Page 3 of 53 FirstFirst 1234513 ... LastLast
Results 41 to 60 of 1043

Thread: Russian Info, Cyber and Disinformation (Jan-June 2017).

  1. #41
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    Quote Originally Posted by OUTLAW 09 View Post
    Learned fm very reliable IC sources that Trump WH, w/help fm Russian intel, is targeting US journalists.
    Rough road ahead.
    Get ready

    There have been already a series of email attacks in the last two months which have the earmarks of the two Russian state sponsored hacking teams that hacked into the three US State election databases and into the DNC.....there was this week an attack on an election database taking the data of all voters...millions of personal datasets...

    Email attacks have been targeting journalists both independent...bloggers...and those working for MSM outlets..

    We have seen similar attempts here in Germany in the same time frame in the last two months....

    WHY do we know that it was and or is the two Russian state sponsored hacking teams?

    If anyone has been in a SIGINT collection site you have what as known as 98Hs....H for Hogs....who monitor all morse code transmitters....and with morse code hand keyers...each and every hand had a different touch and feel on the key thus a "signature".

    That is the same with these two hacking teams...when you are successful you tend to keep what works and discard what does not...and in the end it is the hand of the hacker that types on his keyboard and each hacker has their own style on the keys and has favorite commands....thus a "signature"....

    And lately there is a reoccurring set of "signatures" that can be tracked...regardless of how well one hides on the darknet....footprints are always still present days later...
    WikiLeaks

    @wikileaks
    ENCRYPTED RELEASE
    Use a 'torrent' downloader on:
    https://file.wikileaks.org/torrent/W...v1.7z.torrent#

    And '7z' to decrypt.
    Passphrase will be made public at Tue 9am ET.

  2. #42
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    DFR Lab

    @DFRLab
    Le Pen’s (Small) Online Army: How a French far-right group tried to break into @Twitter’s trends.
    https://medium.com/dfrlab/le-pens-sm...f0#.wlzm6i7o3#

  3. #43
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    Funny everyone freaking out Signal is compromised and not giving a hoot on FSB / GRU breaking Telegram.

    FSB/GRU have over three years worth of data from each and every user of Telegram...

  4. #44
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    Quote Originally Posted by OUTLAW 09 View Post
    Russian TV-station offered youths in #Rinkeby #Sweden money to do some "action" in front of the camera.

    This was on Feb 22, a few days after the statement about #Sweden by @realDonaldTrump and two days after the riots

    http://www.radio24syv.dk/udvalgte-ny...lave-ballade/#
    Swedish teenagers offered cash by Russian TV to riot. We are in an information war - time for Europe to fight back.
    http://www.thelocal.se/20170306/rink...to-bribe-them#

    Youths were offered 44 USDs each for their "actions"....
    Last edited by OUTLAW 09; 03-07-2017 at 04:40 PM.

  5. #45
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    Just in the initial reading of the WL CIA data bump ...have myself have spotted 14 statements/sentences that are blatantly FSB/GRU planted disinformation.....

    NOTICE just how this flanking WL support attempts to tie CIA to the Russian hacking tools THUS the DNC hacking was not Russia but a CIA false flag attack.....ALL DESIGNED to hurt Trump.....

    NOTICE now the so called "Deep State" conspiracy myth gets it support...

    In the Trump/Breitbart.com/Bannon world "Deep State" is being led by Obama....

    zerohedge‏#
    @zerohedge
    The CIA has stolen malware produced by Russia, and can misdirect attribution to Moscow
    http://www.zerohedge.com/news/2017-0...astern#…

    BUT WAIT......
    Live Monitor‏#@amlivemon 2h
    2 hours ago
    Pure Russian disinformation

    Live Monitor‏#@amlivemon 18m
    18 minutes ago
    I know both CIA & NSA well..the manipulative info mixed with disinformation selectively leaked by @Wikileaks is pure FSB propaganda #Vault7

    REALLY not much to see in this data dump....exploits will be read about......necessary patches patched...hands washed and onto a new day...and a new cycle of exploits and zero days...
    Last edited by OUTLAW 09; 03-07-2017 at 05:48 PM.

  6. #46
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    Comments reference the WL CIA data dump from yesterday attempting to tie CIA to the Russian DNC hack and support the Trump and company thesis of being attacked by the "Deep State"....

    Tuesday, March 07, 2017
    Some comments on the Wikileaks CIA/#vault7 leak

    I thought I'd write up some notes about the Wikileaks CIA "#vault7" leak. This post will be updated frequently over the next 24 hours.


