In August 2016 the Equation Group, aka the Tailored Access Operations (TAO) division of the NSA, attracted unwanted headlines with reports that anonymous attackers had hacked into the group and made off with critical intelligence plus high-end malware. The purported hackers, known as “The Shadow Brokers,” made their success known by publishing 300 megabytes of unencrypted data … [Read more...]
Automated Cybersecurity: Machines Still Have a Long Way To Go
With summer 2016 coming to an end it is fitting to recap one of the season's signature events that, while now largely forgotten, may portend breakneck change in the years to come: DARPA's Cyber Grand Challenge, the world's first attempt at automated cybersecurity in the never ending war against bugs, viruses, Zero Days and malware. Nearly 30 months after announcing … [Read more...]
How Munk Outed NSO Group Yet Boosted Israel’s Malware King
For obvious reasons, most companies that specialize in "ethical malware" like to fly below the radar. Yet invariably, providers of intrusive systems are"outed" to the public sooner or later. Sometimes such exposure comes about purely by accident. Other times it results from the work of equally talented spyware experts working for the other side. We have seen examples of both in … [Read more...]
Blue Coat ProxySG Man-in-the-Middle Attack Still Beats SSL
Blue Coat ProxySG and Encrypted Tap remain a vital tool for complete visibility into encrypted traffic. Earlier this summer we reviewed Symantec's acquisition of Blue Coat, wherein long-struggling Symantec set out to improve its position in the cybersecurity market by absorbing a true giant -- and even making Blue Coat's CEO top dog. This was actually a smart move by … [Read more...]
Can Hacking Team and FinFisher Skirt Tougher Export Rules?
"Qualcuno qui parla italiano?" The clock is ticking on the European Commission's expected adoption of stricter export licensing requirements for malware and other surveillance technologies. The EC is expected to issue rules this month. Late July 2016 saw the leak of the draft EC proposal. It was none too favorable to the ISS community. Whether vendors such as The Hacking … [Read more...]