Shadow Brokers Release New Batch of Files Containing Windows and SWIFT Exploits

+1

Good observation.

 

Maybe China slapped their War happy fingers?

 

I don't know how some researchers did their tests - saying exploits are good? They conducted tests on unpatched systems?

Since vulnerabilities were patched in March updates, we can assume that somebody shared them with MS before they got released.

 

"...Those fears appear to have been prompted by experts using even slightly out-of-date versions of Windows in their labs. One of Microsoft's fixes, also called a patch, was only released last month .

'I missed the patch," said British security architect Kevin Beaumont, jokingly adding, "I'm thinking about going to live in the woods now...'

Beaumont wasn't alone. Matthew Hickey, of cybersecurity firm Hacker House, also ran the code against earlier versions of Windows on Friday. But he noted that many organizations put patches off, meaning 'many servers will still be affected by these flaws... ' "

https://phys.org/news/2017-04-microsoft-users-alleged-nsa-malware.html

If you look through the initial reports in the posts above you will see that Beaumont and Hickey were at the forefront of scaring Windows users. Hickey even got Snowden fooled.

Confucius say: Man who eat breakfast upside down end up with egg on face!

 

Maybe this is what kept Microsoft busy in February - there were no patches for any version of Windows and they refused to give an explanation. The exploits were addressed in the March patches. Feasible?

 

Maybe. As I remember it was something they found last minute that kept them from releasing updates in February. But why wouldn't they release other updates in February and then updates for exploits in March?

 

0-day exploits sell for $10,000+: http://cybersec.buzz/darknet-deep-web-zero-day-exploits/ . With that kid of money involved, you would have to be an complete idiot to give one away for free.

I believe the Shadow Broker folks might be studying "chaos theory" these days ...............

 

The "Shadow Broker" is a character type in the PC game "Mass Effect." I suspect it is this character that inspired The Shadow Brokers' name. The questions about it's suitability are obvious:

"The Shadow Broker is an individual at the head of an expansive organization which trades in information, always selling to the highest bidder. The Shadow Broker appears to be highly competent at its trade: all secrets that are bought and sold never allow one customer of the Broker to gain a significant advantage, forcing the customers to continue trading information to avoid becoming disadvantaged, allowing the Broker to remain in business...

...The Shadow Broker's identity is unknown to the general public in 2183; the Broker always operates through an agent. Barla Von refers to the Broker as "he" for convenience's sake, but tells Commander Shepard that he believes the Shadow Broker is a group of individuals: it does not seem possible for a single individual to monitor all of the available information and have such a wide sphere of influence...

Some of the Broker's resources are scattered across the galaxy, awaiting discovery."

http://masseffect.wikia.com/wiki/Shadow_Broker

 

Hmm, MS says it was already patched but then there's reports telling explicitly with this months updates some Windows versions are still vulnerable:

 

Windows Central, the source for the quote cited has this to say today:

"...We're unsure why we (and plenty of others) were still able to exploit up to date versions of Windows 7 and Server 2012.

However, our advice still stands: Use the latest software, install updates when they become available, and be mindful of your internet activities and what software you install. The original text of our article follows..."

http://www.windowscentral.com/everything-you-need-know-about-latest-shadowbrokers-dump?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+wmexperts+(Windows+Central)

 

http://news.softpedia.com/news/shadow-brokers-dump-nsa-files-showing-swift-infiltration-514938.shtml

 

The new shadow brokers leak connects the NSA to the stuxnet cyber weapon used on Iran

http://treason.news/2017-04-17-the-...to-the-stuxnet-cyber-weapon-used-on-iran.html

 

"Experts contend Microsoft canceled Feb. updates to patch NSA exploits..."

http://www.computerworld.com/articl...nceled-feb-updates-to-patch-nsa-exploits.html

 

AES-NI Ransomware Dev Claims He's Using Shadow Brokers Exploits

https://www.bleepingcomputer.com/ne...dev-claims-hes-using-shadow-brokers-exploits/

 

Script kiddies pwn 1000s of Windows boxes using leaked NSA hack tools

https://www.theregister.co.uk/2017/04/21/windows_hacked_nsa_shadow_brokers/

 

https://www.bleepingcomputer.com/ne...ters-infected-with-nsas-doublepulsar-malware/

 

https://arstechnica.com/security/20...00-windows-boxes-can-now-be-remotely-removed/

 

After Microsoft officials dismissed evidence that more than 10,000 Windows machines on the Internet were infected by a highly advanced National Security Agency backdoor, private researchers are stepping in to fill the void.

 

Yes, also this:

 

Shadow Brokers Attack Tools Light Up Chinese and Russian Darknet

https://www.infosecurity-magazine.com/news/shadow-brokers-attack-tools-china/

 

"Shadow Broker exploit dumps five million cyber attacks

More than five million cyber attacks originated from a series of exploit archives dumped onto the internet between April and June this year, according to Kaspersky Lab..."

http://www.itpro.co.uk/security/29234/shadow-broker-exploit-dumps-five-million-cyber-attacks

 

Kaspersky identifies mysterious APT mentioned in 2017 Shadow Brokers leak
November 5, 2019
https://www.zdnet.com/article/kaspe...us-apt-mentioned-in-2017-shadow-brokers-leak/

Kaspersky: DarkUniverse – the mysterious APT framework #27