    The CIA didn't remotely hack a TV. The docs are clear that they can update the software running on the TV using a USB drive. There's no evidence of them doing so remotely over the Internet. If you aren't afraid of the CIA breaking in an installing a listening device, then you should't be afraid of the CIA installing listening software.


    The CIA didn't defeat Signal/WhattsApp encryption. The CIA has some exploits for Android/iPhone. If they can get on your phone, then of course they can record audio and screenshots. Technically, this bypasses/defeats encryption -- but such phrases used by Wikileaks arehighly misleading, since nothing related to Signal/WhatsApp is happening. What's happening is the CIA is bypassing/defeating the phone. Sometimes. If they've got an exploit for it, or can trick you into installing their software.


    There's no overlap or turf war with the NSA. The NSA does "signals intelligence", so they hack radios and remotely across the Internet. The CIA does "humans intelligence", so they hack locally, with a human. The sort of thing they do is bribe, blackmail, or bedazzle some human "asset" (like a technician in a nuclear plant) to stick a USB drive into a slot. All the various military, law enforcement, and intelligence agencies have hacking groups to help them do their own missions.


    The CIA isn't more advanced than the NSA. Most of this dump is child's play, simply malware/trojans cobbled together from bits found on the Internet. Sometimes they buy more advanced stuff from contractors, or get stuff shared from the NSA. Technologically, they are far#behind the NSA in sophistication and technical expertise.


    The CIA isn't hoarding 0days. For one thing, few 0days were mentioned at all. The CIA's techniques rely upon straightforward hacking, not super secret 0day hacking Second of all, they aren't keeping 0days back in a vault somewhere -- if they have 0days, they are using them.


    The VEP process is nonsense.#Activists keep mentioning the "vulnerability equities process", in which all those interested in 0days within the government has a say in what happens to them, with the eventual goal that they be disclosed to vendors. The VEP is nonsense. The activist argument is nonsense. As far as I can tell, the VEP is designed as busy work to keep people away from those who really use 0days, such as the NSA and the CIA. If they spend millions of dollars buying 0days because it has that value in intelligence operations, they aren't going to destroy that value by disclosing to a vendor. If VEP forces disclosure, disclosure still won't happen, the NSA will simply stop buying vulns.


    There's no false flags. In several places, the CIA talks about making sure that what they do isn't so unique, so it can't be attributed to them. However, Wikileaks's press release hints that the "UMBRAGE" program is deliberately stealing techniques from Russia to use as a false-flag operation. This is nonsense. For example, the DNC hack attribution was live command-and-control servers simultaneously used against different Russian targets -- not a few snippets of code.


    This hurts the CIA a lot. Already, one AV researcher has told me that a virus they once suspected came from the Russians or Chinese can now be attributed to the CIA, as it matches the description perfectly to something in the leak. We can develop anti-virus and intrusion-detection signatures based on this information that will defeat much of what we read in these documents. This would put a multi-year delay in the CIA's development efforts. Plus, it'll now go on a witch-hunt looking for the leaker, which will erode morale. Update:#Three extremely smart and knowledgeable people who I respect disagree, claiming it won't hurt the CIA a lot. I suppose I'm focusing on "hurting the cyber abilities" of the CIA, not the CIA as a whole, which mostly is non-cyber in function.


    The CIA is not cutting edge.#A few days ago, Hak5 started selling "BashBunny", a USB hacking tool more advanced than the USB tools in the leak. The CIA seems to get most of their USB techniques from open-source projects, such Travis Goodpseeds "GoodFET" project.


    The CIA isn't spying on us.#Snowden revealed how the NSA was surveilling all Americans. Nothing like that appears in the CIA dump. It's all legitimate spy stuff (assuming you think spying on foreign adversaries is legitimate).


    Update #2: How is hacking cars and phones not SIGINT (which is the NSA's turf)?[*]#The answer is via physical access. For example, they might have a device that plugs into the ODBII port on the car that quickly updates the firmware of the brakes. Think of it as normal spy activity (e.g. cutting a victim's brakes), but now with cyber.

  7. #47
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    Stop Fake @StopFakingNews

    Tracking a Mysterious Missile Launcher Inside an Information War

    http://www.stopfake.org/en/tracking-...ormation-war/#

  8. #48
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    Kremlin bots instantly pounced on WikiLeaks dump, pushing false narrative that CIA framed Russia for hacking the DNC
    http://thebea.st/2neCyPG

    WikiLeaks' CIA dump came with a huge dezinformatsiya campaign that seemed poised and ready to exploit it.

    “That narrative emerged far too quickly to have been organic...That usually speaks to some sort of automation or coordination.”
    Last edited by OUTLAW 09; 03-08-2017 at 05:02 PM.

