Android Leftovers