Page 1 of 15 12311 ... LastLast
  1.    14 Apr 2017 #1
    Join Date : Feb 2016
    Maribor, Slovenia
    Posts : 8,933
    Windows 10 (Pro and Insider Pro)

    Hacking tools were stolen from NSA - Almost all Windows affected


    Hackers group have posted online a set of tools for hacking Windows operating systems. Most of them was designed for older Windows up to 8.1, but some of them can be also used for gaining access to Windows 10.

    Tools were stolen from NSA last summer, but now they were posted online and available to almost anybody.

    No way to remain protected
    Security experts warn that with the hacking tools now available online, the number of attacks aimed at Windows systems is very likely to skyrocket during the weekend, especially because newbie hackers have more time to launch their attacks, while at the same time being able to find victims easily because users spend more time online on their days off.
    Edward Snowden has also confirmed the leak, explaining that “this is not a drill, NSA exploits affecting many fully-patched Windows systems have been released to the wild. NSA did not warn Microsoft.”
    As for ways to remain protected until Microsoft delivers patches, there’s really no hackerproof solution right now, other than running Windows 10, though there’s evidence that this operating system version can be hijacked as well. Security experts recommend to keep critical systems offline for a few days, at least until after the weekend, but it’s very clear this isn’t the most convenient solution right now.
    We’ve contacted Microsoft to ask for more information on this leak and we’ll update the article when an answer is offered.
    UPDATE: Microsoft has provided us with the following statement: "We are reviewing the report and will take the necessary actions to protect our customers."


    Read more on Softpedia: nsa-s-windows-hacking-tools-leaked-millions-of-users-exposed

    Update: WinBeta (onMSFT) reports that some vulnerabilities are fixed and provides links to security fixes on MS site..

    Update 2: Here is link to MS Blog article with security fixes

    Last edited by AndreTen; 15 Apr 2017 at 06:07.
      My ComputerSystem Spec
  2.    14 Apr 2017 #2
    Join Date : Apr 2015
    Posts : 12,826
    W10Prox64

    Thanks for posting this. Great, just great. My "workload" just increased exponentially by Domegemegrottebytes.
      My ComputerSystem Spec
  3.    14 Apr 2017 #3
    Join Date : Feb 2017
    Posts : 53
    Windowes 10 Pro 15063.332

    and who did the nsa steal the hacking tools from in the first place?
      My ComputerSystem Spec
  4.    14 Apr 2017 #4
    Join Date : Nov 2013
    Chicagoland
    Posts : 33,884
    Dual boot Windows 10 FCU Pro x 64 & Insider 10 Pro

    Thanks for posting that, Andre.
      My ComputersSystem Spec
  5.    14 Apr 2017 #5
    Join Date : Apr 2015
    Posts : 12,826
    W10Prox64

    Quote Originally Posted by ChaChaLaBoom View Post
    and who did the nsa steal the hacking tools from in the first place?
    The NSA develop them.
      My ComputerSystem Spec
  6.    14 Apr 2017 #6
    Join Date : Apr 2015
    Posts : 12,826
    W10Prox64

    This is crazy.

    Leaked NSA Malware Threatens Windows Users Around the World

    “I don’t think I have ever seen so much exploits and 0day [exploits] released at one time in my entire life,” ... “and I have been involved in computer hacking and security for 20 years.”
    “This is as big as it gets,” ... “Nation-state attack tools are now in the hands of anyone who cares to download them…it’s literally a cyberweapon for hacking into computers…people will be using these attacks for years to come.”

      My ComputerSystem Spec
  7.    14 Apr 2017 #7
    Join Date : Nov 2013
    Chicagoland
    Posts : 33,884
    Dual boot Windows 10 FCU Pro x 64 & Insider 10 Pro

    Quote Originally Posted by simrick View Post
    This is crazy.
    It's beyond crazy. It's absolutely ludicrous. Wonder if MS is doing anything about this.
      My ComputersSystem Spec
  8.    14 Apr 2017 #8
    Join Date : Apr 2015
    Posts : 12,826
    W10Prox64

    Quote Originally Posted by HippsieGypsie View Post
    It's beyond crazy. It's absolutely ludicrous. Wonder if MS is doing anything about this.
    Well, nothing has been done by MS since last August, when this stuff was stolen.
      My ComputerSystem Spec
  9.    14 Apr 2017 #9
    Join Date : Apr 2015
    Posts : 12,826
    W10Prox64