  9. #49
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    BREAKING: U.S. intel, law enforcement officials have known of CIA security breach that led to latest WikiLeaks dump since end of last year.

    Same timeframe as the Russian hacking in the US election...BUT they are assuming leakage came from a Contractor much like Snowdon was....

  10. #50
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    "Here’s Why You Should Worry About Russian Propaganda"
    http://buff.ly/2nfgOmF

  11. #51
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    It appears many in Washington have known about the DNC/DCCC documents stolen by Russians at least in August.
    http://www.bluedotdaily.com/paul-rya...sian-scandal/#


    The presidential election victory of Donald Trump may not be the only thing made illegitimate by Russian tampering.# It seems that the GOP congressional majority may also be called into question thanks to our Russian friends (?).
    According to the New York Times:
    The impact of the information released by the hackers on candidates like Ms. Taddeo in Florida and others in nearly a dozen House races around the country was largely lost in the focus on the hacking attacks against the Democratic National Committee and Hillary Clinton’s presidential campaign. But this untold story underscores the effect the Russian operation had on the American electoral system.[…]
    The intrusions in House races in states including Pennsylvania, New Hampshire, Ohio, Illinois, New Mexico and North Carolina can be traced to tens of thousands of pages of documents taken from the D.C.C.C., which shares a Capitol Hill office building with the Democratic National Committee.
    “This is not a traditional ###-for-tat on a partisan political campaign, where one side hits the other and then you respond,” said Kelly Ward, executive director of the D.C.C.C. “This is an attack by a foreign actor that had the intent to disrupt our election, and we were the victims of it.”
    The information gathered in this cyber attack was then fed to a Florida PAC supporting Paul Ryan, according to a Salon report:
    After Florida Democratic House candidate Joe Garcia appeared at a primary debate against opponent Annette Taddeo with a printout of some of the hacked DCCC documents to attack Taddeo, the National Republican Campaign Committee and The Congressional Leadership Fund, a super PAC with close ties to House Speaker Paul Ryan, used the hacked documents to defeat him in the general.
    And it appears many in Washington have known about the attacks for a while:
    After Guccifer 2.0 targeted the chair of the DCCC, New Mexico’s Ray Lujan, the Democrats sent a letter to his Republican counterpart on Aug. 29 arguing that “the NRCC’s use of documents stolen by the Russians plays right into the hands of one of the United States’ most dangerous adversaries,” and if the National Republican Campaign Committee continued using the materials, the GOP “will be complicit in aiding the Russian government in its effort to influence American elections.”
    Last edited by OUTLAW 09; 03-09-2017 at 08:37 AM.

  12. #52
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    After retro social media analysis....

    Moscow launched 22000 online propaganda resources 2 years prior its invasion in Ukraine
    Last edited by OUTLAW 09; 03-09-2017 at 09:10 AM.

  13. #53
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    Expose of a Russian fake news operation, this time against Canada. With the help of old and new intelligence assets.
    http://news.nationalpost.com/full-co...ief-in-canada#

    "the attack on Freeland began with dirty insinuations..." a Russian smear campaign targets Canada's foreign minister
    Last edited by OUTLAW 09; 03-09-2017 at 08:55 AM.

  14. #54
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    Julian Assange says WikiLeaks will share CIA hacking tools with tech companies
    http://reut.rs/2n3Ma3s

    Interesting in that all named exploited will be patched...but new ones will be found.....lather hands...rinse them and move on is the standard in the hacking world...

    The interesting thing is that in fact CIA could go via the darknet and purchase anything they need..why develop anything???

    Method of yesterday’s CIA leak:
    1—Dump 7K+ technical files
    2—Confuse most journalists
    3—Add misleading press release
    4—& biased analysis
    Last edited by OUTLAW 09; 03-09-2017 at 04:43 PM.

  15. #55
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    In coming days, expect to hear about communications between Roger Stone (Trump advisor) and Guccifer 2.0 (Russian hackers who hit the DNC).

  16. #56
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    Stop Fake @StopFakingNews
    Russia in The Hague: the lies, the fakes, and the fairy tales

    http://www.stopfake.org/en/russia-in...-fairy-tales/#

  17. #57
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    Pentagon red teams were able to hack into DoD networks emulating only "moderate-level adversaries"
    http://www.atlanticcouncil.org/blogs...cyber-attacks#

  18. #58
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    Glasnost Gone‏#@GlasnostGone
    Been trolled by #Russia? Coming soon, my new project looking at Who, Why & Where people use hashtags to harass journalists/activist #Donbass
    Attached Images Attached Images

  19. #59
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    https://krebsonsecurity.com/2017/03/...hacking-tools/

    WikiLeaks Dumps Docs on CIA’s Hacking Tools

    WikiLeaks on Tuesday dropped one of its most explosive word bombs ever: A secret trove of documents apparently stolen from the U.S. Central Intelligence Agency (CIA) detailing methods of hacking everything from smart phones and TVs to compromising Internet routers and computers. KrebsOnSecurity is still digesting much of this fascinating data cache, but here are some first impressions based on what I’ve seen so far.
    First, to quickly recap what happened: In a post on its site, WikiLeaks said the release — dubbed “Vault 7” — was the largest-ever publication of confidential documents on the agency. WikiLeaks is promising a series of these document#caches; this first one includes more than 8,700 files allegedly taken from a high-security network inside CIA’s Center for Cyber Intelligence in Langley, Va.

    The home page for the CIA’s “Weeping Angel” project, which sought to exploit flaws that could turn certain 2013-model Samsung “smart” TVs into remote listening posts.
    “Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized ‘zero day’ exploits, malware remote control systems and associated documentation,” WikiLeaks wrote. “This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.”
    Wikileaks said it was calling attention to the#CIA’s global covert hacking program, its malware arsenal and dozens of weaponized exploits against “a wide range of U.S. and European company products, includ[ing] Apple’s iPhone, Google’s Android and Microsoft’s Windows and even Samsung TVs, which are turned into covert microphones.”
    The documents for the most part don’t appear to include the computer code needed to exploit previously unknown flaws in these products, although WikiLeaks says those exploits may show up in a future dump. This collection is probably best thought of as an internal corporate wiki used by multiple CIA researchers who methodically found and documented weaknesses in a variety of popular commercial and consumer electronics.
    For example, the data dump lists a number of exploit “modules” available to compromise various models of consumer routers made by companies like Linksys, Microtik and Zyxel, to name a few.#CIA researchers also collated several pages worth of probing and testing weaknesses#in business-class devices#from Cisco,#whose powerful routers carry a decent portion of the Internet’s traffic on any given day.#Craig Dods, a researcher with Cisco’s rival Juniper, delves into greater detail on the Cisco bugs for anyone interested (Dods says he found no exploits for Juniper products in the cache, yet). Meanwhile, Cisco has published its own blog post on the matter.
    WHILE MY SMART TV GENTLY WEEPS
    Some of the exploits discussed in these leaked CIA documents appear to reference full-on, remote access vulnerabilities. However, a great many of the documents I’ve looked at seem to refer to attack concepts or half-finished exploits that may be limited by very specific requirements — such as physical access to the targeted device.
    The “Weeping Angel” project’s page from 2014 is a prime example: It discusses ways to turn certain 2013-model Samsung “smart TVs” into remote listening devices; methods for disabling the LED lights that indicate the TV is on; and suggestions for fixing a problem with the exploit in which the WiFi interface on the TV is disabled when the exploit is run.
    ToDo / Future Work:
    Build a console cable
    Turn on or leave WiFi turned on in Fake-Off mode
    Parse unencrypted audio collection
    Clean-up the file format of saved audio. Add encryption??
    According to the documentation, Weeping Angel worked as long as the target hadn’t upgraded the firmware on the Samsung TVs. It also said the firmware upgrade eliminated the “current installation method,” which apparently required the insertion of a booby-trapped USB device into the TV.
    Don’t get me wrong: This is a serious leak of fairly sensitive information. And I sincerely hope Wikileaks decides to work with researchers and vendors to coordinate the patching of flaws leveraged by the as-yet unreleased exploit code archive that apparently accompanies this documentation from the CIA.
    But in reading the media coverage of this leak, one might be led to believe that even if you are among the small minority of Americans who have chosen to migrate more of their communications to privacy-enhancing technologies like Signal or WhatsApp, it’s all futility#because the CIA can break it anyway.
    Perhaps a future cache of documents from this CIA division will change things on#this front, but an admittedly cursory examination of these documents indicates that the CIA’s methods for weakening the privacy of these#tools all seem to require attackers to first succeed in deeply subverting the security of the mobile device — either through a remote-access vulnerability in the underlying operating system or via physical access to the target’s phone.
    As Bloomberg’s tech op-ed writer Leonid Bershidsky notes, the documentation released here shows that these attacks are “not about mass surveillance — something that should bother the vast majority of internet users — but about monitoring specific targets.”
    By way of example, Bershidsky points to a tweet yesterday from Open Whisper Systems (the makers of the Signal private messaging app) which observes that, “The CIA/Wikileaks story today is about getting malware onto phones, none of the exploits are in Signal or break Signal Protocol encryption.”
    The company went on to say that because more online services are now using end-to-end encryption to prevent prying eyes from reading communications that are intercepted in-transit, intelligence agencies are being pushed “from undetectable mass surveillance to expensive, high-risk, targeted attacks.”

