Language Selection

English French German Italian Portuguese Spanish

Windows Intruded by CIA

Filed under
Microsoft
Security
  • Athena

    Today, May 19th 2017, WikiLeaks publishes documents from the "Athena" project of the CIA. "Athena" - like the related "Hera" system - provides remote beacon and loader capabilities on target computers running the Microsoft Windows operating system (from Windows XP to Windows 10). Once installed, the malware provides a beaconing capability (including configuration and task handling), the memory loading/unloading of malicious payloads for specific tasks and the delivery and retrieval of files to/from a specified directory on the target system. It allows the operator to configure settings during runtime (while the implant is on target) to customize it to an operation.

    According to the documentation (see Athena Technology Overview), the malware was developed by the CIA in cooperation with Siege Technologies, a self-proclaimed cyber security company based in New Hampshire, US. On their website, Siege Technologies states that the company "... focuses on leveraging offensive cyberwar technologies and methodologies to develop predictive cyber security solutions for insurance, government and other targeted markets.". On November 15th, 2016 Nehemiah Security announced the acquisition of Siege Technologies.

  • WikiLeaks Reveals 'Athena' CIA Spying Program Targeting All Versions of Windows

    WikiLeaks has published a new batch of the ongoing Vault 7 leak, detailing a spyware framework – which "provides remote beacon and loader capabilities on target computers" – allegedly being used by the CIA that works against every version of Microsoft's Windows operating systems, from Windows XP to Windows 10.

    Dubbed Athena/Hera, the spyware has been designed to take full control over the infected Windows PCs remotely, allowing the agency to perform all sorts of things on the target machine, including deleting data or uploading malicious software, and stealing data and send them to CIA server.

  • Microsoft held back free patch that could have slowed WannaCry

More in Tux Machines

today's howtos

Security: Uber Sued, Intel ‘Damage Control’, ZDNet FUD, and XFRM Privilege Escalation

  • Uber hit with 2 lawsuits over gigantic 2016 data breach
    In the 48 hours since the explosive revelations that Uber sustained a massive data breach in 2016, two separate proposed class-action lawsuits have been filed in different federal courts across California. The cases allege substantial negligence on Uber’s part: plaintiffs say the company failed to keep safe the data of the affected 50 million customers and 7 million drivers. Uber reportedly paid $100,000 to delete the stolen data and keep news of the breach quiet. On Tuesday, CEO Dara Khosrowshahi wrote: “None of this should have happened, and I will not make excuses for it.”
  • Intel Releases Linux-Compatible Tool For Confirming ME Vulnerabilities [Ed: ‘Damage control’ strategy is to make it look like just a bug.]
    While Intel ME security issues have been talked about for months, confirming fears that have been present about it for years, this week Intel published the SA-00086 security advisory following their own internal review of ME/TXE/SPS components. The impact is someone could crash or cause instability issues, load and execute arbitrary code outside the visibility of the user and operating system, and other possible issues.
  • Open source's big weak spot? Flawed libraries lurking in key apps [Ed: Linux basher Liam Tung entertains FUD firm Snyk and Microsoft because it suits the employer's agenda]
  • SSD Advisory – Linux Kernel XFRM Privilege Escalation

gThumb 3.6 GNOME Image Viewer Released with Better Wayland and HiDPI Support

gThumb, the open-source image viewer for the GNOME desktop environment, has been updated this week to version 3.6, a new stable branch that introduces numerous new features and improvements. gThumb 3.6 comes with better support for the next-generation Wayland display server as the built-in video player, color profiles, and application icon received Wayland support. The video player component received a "Loop" button to allow you to loop videos, and there's now support for HiDPI displays. The app also ships with a color picker, a new option to open files in full-screen, a zoom popover that offers different zoom commands and a zoom slider, support for double-click activation, faster image loading, aspect ratio filtering, and the ability to display the description of the color profile in the property view. Read more Also: Many Broadway HTML5 Backend Improvements Land In GTK4

ExTiX 18.0, 64bit, with Deepin Desktop 15.5 (made in China!) and Refracta Tools – Create your own ExTiX/Ubuntu/Deepin system in minutes!

I’ve made a new extra version of ExTiX with Deepin 15.5 Desktop (made in China!). Deepin is devoted to providing a beautiful, easy to use, safe and reliable system for global users. Only a minimum of packages are installed in ExTiX Deepin. You can of course install all packages you want. Even while running ExTiX Deepin live. I.e. from a DVD or USB stick. Study all installed packages in ExTiX Deepin. Read more Also: ExTiX, the Ultimate Linux System, Now Has a Deepin Edition Based on Ubuntu 17.10 Kali Linux 2017.3 Brings New Hacking Tools — Download ISO And Torrent Files Here