Oct. 5, 2019
Mr. Gerstell is the general counsel of the National Security Agency. The National Security Operations Center occupies a large windowless room, bathed in blue light, on the third floor of the National Security Agency’s headquarters outside of Washington. For the past 46 years, around the clock without a single interruption, a team of senior military and intelligence officials has staffed this national security nerve center.
May. 26, 2019
A hacking tool developed by the US National Security Agency is now being used to shut down American cities and towns, says a Saturday report in The New York Times. Code-named EternalBlue, the hacking exploit involves malicious software and was leaked in 2017 by a group called Shadow Brokers. Hackers used the tool that same year in the worldwide WannaCry ransomware attacks, which locked up computer systems at hospitals, banks and phone companies and required a ransom to set the networks free.
Jan. 7, 2019
The US National Security Agency will release a free reverse engineering tool at the upcoming RSA security conference that will be held at the start of March, in San Francisco. The software’s name is GHIDRA and in technical terms, is a disassembler, a piece of software that breaks down executable files into assembly code that can then be analyzed by humans. The NSA developed GHIDRA at the start of the 2000s, and for the past few years, it’s been sharing it with other US government agencies that have cyber teams who need to look at the inner workings of malware strains or suspicious software.
Sep. 27, 2018
The National Security Operations Center at NSA, photographed in 2012—the nerve center of the NSA’s ‘signals intelligence’ monitoring. A former NSA coder has been sentenced to 66 months in prison for bringing home the code that drove much of the NSA’s signals intelligence operations. Nghia Hoang Pho, a 68-year-old former National Security Agency employee who worked in the NSA’s Tailored Access Operations (TAO) division, was sentenced today to 66 months in prison for willful, unauthorized removal and retention of classified documents and material from his workplace—material that included hacking tools that were likely part of the code dumped by the individual or group known as Shadowbrokers in the summer of 2016.
May. 16, 2018
In March 2017, the FBI agents raided the Manhattan apartment of former NSA and CIA operative Joshua Schulte looking for top secret documents and hacking tools that the defendant allegedly leaked to WikiLeaks. We don’t know if they found what they were looking for, but according to court transcripts and documents reviewed by Motherboard, the feds did find at least 10,000 images of child porn on his personal computer, and an IRC-focused file-sharing server that had at least 5 terabytes of data on it. Roughly two weeks before the raid, on March 7, 2017, WikiLeaks started releasing top secret documents allegedly stolen from a CIA hacking group.
Apr. 26, 2018
A source at an International Organization for Standardization (ISO) meeting of expert delegations in Wuhan, China, told WikiTribune that the U.S. delegation, including NSA officials, refused to provide the standard level of technical information to proceed.
Source: wikitribune.com
Mar. 20, 2018
Classified documents provided by whistleblower Edward Snowden show that the National Security Agency indeed worked urgently to target bitcoin users around the world — andwielded at least one mysterious source of information to “help track down senders and receivers of Bitcoins,” according to a top-secret passage in an internal NSA report dating to March 2013. The data source appears to have leveraged the NSA’s ability to harvest and analyze raw, global internet traffic while also exploiting an unnamedsoftware programthat purported to offer anonymity to users, according to other documents.
Mar. 13, 2018
This utility, going by the codename of ‘Territorial Dispute,’ is meant to alert NSA operators about the presence of other cyber-espionage hacking groups on a compromised computer and allows an NSA operator to retreat from an infected machine and avoid further exposure of NSA hacking tools and operations to other nation-state attackers.
Source: bleepingcomputer.com
Mar. 7, 2018
Over the last year, Hungarian security researcher Boldizsár Bencsáth has remained fixated by one of the less-examined tools revealed in that disemboweling of America’s elite hacking agency: A piece of NSA software, called ‘Territorial Dispute,’ appears to have been designed to detect the malware of other nation-state hacker groups on a target computer that the NSA had penetrated. Bencsáth believes that specialized antivirus tool was intended not to remove other spies’ malware from the victim machine, but to warn the NSA’s hackers of an adversary’s presence, giving them a chance to pull back rather than potentially reveal their tricks to an enemy.
Mar. 7, 2018
When the mysterious entity known as the “Shadow Brokers” released a tranche of stolen NSA hacking tools to the internet a year ago, most experts who studied the material homed in on the most potent tools, so-called zero-day exploits that could be used to install malware and take over machines. But a group of Hungarian security researchers spotted something else in the data, a collection of scripts and scanning tools that the National Security Agency uses to detect other nation-state hackers on the machines it infects.
Mar. 2, 2018
Behind an abandoned military facility 40 miles northwest of Oslo, Norway built a surveillance base in close collaboration with the National Security Agency. Its bright, white satellite dishes, some of them 60 feet in diameter, stand out against the backdrop of pine-covered hills and red-roofed buildings that scatter the area.
Source: theintercept.com