    A tweet from Open Whisper Systems, the makers of the popular mobile privacy app Signal.
    As limited as some of these exploits appear to be, the methodical approach of the countless CIA researchers who apparently collaborated to unearth these flaws is impressive and speaks to a key problem with most commercial hardware and software today: The vast majority of vendors#would rather spend the time and money marketing their products than embark on the costly, frustrating, time-consuming and continuous process of stress-testing their own products and working with a range of researchers to find these types of vulnerabilities before the CIA or other nation-state-level hackers can.
    Of course, not every company has a budget of hundreds of millions of dollars just to do basic security research. According to#this NBC News report from October 2016, the CIA’s Center for Cyber Intelligence (the alleged source of the documents discussed in this story) has a staff of hundreds and a budget in the hundreds of millions: Documents#leaked by NSA whistleblower Edward Snowden indicate the CIA requested $685.4 million for computer network operations in 2013, compared to $1 billion by the U.S. National Security Agency (NSA).
    TURNABOUT IS FAIR PLAY?
    NBC also reported that the#CIA’s Center for Cyber Intelligence was tasked by the Obama administration last year to devise cyber attack strategies in response to Russia’s alleged involvement in the siphoning of emails from Democratic National Committee servers as well as from Hillary Clinton‘s campaign chief John Podesta. Those emails were ultimately published online by Wikileaks last summer.
    the “wide-ranging ‘clandestine’ cyber operation designed to harass and ’embarrass’ the Kremlin leadership was being lead by the CIA’s Center for Cyber Intelligence.” Could this attack have been the Kremlin’s response to an action or actions by the CIA’s cyber center?
    NBC reported that the “wide-ranging ‘clandestine’ cyber operation designed to harass and ’embarrass’ the Kremlin leadership was being lead by the CIA’s Center for Cyber Intelligence.” Could this attack have been the Kremlin’s response to an action or actions by the CIA’s cyber center? Perhaps time (or future leaks) will tell.
    Speaking of the NSA, the Wikileaks dump comes hot on the heels of a similar disclosure by The Shadow Brokers, a hacking group that said it stole malicious software from the Equation Group, a highly-skilled and advanced threat actor that has been closely tied to the NSA.
    What’s interesting is this Wikileaks cache includes a longish discussion thread among CIA employees who openly discuss where the NSA erred in allowing experts to tie the NSA’s coders to malware#produced by the Equation Group. As someone who spends a great deal of time unmasking cybercriminals who invariably leak their identity and/or location through poor operational security, I was utterly fascinated by#this exchange.
    BUG BOUNTIES VS BUG STOCKPILES
    Many are using this latest deluge from WikiLeaks to reopen the debate over whether there is enough oversight of the CIA’s hacking activities.#The New York Times called yesterday’s WikiLeaks disclosure “the latest coup for the antisecrecy organization and a serious blow to the CIA, which uses its hacking abilities to carry out espionage against foreign targets.”

    Continued....

  20. #60
    Council Member
    Join Date
    Nov 2013
    Posts
    35,749

    Default

    WOW........

    .@PressSec: Assange has compromised and undermined our national security.
    http://usa.liveuamap.com/en/2017/9-m...ndermined-our#
    pic.twitter.com/QXGNnAW5bK via @FoxNews

Similar Threads

  1. Malware & other nasty IT / cyber things
    By AdamG in forum Media, Information & Cyber Warriors
    Replies: 111
    Last Post: 02-07-2018, 10:37 PM
  2. Russian Info, Cyber and Disinformation (Catch all till 2017)
    By TheCurmudgeon in forum Media, Information & Cyber Warriors
    Replies: 373
    Last Post: 02-14-2017, 11:30 AM
  3. Syria in 2016 (January-March)
    By davidbfpo in forum Middle East
    Replies: 3135
    Last Post: 03-31-2016, 08:51 PM
  4. Social Media: the widest impact of (merged thread)
    By zenpundit in forum Media, Information & Cyber Warriors
    Replies: 55
    Last Post: 02-29-2016, 06:57 AM
  5. Ukraine: Russo-Ukr War (June-December 2015)
    By davidbfpo in forum Europe
    Replies: 3393
    Last Post: 12-31-2015, 11:53 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •