Fresh WikiLeaks Dump Shows CIA Was Hacking iPhones A Year After Launch

A new Wikileaks release called DarkMatter was released today, affirming that the Central Intelligence Agency has long targeted Apple Macs, creating malware designed to evade the tech giant’s security mechanisms. The leak also revealed the CIA had been targeting the iPhone since 2008, a year after the landmark device was released.

That slice of info was included in a small dump of information Wednesday, that included manuals for a handful of implants and rootkits – malware that can hide at the lowest level of Apple systems, the kernel and the firmware of the device. …

Source: Fresh Wikileaks Dump Shows CIA Was Hacking iPhones A Year After Launch

Share

A simple command allows the CIA to commandeer 318 models of Cisco switches

Bug relies on telnet protocol used by hardware on internal networks.

Cisco Systems said that more than 300 models of switches it sells contain a critical vulnerability that allows the CIA to use a simple command to remotely execute malicious code that takes full control of the devices. There currently is no fix.

Cisco researchers said they discovered the vulnerability as they analyzed a cache of documents that are believed to have been stolen from the CIA and published by WikiLeaks two weeks ago. The flaw, found in at least 318 switches, allows remote attackers to execute code that runs with elevated privileges, Cisco warned in anadvisory published Friday. …

Source: A simple command allows the CIA to commandeer 318 models of Cisco switches

Share

Security flaws ‘undiscovered for years’

Security holes known as zero-day vulnerabilities can lie dormant for up to 10 years, a study has suggested.

And this means that hackers have plenty of time to develop sophisticated exploits for a range of software.

The study, from research organisation Rand, looked at 200 security flaws, 40% of which are not yet publicly known.

It comes as documents from Wikileaks suggest the CIA has collected a portfolio of zero-day vulnerabilities.

The study suggests:

  • 25% of vulnerabilities become publicly known within one and a half years
  • 25% remain undiscovered for more than nine and a half years
  • Vulnerabilities that are publicly known are often disclosed with a patch
  • Once a vulnerability is found, an exploit can be developed in an average of 22 days

Source: Security flaws ‘undiscovered for years’ – BBC News

Share

WikiLeaks CIA files: The 6 biggest spying secrets revealed by the release of ‘Vault 7’

WikiLeaks has released a huge set of files that it calls “Year Zero” and which mark the biggest exposure of CIA spying secrets ever.

The massive set of documents – over 8,000 pages in all – include a host of hacking secrets that could embarrass intelligence agencies and the US government, as well as undermining spying efforts across the world.

Here are six of the biggest secrets and pieces of information yet to emerge from the huge dump.

1) The CIA has the ability to break into Android and iPhone handsets, and all kinds of computers …

2) Doing so would make apps like Signal, Telegram and WhatsApp entirely insecure …

3) The CIA could use smart TVs to listen in on conversations that happened around them …

4) The agency explored hacking into cars and crashing them, allowing ‘nearly undetectable assassinations’ …

5) The CIA hid vulnerabilities that could be used by hackers from other countries or governments …

6) More information is coming …

Source: WikiLeaks CIA files: The 6 biggest spying secrets revealed by the release of ‘Vault 7’

Share