Skip to main content

Posts

Showing posts from March, 2017

Chop That Dollar

Its been quite some time since I've received a 419 spam message in my inbox. But - like matter itself - 419 never dies - only changes form. I found the message below in my inbox this morning. I was pleased to note that the message originated from Yahoo, and contained several classic red flags for spam that even the neophyte mail server admin knows to watch out for, like from & reply-to headers with different different domains. This is the kind of l33t security I've come to expect from Yahoo. But hey, the Russians did it , and no one can be expected to secure their customers from state sponsored attacks. Susan here is no doubt a member of Nigeria's elite NIA . From: Susan ***** desmondwilliams614 yahoo.com Subject: Hello, Date: Sat, 18 Mar 2017 12:12:52 +0000 (UTC) Reply-To: desmondwilliams614 yahoo.com Susan ***** deswill0119 yahoo.fr Hello, Greetings. With warm heart I offer my friendship and greetings, and I hope that this mail will meets you in good time. Ho

Wikileaks releases massive trove of CIA documents

Today Wikileaks released a massive new trove of leaks focused on the CIA's IT-based espionage capabilities . Wikileaks has named the document release Vault 7. The trove has just been released this morning, so details remain sketchy, however the included documents appear to contain detailed information related to dozens of malware tools used by the CIA's Center for Cyber Intelligence. Earlier this morning I heard an NPR report claiming that Wikileaks was redacting the source code associated with these hacking tools. I'm not sure if that is correct; I've found a few files with executable scripts included, but none of the scripts I've found so far are essentially malicious (although they were almost certainly used in the development and packaging of malware). I have found indications that Wikileaks redacted exploit files that were ready for as-is distribution. For example, the files I reviewed in the dump appear to be part of an internal wiki. I reviewed a file list