In case you missed our coverage this week in ThreatWatch, Nextgov’s
Did the National Security Agency get hacked?
That’s the big question of the week, which people started asking Aug. 13 when a group calling itself the Shadow Brokers kicked off a bitcoin auction for what it called were cyber weapons from the NSA-linked Equation Group.
As security experts dig through the data dump that accompanied the auction, they’re finding ties to NSA and its Tailored Access Operations Unit. The exploits show a high-level of sophistication and target Fortinet, Cisco, Juniper, TopSec and other network security systems. Some of the code names for hacking techniques that appear in documents leaked by Edward Snowden also pop up.
“Circumstantial evidence and conventional wisdom indicates Russian responsibility,” wrote Snowden on Twitter. He’s not the only one: James Lewis, a computer expert with the Center for Strategic and International Studies, told The New York Times the incident was “probably some Russian mind game.”
Though NSA has yet to comment publicly, WikiLeaks weighed in, tweeting it has copies of NSA’s cyber weapons and plans to release a “pristine copy in due course.”
A huge number of Android users are vulnerable to a flaw that allows attackers to intercept communications and—if unencrypted—inject malicious code or content, according to a mobile security company.
“We can estimate then that all Android versions running the Linux Kernel 3.6 (approximately Android 4.4 KitKat) to the latest are vulnerable to this attack or 79.9 percent of the Android ecosystem,” says a Lookout blog post.
The recently discovered Linux flaw lets hackers anywhere online to detect when two parties are communicating over a transmission control protocol connection, …