    Shadow Brokers Release New Files Revealing Windows Exploits, SWIFT Attacks

    Summary
    EASYBEE appears to be an MDaemon email server vulnerability [source, source, source]
    EASYPI is an IBM Lotus Notes exploit [source, source] that gets detected as Stuxnet [source]
    EWOKFRENZY is an exploit for IBM Lotus Domino 6.5.4 to 7.0.2 [source, source]
    EXPLODINGCAN is an IIS 6.0 exploit that creates a remote backdoor [source, source]
    ETERNALROMANCE is a SMB1 exploit over TCP port 445 which targets XP, 2003, Vista, 7, Windows 8, 2008, 2008 R2, and gives SYSTEM privileges [source, source]
    EDUCATEDSCHOLAR is a SMB exploit [source, source]
    EMERALDTHREAD is a SMB exploit for Windows XP and Server 2003 [source, source]
    EMPHASISMINE is a remote IMAP exploit for IBM Lotus Domino [source, source]
    ENGLISHMANSDENTIST sets Outlook Exchange WebAccess rules to trigger executable code on the client's side to send an email to other users [source, source]
    ERRATICGOPHER is a SMBv1 exploit targeting Windows XP and Server 2003 [source, source]
    ETERNALSYNERGY is a SMBv3 remote code execution flaw for Windows 8 and Server 2012 [source, source, source]
    ETERNALBLUE is a SMBv2 exploit [source] that also works on Windows 10, even if it wasn't designed to [source]
    ETERNALCHAMPION is a SMBv1 exploit [source]
    ESKIMOROLL is a Kerberos exploit targeting 2000, 2003, 2008 and 2008 R2 domain controllers [source, source]
    ESTEEMAUDIT is an RDP exploit and backdoor for Windows Server 2003 [source, source]
    ECLIPSEDWING is an RCE exploit for the Server service in Windows Server 2008 and later [source, source]
    ETRE is an exploit for IMail 8.10 to 8.22 [source]
    FUZZBUNCH is an exploit framework, similar to MetaSploit [source, source], which was also part of the December-January "Windows Tools" Shadow Brokers auction [source]
    DOUBLEPULSAR is a RING-0 multi-version kernel mode payload [source]
    EquationGroup had scripts that could scrape Oracle databases for SWIFT data [source, source]
    ODDJOB is an implant builder and C&C server that can deliver exploits for Windows 2000 and later [source, source], also not detected by any AV vendors [source]
    Metadata [possibly faked, possibly real] links NSA to Equation Group [source]
    NSA used TrueCrypt for storing operation notes [source]
    Some of the Windows exploits released today were undetectable on VirusTotal [source]
    Some EquationGroup humor in the oddjob instructions manual [source, source]
    JEEPFLEA_MARKET appears to be an operation for collecting data from several banks around the world [source], previously linked to the NSA by Snowden [source, source]
    The Equation Group targeted EastNets, a SWIFT connectivity provider [source, source, source, source, source]
      My ComputerSystem Spec
  10.    14 Apr 2017 #10
    Join Date : Nov 2013
    Chicagoland
    Posts : 33,884
    Dual boot Windows 10 FCU Pro x 64 & Insider 10 Pro

    Wow, @simrick. You've been busy. Impressive list you made!

    So what do we do about all this?
      My ComputersSystem Spec

 
Page 1 of 15 12311 ... LastLast


Similar Threads
Thread Forum
Remote hacking
I believe I am being remotely monitored. My task manager spikes whenever this person uses their computer and I have very odd programs running. I have a dell windows 10 upgraded from 7. Can someone lead me thru steps on how to find it and eliminate...
AntiVirus, Firewalls and System Security
will dual boot windows 10 1511 and ubuntu 16.04 be affected.
Will dual boot windows 10 1511 and ubuntu 16.04 be affected by anniversary update. Henry
Installation and Upgrade
Laptop was stolen, how do I remove acces to my Microsoft account?
As the title says, my old laptop was stolen how do I remove access to my Microsoft account form it?
General Support
Stolen asus laptop s/n f6n0cv02692323a
Hi guys, new to this forum and requesting any possible help. My laptop has been stolen and I didn't have any tracking program installed. Is there any way it can be located again? It also has a password on the startup lockscreen but I am not sure if...
AntiVirus, Firewalls and System Security
Would Windows 10 Phone affected by the same virus with Win 10 PC?
So I just had a thought: if Windows 10 for Phone can run continuum and be a PC, then a virus or any malicious software can infect a phone just like it would in a laptop/desktop? Another thought: what if the virus can manipulate OneDrive sync and...
AntiVirus, Firewalls and System Security
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 04:26.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums