In 2016, a group called the Shadow Brokers appeared out of nowhere and dropped a digital bomb on the security world. They leaked a collection of cyber tools believed to come from the NSA’s elite hacking unit known as the Equation Group. Inside were exploits that could silently take over systems across the internet. Among them was EternalBlue, which later powered massive attacks like WannaCry and NotPetya, taking down hospitals, shipping lines, and entire networks within hours.

The leaks exposed the hidden world of state level hacking. What had once been locked inside secret agencies was suddenly free, used by anyone who could understand it. No one ever proved who the Shadow Brokers really were, but their message was clear. Even the most powerful systems can be breached, and once the code escapes, no one controls it.

#ShadowBrokers #CyberSecurity #HackingHistory #Infosec #CyberWarfare

Le retour de Flame

Flame, en mai 2012 est un programme malveillant dont le but est d’intercepter les e-mails, de collecter des fichiers et d’enregistrer des conversations à distance. Ce dernier est présumé créé par les États-Unis et Israël, en vue d'un objectif précis : retarder l'enrichissement d'uranium en Iran.
Ce pays semble mener d'une main de fer, le Moyen-Orient. Cette affaire ce cyberespionnage remonte au mois de mai 2012.« Il s’agit de préparer le champ de bataille pour un autre type d’action secrète », déclarait un ancien haut responsable du renseignement américain au The Wahington Post.

Le passé sert de référence, pour dessiner le futur d'une vie au présent, car la géopolitique du monde actuel se conçoit à travers ses cyberattaques. Roel Schouwenberg, chercheur principal chez Kaspersky Lab résumait (en 2012) ainsi la situation : « Flame a probablement été utilisé pour l'espionnage et Stuxnet pour le sabotage ».

(Crédits : Markus Spiske/Pexels)

https://librexpression.fr/flame-le-virus-fantome

https://www.washingtonpost.com/world/national-security/us-israel-developed-computer-virus-to-slow-iranian-nuclear-efforts-officials-say/2012/06/19/gJQA6xBPoV_story.html

#cyberattack #databreaches #equationgroupe #Europe #flame #France #Gaza #informatique #Iran #ISNU #Israel #Librexpression #Pegasus #ransomware #Russie #shadowbrokers #USA #threats

🇨🇳 #cybersecurity firms are still using information leaked by the #ShadowBrokers (🇷🇺 GRU) to identify alleged #EquationGroup's (🇺🇸 NSA) Hacking Ops inside 🇨🇳 .

So #inversecos looked at several cybersecurity reports on 🇺🇸 APTs.

Full Report 👇
https://www.inversecos.com/2025/02/an-inside-look-at-nsa-equation-group.html

Interesting deep dive into FVEY malware by Kaspersky: is it ONLY a crypto miner infection?

https://securelist.com/stripedfly-perennially-flying-under-the-radar/110903/

#fvey #shadowbrokers #analysis

Whether a result of clumsiness of a bored operator or deliberate subterfuge, there are clues that the supposed NSA front Equation Group operated out of Russia. The question remains: What were they doing that for?

Reprising my 2016 article "The Possibly Russian Fingerprints on the Shadow Brokers' Trick or Treat Package", https://bsdly.blogspot.com/2016/11/the-possibly-russian-fingerprints-on.html or trackerless https://nxdomain.no/~peter/possible_russian_fingerprints_on_the_shadow_brokers_trick_or_treat_package.html #cybercrime #hacking #Russian_cybercrime #EquationGroup #ShadowBrokers #NSA #RFC1918

#EpMe et #Jian : derrière le correctif remontant à 2017, des exploits “potentiellement” reliés à #ÉquationGroup ! (retour vers le 0-day…)

https://blog.sosordi.net/2021/02/epme-derriere-le-correctif-remontant-a-2017-un-outils-potentiellement-relie-a-equation-group-retour-vers-le-0-day.html

#securite #NSA #ShadowBrokers #EpMo