REUTERS/ Francois Lenoir

"We need touse our diplomatic and more traditional intelligence assets tobring pressure onthe governments ofQatar and Saudi Arabia, which are providing clandestine financial and logistic support toISIL [Daesh] and other radical Sunni groups inthe region," the letter read.

The document also mentioned the ongoing competition betweenDoha and Riyadh "to dominate the Sunni world."

On Monday, Saudi Arabia, Bahrain, the United Arab Emirates and Egypt announced a break indiplomatic relations withQatar, accusing Doha ofdestabilizing the situation inthe Middle East and supporting terrorist organizations, including the Muslim Brotherhood terror group (outlawed inRussia). The authorities ofeastern Libya, Yemen, aswell asthe Maldives subsequently also announced the severance ofrelations withQatar.

AFP 2017/ KHALED AL-SAYYED

The military conflict inSyria has been ongoing since2011 withgovernment fighting againstvarious opposition and militants groups, including Daesh. The influence ofDaesh inIraq has significantly increased in2014 when the terrorists captured the country's major city ofMosul afterinvading fromSyria. The operation toliberate the city is currently carried outby the Iraqi and US-led coalition forces.

Here is the original post:
WikiLeaks: Washington Was Aware of Qatar, Saudi Arabia Backing Terrorists - Sputnik International

In the most recent installment of WikiLeaks CIA Vault 7 series, the whistleblowing group has published details on a server virus codenamed Pandemic.

by Lucas Nolan2 Jun 2017, 12:39 PM PDT0

Wednesday on CNNs Newsroom, Rep. Blake Farenthold (R-TX) said he was open to the possibility that the intrusion into the Democratic National Committees servers that resulted in thousands of emails being released through Wikileaks last year prior to the start

by Jeff Poor24 May 2017, 1:40 PM PDT0

Tuesday on Fox News Channels Hannity, host Sean Hannity said he was no longer discussing the matter of now-deceased Democratic National Committee staffer Seth Rich and the suggestion that he was behind DNC emails being leaked to Wikileaks. Hannity alluded

by Jeff Poor23 May 2017, 9:46 PM PDT0

Internet entrepreneur Kim Dotcom has released a statement claiming knowledge of connections between murdered DNC staffer Seth Rich and WikiLeaks.

by Colin Madine23 May 2017, 12:09 PM PDT0

Wikileaks founder Julian Assange appeared on the Ecuadorian embassy balcony Friday afternoon after Sweden announced they were dropping the investigation into alleged rapes. Calling todays development an important victory, Mr Assange, 45, who has been claiming political asylum in the

by Oliver JJ Lane19 May 2017, 9:27 AM PDT0

Reports that Democratic National Committee (DNC) staffer Seth Rich was a source for WikiLeaks before his murder leaves us with even more unanswered questions surrounding the case.

by Charlie Nash16 May 2017, 1:04 PM PDT0

Fox News writes that murdered Democratic National Committee staffer Seth Rich leaked thousands of internal [DNC] emails to WikiLeaks and that the FBI is in possession of their correspondence.

by Breitbart News16 May 2017, 5:15 AM PDT0

Monday during the 10 p.m. ET news broadcast of Foxs Washington, D.C. affiliate WTTG, correspondent Marina Marraco revealed an investigation by former D.C. homicide detective Rod Wheeler found now-deceased Democratic National Committee staffer Seth Rich had been emailing with WikiLeaks.

by Jeff Poor15 May 2017, 8:32 PM PDT0

Chelsea Manning, the former U.S. soldier who leaked thousands of classified military documents to WikiLeaks, will receive free health care and remain on active duty after being released from prison.

by Ben Kew15 May 2017, 5:56 PM PDT0

WikiLeaks released a new set of CIA Vault 7 leaks, publishing information on two CIA malware frameworks known as AfterMidnight and Assassin. WikiLeaks published documentson malware titled AfterMidnight and Assassin which according to WikiLeaks are designed to operate within the

by Lucas Nolan12 May 2017, 11:06 AM PDT0

WikiLeaks published a hacking tool known as Archimedes in another installment of their CIA Vault 7 leak series today.

by Lucas Nolan5 May 2017, 9:53 AM PDT0

Writing at the Washington Post, WikiLeaks editor Julian Assange argues the CIA is declaring war on free speech by targeting WikiLeaks in retaliation for the exposure of embarrassing information included in the organizations Vault 7 data dump on the CIA.

by Breitbart Tech26 Apr 2017, 8:50 AM PDT0

U.S. authorities are preparing to seek the arrest of WikiLeaks editor Julian Assange, according to reports.

by Lucas Nolan21 Apr 2017, 11:45 AM PDT0

CIA Director Mike Pompeo had harsh words for WikiLeaks while speaking at the Center for Strategic and International Studies today, implying that the whistleblowing group was a hostile intelligence service.

by Lucas Nolan14 Apr 2017, 8:47 AM PDT0

(Reuters) Past cyber attacks on scores of organizations around the world were conducted with top-secret hacking tools that were exposed recently by the Web publisher Wikileaks, the security researcher Symantec Corp said on Monday.

by Breitbart Tech10 Apr 2017, 7:50 AM PDT0

A hacking group known as TheShadowBrokers recently released the password to NSA hacking tools from 2013 in protest of President Trumps missile strike on a Syrian airbase.

by Lucas Nolan8 Apr 2017, 8:34 PM PDT0

Following the election of ruling party candidate Lenn Moreno in Ecuador, WikiLeaks founder Julian Assange will likely be allowed to continue living at the Ecuadorian embassy in London.

by Lucas Nolan3 Apr 2017, 12:32 PM PDT0

WikiLeaks latest release from the Vault 7 leaks, titled Marble, claims that the CIA can use string obfuscating algorithms to attribute cyber attacks to other countries.

by Lucas Nolan31 Mar 2017, 8:24 AM PDT0

(Reuters) When WikiLeaks founder Julian Assange disclosed earlier this month that his anti-secrecy group had obtained CIA tools for hacking into technology products made by U.S. companies, security engineers at Cisco Systems swung into action.

by Breitbart Tech30 Mar 2017, 7:02 AM PDT0

Apple claims that the security exploits for their devices revealed in the WikiLeaks CIA Vault 7 release dubbed Dark Matter have already been patched.

by Lucas Nolan24 Mar 2017, 2:47 PM PDT0

The documents in the WikiLeaks Vault 7 data dump may have accidentally been confirmed as authentic CIA documents due to a statement by the US government.

by Lucas Nolan23 Mar 2017, 4:36 PM PDT0

WikiLeaks has released the second volume of their CIA Vault 7 leaks today, publishing information on a hacking project focusing on Apple devices referred to as Project Dark Matter.

by Lucas Nolan23 Mar 2017, 8:24 AM PDT0

WikiLeaks has reached out to tech companies including Apple, Google, and Microsoft to assist them in patching the zero-day exploits revealed in the CIA Vault 7 leaks, but are insisting that their demands are met before they provide further information.

by Lucas Nolan20 Mar 2017, 1:36 PM PDT0

Twitter refuses to verify the official account of WikiLeaks founder and editor Julian Assange, despite his accumulation of over 100,000 followers.

by Charlie Nash16 Mar 2017, 11:16 AM PDT0

Michael Hayden, the former director of the CIA, has claimed that millennials are more likely to leak information due to cultural differences.

by Lucas Nolan13 Mar 2017, 1:25 PM PDT0

A video of a woman asking her Amazon home assistant device if it worked for the CIA went viral following the Wikileaks data dump on the CIA, so we decided to test it for ourselves.

by Lucas Nolan10 Mar 2017, 12:11 PM PDT0

Rep. Dana Rohrabacher (R-CA) spoke with Breitbart News Daily SiriusXM host Raheem Kassam regarding the CIA and recent Wikileaks revelations and the current state of Americas spy state combined with a growing government bureaucracy.

by Dan Riehl10 Mar 2017, 8:20 AM PDT0

WikiLeaks stated yesterday that so far only one percent of the CIA material leaked to the organization has been published so far.

by Lucas Nolan9 Mar 2017, 10:58 AM PDT0

Former Michigan Congressman Pete Hoekstra, onetime chairman of the House Intelligence Committee, discussed the CIA WikiLeaks Vault 7 documents with SiriusXM host Raheem Kassam on Thursdays Breitbart News Daily.

by John Hayward9 Mar 2017, 9:43 AM PDT0

CIA documents published by WikiLeaks show that the CIA kept a database of Japanese style faces to utilize in online forums.

by Lucas Nolan8 Mar 2017, 7:00 PM PDT0

Read the original post:
WikiLeaks Articles - Breitbart

SIGN UP FOR OUR NEWSLETTER

In thelatest leak, published on Thursday, WikiLeaks outlines the use of the CIAs Pandemic project. This leak is a virus that targets Windows computers, sharing files with remote users in a local network. WikiLeaks described the program on their website writing,

Today, June 1st 2017, WikiLeaks publishes documents from the Pandemic project of the CIA, a persistent implant for Microsoft Windows machines that share files (programs) with remote users in a local network. Pandemic targets remote users by replacing application code on-the-fly with a trojaned version if the program is retrieved from the infected machine. To obfuscate its activity, the original file on the file server remains unchanged; it is only modified/replaced while in transit from the pandemic file server before being executed on the computer of the remote user. The implant allows the replacement of up to 20 programs with a maximum size of 800 MB for a selected list of remote users (targets).

As the name suggests, a single computer on a local network with shared drives that is infected with the Pandemic implant will act like a Patient Zero in the spread of a disease. It will infect remote computers if the user executes programs stored on the pandemic file server. Although not explicitly stated in the documents, it seems technically feasible that remote computers that provide file shares themselves become new pandemic file servers on the local network to reach new targets.

Documentation published by WikiLeaks states that the virus is installed via aminifilter device driver.Jake Williams, a malware expert at Rendition InfoSec, spoke to Ars Technica about the virus stating,This code looks like it was developed with a very specific use in mind. Many larger organizations dont use Windows file servers to serve files. They use special built storage devices (network attached storage). My guess here would be that this was designed to target a relatively small organization.

Williams worked at theNational Security Agencys elite Tailored Access Operation until 2013 and believes that WikiLeaks may be withholding some documentation relating to Pandemic. If you handed me this tool, I dont have enough information to make it go, he said. Theres more documentation than this. Its anyones guess as to why it wasnt released.

See the article here:
WikiLeaks: CIA 'Pandemic' Malware Infected Servers to Spread ... - Breitbart News

WikiLeaks on Thursday made public a CIA implant that is used to turn a Windows file server into a malware distribution point on the local network.

The documents describing the tool, Pandemic, explain how remote machines on the local network trying to download and-or execute documents from the file server over SMB are infected with replacement documents on the fly. The implant swaps out the document with a Trojanized version while its in transit, never touching the original document on the file server.

The documentation that was leaked yesterday spans from January 2014 to April 2014 and is for versions 1.0 and 1.1.

The leaks are just the latest CIA tools to be dumped on the internet by the polarizing whistleblower outfit, which has for every Friday since Marchsave last weekput CIA documents and attacks online for public consumption.

In between are the ShadowBrokers pouring more gasoline on this information-based firestorm promising monthly leaks of not only NSA-built exploits targeting browsers, handsets and Windows 10 computers, but also stolen data allegedly from China, Iran, Russia and North Koreas nuclear and missile programs.

The ShadowBrokers have already leaked their share of Windows-based exploits and vulnerabilities, the most worrisome being an April disclosure of SMB flaws and attacks that had been patched by Microsoft in March after it was allegedly tipped off by the NSA. One of those SMB exploits, EternalBlue, was of course used to launch and spread the WannaCry ransomware attacks three weeks ago today.

The ShadowBrokers also had their turn in the spotlight this week announcing a pricing structure and delivery schedule for its so-called Monthly Dump Service.

The Pandemic leak does not explain what the CIAs initial infection vector is, but does describe it as a persistent implant.

As the name suggests, a single computer on a local network with shared drives that is infected with the Pandemic implant will act like a Patient Zero in the spread of a disease,WikiLeaks said in its summary description. Pandemic targets remote users by replacing application code on-the-fly with a Trojaned version if the program is retrieved from the infected machine.

The key to evading detection is its ability to modify or replace requested files in transit, hiding its activity by never touching the original file. The new attack then executes only on the machine requesting the file.

Version 1.1 of Pandemic, according to the CIAs documentation, can target and replace up to 20 different files with a maximum size of 800MB for a single replacement file.

It will infect remote computers if the user executes programs stored on the pandemic file server, WikiLeaks said. Although not explicitly stated in the documents, it seems technically feasible that remote computers that provide file shares themselves become new pandemic file servers on the local network to reach new targets.

The CIA describes Pandemic as a tool that runs as kernel shellcode that installs a file system filter driver. The driver is used to replace a file with a payload when a user on the local network accesses the file over SMB.

The goal of Pandemic is to be installed on a machine where the remote users use SMB to download/execute PE (portable executable) files, the documentation says. Users that are targeted by Pandemic, and use SMB to download the targeted file, will receive the replacement file.

Continued here:
WikiLeaks Dumps CIA Patient Zero Windows Implant | Threatpost ... - Threatpost

Enlarge / One of the pages published Thursday in WikiLeaks' latest Vault 7 release.

WikiLeaks

WikiLeaks just published details of a purported CIA operation that turns Windows file servers into covert attack machines that surreptitiously infect computers of interest inside a targeted network.

"Pandemic," as the implant is codenamed, turns file servers into a secret carrier of whatever malware CIA operatives want to install, according to documents published Thursday by WikiLeaks. When targeted computers attempt to access a file on the compromised server, Pandemic uses a clever bait-and-switch tactic to surreptitiously deliver malicious version of the requested file. The Trojan is then executed by the targeted computers. A user manual said Pandemic takes only 15 seconds to be installed. The documents didn't describe precisely how Pandemic would get installed on a file server.

In a note accompanying Thursday's release, WikiLeaks officials wrote:

Today, June 1st 2017, WikiLeaks publishes documents from the "Pandemic" project of the CIA, a persistent implant for Microsoft Windows machines that share files (programs) with remote users in a local network. "Pandemic" targets remote users by replacing application code on-the-fly with a Trojaned version if the program is retrieved from the infected machine. To obfuscate its activity, the original file on the file server remains unchanged; it is only modified/replaced while in transit from the pandemic file server before being executed on the computer of the remote user. The implant allows the replacement of up to 20 programs with a maximum size of 800 MB for a selected list of remote users (targets).

As the name suggests, a single computer on a local network with shared drives that is infected with the "Pandemic" implant will act like a "Patient Zero" in the spread of a disease. It will infect remote computers if the user executes programs stored on the pandemic file server. Although not explicitly stated in the documents, it seems technically feasible that remote computers that provide file shares themselves become new pandemic file servers on the local network to reach new targets.

Documentation that accompanied Thursday's release said that Pandemic is installed as a minifilter device driver. Jake Williams, a malware expert at Rendition InfoSec, told Ars that this means Pandemic would have to be signed by a valid digital certificate that was either bought or stolen by the operative, or it means the implant would have to be installed using an exploit that circumvented code-signing requirements. The driver-signing restriction and other technical details, he said, give the impression the tool isn't in widespread use.

"This code looks like it was developed with a very specific use in mind," he said. "Many larger organizations don't use Windows file servers to serve files. They use special built storage devices (network attached storage). My guess here would be that this was designed to target a relatively small organization."

Williams, who worked in the National Security Agency's elite Tailored Access Operations hacking group until 2013, said Thursday's release appeared to omit some of the documents operatives would need to use the Pandemic implant.

"If you handed me this tool, I don't have enough information to make it go," he said. "There's more documentation than this. It's anyone's guess as to why it wasn't released."

Like previous Vault 7 releases, today's leak is a critical blow to US intelligence interests. But it's nowhere near as grave as the Shadow Brokers leaks.

View post:
WikiLeaks says CIA's Pandemic turns servers into infectious ... - Ars Technica

Any establishment-anointed political candidate wants to say they are under attack by the Russians because it gives them credibility, former MI5 intelligence officer Annie Machon told RT. Political analyst Adam Garrie joins the discussion.

Guillaume Poupard, the head of the National Cybersecurity Agency of France (ANSSI), said on Thursday there's no trace of a Russian hacking group being behind the attack on Emmanuel Macron's presidential election campaign.

According to him, the hack was so generic and simple that it could have been practically anyone.

RT: Where does this statement by France's cybersecurity chief leave the claims of Macron's team on Russian hacking?

Annie Machon: It leaves rather a lot of egg on their faces. It appears that this attack was of such of low technical level it could have been done by a script kiddie from their moms basement. So rather than this hysteria about: The Russians must have done it, the Russians must have done it, which reminds me to a certain extent of the Monty Python script that you must always expect a Spanish Inquisition. It is beyond parody. We have a situation now where he was trying to make political hay. It seems to me that any establishment-anointed political candidate now wants to immediately say they are under attack by the Russians because it gives them credibility. It is just crazy.

Now, the one thing we do know from this is that the one country that actually has hacked the French election was the USA, and that was back in the presidential election of 2012 where they were not only intercepting the electronic communications, they were actually running human agents in the political parties. We know this because of disclosures through the Vault 7 cache that WikiLeaks put out a month or two ago. For everyone to go around blaming the Russians, when in fact the Americans have been doing this for years, is rather rich?

RT: Why were members of Macron's team so sure about Russia's involvement? Do they know something France's cybersecurity chief doesn't?

AM: Obviously not. I think there were just jumping on the bandwagon because it was the sort of cool thing to do. After the fake buildup of the Russians hacked the American elections, which started by the way with a leak from the DNC [Democratic National Committee] that was given to WikiLeaks, and somehow it moved into Russians hacked the American election.

Suddenly it has become established fact in the mainstream media in the West that the Russians are going to hack every Western democratic election. That is patently not the case in France, and it is also patently not the case in Germany, where there has also been a similar panic about Russia trying to hack the forthcoming chancellors elections in the autumn this year. In fact, the BND [Federal Intelligence Service] and BfV [Federal Office for the Protection of the Constitution,] the two major intelligence agencies in Germany, put out a report in February saying there was absolutely no evidence whatsoever the Russians were trying to do this. Merkel didnt like that result. She told her intelligence agencies to go away and to find more evidence and to find a case to say that they were indeed trying to interfere in the German elections. It is collective hysteria.

Adam Garrie, political analyst

RT: Why were members of the Macron team so sure about Russia's involvement in hacking the campaign? Do they know something France's cybersecurity chief doesn't?

AG: I strongly doubt that. They barely seem to know how to beat Marine Le Pen. But with a little help from their friends in the mainstream media, France and elsewhere they managed to just about accomplish that. It is simply the restating of a tired, old narrative; they have very little else to say. Macron as a man, if you can even really call him that in terms of his personality, is more of a viceroy, more of a governor general than he is a president. Putin, at the press conference he had at Versailles with Macron, questioned whether France is able to even independently conduct its foreign policy in Syria, independent of NATO and the US-led coalition. So these people that really dont have much to offer their own country, let alone their political masters, are just churning out the narrative again and again. Youve seen it with Hillary Clinton in America, and her supporters, and you see something similar in France. And likewise, the allegations are based Donald Trump, probably accurately, said it could have been a 400-pound man in his bedroom somewhere. As the French authorities said today, it was probably the work of a lone hacker, and the hack itself wasnt at the level of sophistication that would have even required state operators to be behind it.

RT: Do you think all these Russian hacking allegations during the presidential race had much impact on the final choice of the new president?

AG: I agree with President Putin on this. All of these hacks and allegations of hacks have very little impact on the actual electoral results. People are going to look first and foremost in all countries at domestic issues. Unless youre in the war-zone thats what the priorities are going to be for voters. They are going to look at tax; they are going to look at healthcare. They are going to look at living standards, wages, employment, etc. these sorts of things. This idea that somehow magically Russia is pulling the political strings of various candidates in different Western countries is simply absurd. And I personally give the average voter - whether in France or America - more credit than the mainstream media is willing to give him.

The statements, views and opinions expressed in this column are solely those of the author and do not necessarily represent those of RT.

Read the original here:
'WikiLeaks' Vault 7 cache shows US not Russia hacked past French elections' - RT

New York Times

WikiLeaks Documentary Evolves With Its Subject, Year After Premiere New York Times Laura Poitras's film Risk is an up-close look at the WikiLeaks founder Julian Assange that has changed dramatically after disclosures in the U.S. presidential ... Showtime to Release Wikileaks Documentary 'Risk' by Laura Poitras ...Variety Showtime picks up Wikileaks documentary Risk, releases new trailerA.V. Club Showtime Sets WikiLeaks DocumentaryMultichannel News The Hill -gulfnews.com -YouTube all 20 news articles »

Here is the original post:
WikiLeaks Documentary Evolves With Its Subject, Year After Premiere - New York Times

Malware that WikiLeaks purports belongs to the Central Intelligence Agency has been definitively tied to an advanced hacking operation that has been penetrating governments and private industries around the world for years, researchers from security firm Symantec say.

Malware used by Longhorn bears an uncanny resemblance to tools and methods described in the Vault7 documents. Near-identical matches are found in cryptographic protocols, source-code compiler changes, and techniques for concealing malicious traffic flowing out of infected networks. Symantec, which has been tracking Longhorn since 2014, didn't positively link the group to the CIA, but it has concluded that the malware Longhorn used over a span of years is included in the Vault7 cache of secret hacking manuals that WikiLeaks says belonged to the CIA. Virtually no one is disputing WikiLeaks' contention that the documents belong to the US agency.

"Longhorn has used advanced malware tools and zero-day vulnerabilities to infiltrate a string of targets worldwide," Symantec researchers wrote in a blog post published Monday. "Taken in combination, the tools, techniques, and procedures employed by Longhorn are distinctive and unique to this group, leaving little doubt about its link to Vault7."

Exhibit A in Symantec's case are Vault7 documents describing malware called Fluxwire. The changelog tracking differences from one version to the next match within one to a few days the changes Symantec found in a Longhorn trojan known as Corentry. Early versions of Corentry also show that its developers used the same program database file location specified in the Fluxwire documentation. A change in Fluxwire version 3.5.0 that removes the database file path also matches changes Symantec tracked in Corentry. Up until 2014, Corentry source code was compiled using the GNU Compiler Collection. Then on February 25, 2015, it started using the Microsoft Visual C++ compiler. The progression matches changes described in Vault7 documentation.

Yet more similarities are found in a Vault7 malware module loader called Archangel and a specification for installing those modules known as Fire and Forget. The specification and modules described match almost perfectly with a Longhorn backdoor that Symantec calls Plexor.

Another Vault7 document prescribes the use of inner cryptography within communications already encrypted using the secure sockets layer protocol, performing key exchanges once per connection, and the use of the Advanced Encryption Standard with a 32-bit key. Still other Vault7 documents outline the use of the real-time transport protocol to conceal data sent to command-and-control servers and a variety of similar "tradecraft practices" to keep infections covert. While malware from other groups uses similar techniques, few use exactly the same ones described in the Vault7 documents.

According to Symantec:

While active since at least 2011, with some evidence of activity dating back as far as 2007, Longhorn first came to Symantecs attention in 2014 with the use of a zero-day exploit (CVE-2014-4148) embedded in a Word document to infect a target with Plexor.

The malware had all the hallmarks of a sophisticated cyberespionage group. Aside from access to zero-day exploits, the group had preconfigured Plexor with a proxy address specific to the organization, indicating they had prior knowledge of the target environment.

To date, Symantec has found evidence of Longhorn activities against 40 targets spread across 16 different countries. Symantec has seen Longhorn use four different malware tools against its targets: Corentry, Plexor, Backdoor.Trojan.LH1, and Backdoor.Trojan.LH2.

Before deploying malware to a target, Longhorn will preconfigure it with what appears to be target-specific code words and distinct C&C domains and IP addresses to communicate with. Longhorn uses capitalized code words, internally referenced as groupid and siteid, which may be used to identify campaigns and victims. Over 40 of these identifiers have been observed, and typically follow the theme of movies, characters, food, or music. One example was a nod to the band The Police, with the code words REDLIGHT and ROXANNE used.

Longhorns malware has an extensive list of commands for remote control of the infected computer. Most of the malware can also be customized with additional plugins and modules, some of which have been observed by Symantec.

Longhorns malware appears to be specifically built for espionage-type operations, with detailed system fingerprinting, discovery, and exfiltration capabilities. The malware uses a high degree of operational security, communicating externally at only select times, with upload limits on exfiltrated data, and randomization of communication intervalsall attempts to stay under the radar during intrusions.

For C&C servers, Longhorn typically configures a specific domain and IP address combination per target. The domains appear to be registered by the attackers; however they use privacy services to hide their real identity. The IP addresses are typically owned by legitimate companies offering virtual private server (VPS) or webhosting services. The malware communicates with C&C servers over HTTPS using a custom underlying cryptographic protocol to protect communications from identification.

Prior to WikiLeaks publishing its Vault7 materials, Symantec had regarded Longhorn as a well-resourced organization that engaged in intelligence-gathering operations. Researchers based that assessment on Longhorn's global range of targets and its ability to use well-developed malware and zero-day exploits. Symantec also noted that the group appeared to work a standard Monday-though-Friday work week, based on timestamps and domain name registration dates, behavior which is consistent with state-sponsored groups. Symantec also uncovered indicatorsamong them the code word "scoobysnack"and software compilation timesthat showed Longhorn members spoke English and likely lived in North America.

Since WikiLeaks published its first Vault7 installment in early March, there has been no outside source to either confirm or refute the authenticity of the documents. The Symantec research establishes without a doubt that the malware described in the trove is real and has been used in the wild for at least six years. It also makes a compelling case that the group that's responsible is the CIA.

Read more:
Found in the wild: Vault7 hacking tools WikiLeaks says come from CIA - Ars Technica

Last Updated On 10 April,201710:39 am

WikiLeaks released hundreds of NSA cyber weapons variants.

(Daily Dunya) - WikiLeaks has unearthed documents stating USs National Security Agency (NSA) has allegedly spied on Pakistani civilian and military leadership in the past.

NSA is responsible for global monitoring, collection, and processing of information and data for foreign intelligence and counterintelligence purposes in the USA.

Edward Snowden, a former NSA employee, has also suggested in the past that NSA used wiretapping and cyber weapons to spy on many international leaders.

On Saturday, WikiLeaks revealed hundreds of cyber weapons variants which include code pointing towards NSA hacking Pakistan mobile system.

The link shared in the tweet by WikiLeaks official account points to a Github repository containing the decrypted files pertaining to NSA cyber weapons. A complete analysis of these files by a cyber security expert is needed to further highlight the severity of the situation.

Initial impressions, however, seem to indicate that these leaks will certainly provide more substance to previous allegations against NSA.

See the article here:
U.S. NSA hacked Pakistani mobile system: WikiLeaks - DunyaNews Pakistan

Naked Security

WikiLeaks spills source code files for CIA's Marble Framework ... Naked Security Late last week, WikiLeaks dropped a third batch of documents as part of its Vault7 project, this time detailing what the CIA called the Marble Framework. and more »

Read more:
WikiLeaks spills source code files for CIA's Marble Framework ... - Naked Security