Monday, May 15, 2017

WikiLeaks Reveals 'AfterMidnight' & 'Assassin' CIA Windows Malware Frameworks

I have to agree in point with Microsoft being upset with the CIA Zero Day vulnerabilities, but you also have to look at Microsoft who read the dumped data as well as the hackers and had not fixed the vulnerability. That is sort of the catch 22 of Zero Day vulnerabilities, it is a vulnerability, but also could be known by other countries, even other private sector hackers. All Zero Day means is that one group thinks they know a vulnerability that others do not know. It maybe true, or it could be a lot of people know the vulnerability and are holding it close to the vest to exploit as needed. Once it is used, then vendors usually patch the vulnerability. Microsoft has known of some vulnerabilities that they have not patched for various reasons, like it is expensive and if know one knows about it, how dangerous can it be. So yes the WikiLeaks is still revealing vulnerabilities, but it is not something the CIA did, it is just a vulnerability they know about. Now these Malwares are a bit different, some of these have been developed by the Agency and they use various Zero Day vulnerabilities to insert them into other folks systems. The Stuxnet mallware, for lack of a better term used, some say, 3 different Zero Day vulnerabilities, but those vulnerabilities are well know, if fact the Stuxnet has been altered and used by China, Russia, even Iran, some hacker still use them, but for the most part the vulnerability is known and patched buy a lot of users.
from CTI Consulting

No comments:

Post a Comment