Astounding flaws, reported by both Symantec and Ars Technica... What happended to OpSec? As importantly: The true ramifications for our country are yet unknown... Unless of course, this and other 'leaks' of the same or similar ilk - are, in fact - structured information operations of the highest caliber. Crafted to ensnare the miscreant espionage bounders wandering amongst us... You be the judge.
- The Buckeye attack group was using Equation Group tools to gain persistent access to target organizations at least a year prior to the Shadow Brokers leak.
- Variants of Equation Group tools used by Buckeye appear to be different from those released by Shadow Brokers, potentially indicating that they didn't originate from that leak.
- Buckeye's use of Equation Group tools also involved the exploit of a previously unknown Windows zero-day vulnerability. This zero day was reported by Symantec to Microsoft in September 2018 and patched in March 2019.
- While Buckeye appeared to cease operations in mid-2017, the Equation Group tools it used continued to be used in attacks until late 2018. It is unknown who continued to use the tools. They may have been passed to another group or Buckeye may have continued operating longer than supposed. - via Symantec Corporation's Threat Intelligence Blog
Thanks to the Gulliver-level reportage of Josh Constine, writing at TechCrunch, we have now learned of what the company has monikered Project Atlas. Enjoy the future, it's on your kids phones, and they get paid to!
News of additional Huawei bad behavior, via Steve Stecklow, Babak Dehghanpisheh, James Pomfretall (and additional reporting by Nadia El-Gowely, Bozorgmehr Sharafedin and Shadia Nasralla) all writing for Reuters, exposes the questionable activities of Huawei in Iran and Syria and detailed in documents now held by US law enforcement authorities. Bad behavior, indeed.
"U.S. authorities allege CFO Meng Wanzhou deceived international banks into clearing transactions with Iran by claiming the two companies were independent of Huawei, when in fact Huawei controlled them." - News of additional Huawei bad behaviors via Steve Stecklow, Babak Dehghanpisheh, James Pomfretall (and additional reporting by Nadia El-Gowely, Bozorgmehr Sharafedin and Shadia Nasralla)
via Dan Goodin's, writing (and editing) at Ars Technica, comes his concise prose illustrating the 3rd level of hell that is BGP, plus an intentional espionage-like data gathering operation executing flawlessly for more than a calendar year by the People's Republic of China (PRC) (The evidence is thin, yet highly indicative of some level of foreknowledge (perhaps even Command and Control) by the Communist Chinese regime)). And, then there's this... All In All, Certainly A Caper Worth Concerted Investigation...
Apple Inc. (Nasdaq: AAPL) has quite forcefully denied the (via Reuters, reportedly written by George Stathakopoulos - Apple’s Vice President for Information Security) existence of surreptitious-command-and-control-chip-insertions on system boards within devices manufactured by Super Micro Computer Inc. (NASDAQ: SMCI) under contract with and deployed/implemented by Apple Inc. within the latter's data centers. Interestingly, there is some evidence of security-related issues two years ago betwixt Apple, Inc. and Super Micro Computer Inc.... And then there's The Grugq, whose typically clear and exacting opinions are trusted hereabouts - his view appears here (you'd do well to listen to his take). Regardless of what path you walk in discerning the truth of this particularly murky debacle, one thing is clear - human nature given what it is, there is certainly an abundance of vile perniciousness floating about this scenario that has yet to be revealed.
"It would be highly unusual for any country to cease intelligence gathering operations in the midst of some of the most important talks in their history," Sergio Caltagirone, director of threat intelligence at security firm Dragos, told Ars. Previously, he was a senior threat intelligence analyst at the US National Security Agency. "In fact, we would expect espionage activity to grow during periods of negotiation." - via Dan Goodin reporting at ArsTechnica
News via Reuters Staff details a complaint from the German domestic intelligence agency (the interestingly monikerd Federal Office for the Protection of the Constitution - Bundesamt für Verfassungsschutz) that Silicon Valley interweb-kingpins (think Facebook, Twitter, et cetera) are anti-democratic...
You be the judge.
via Gizmodo investigative reporter Dell Cameron, comes the astounding news of the systemic incompetence in properly handling secret documents and other artifiacts stored within the cloud (in this case, AWS S3 Buckets) by a well established contractor to the National Geospatial-Intelligence Agency (NGA). Certainly, a first-rate example of an Expanding Cloud of Lethal Stupidity (ECOLS).
Where does the organization in question fall within the Noel Burch Hierarchy of Competence model?. Should the culprits in this scenario be prosecuted? You be the judge. Truly astounding, indeed.
"A cache of more than 60,000 files was discovered last week on a publicly accessible Amazon server, including passwords to a US government system containing sensitive information, and the security credentials of a lead senior engineer at Booz Allen Hamilton, one of the nation’s top intelligence and defense contractors. What’s more, the roughly 28GB of data contained at least a half dozen unencrypted passwords belonging to government contractors with Top Secret Facility Clearance." - via Gizmodo reporter Dell Cameron
In what wraps up to be a superbly crafted screed penned by Glenn Greenwald, laboring at The Intercept; in which, the Good Mr. Greewald details the perceived falsehoods swirling about the alleged Russian Intelligence Services hacks of the Burlington Vermont electrical generation utility. Today's Must Read.