APT, Breach, Cyberespionage, Data security, Network security

Goddess of cyberwar: Athena CIA tool subject of latest WikiLeaks Vault 7 dump

Bradley BarthMay 22, 2017

In its latest batch of leaked Vault 7 CIA documents, WikiLeaks on Friday published materials related to a malware implant called Athena, which enables remote beacon and loader capabilities on targeted computers running on Microsoft Windows versions XP through 10.

The documentation, dated between late 2015 and early 2016, notes that the CIA developed the malware in conjunction with Siege Technologies, a U.S.-based provider of offense-driven defensive cyber security solutions.

"Once installed, the malware provides a beaconing capability (including configuration and task handling), the memory loading/unloading of malicious payloads for specific tasks and the delivery and retrieval of files to/from a specified directory on the target system," WikiLeaks reported on its web site.

The previous week, WikiLeaks released details on AfterMidnight and Assassin, two CIA malware frameworks designed to work on Windows.

Bradley Barth

As director of community content at CyberRisk Alliance, Bradley Barth develops content for SC Media online conferences and events, as well as video/multimedia projects. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

The Cyclops Blink botnet was discovered targeting Asus routers, according to Trend Micro researchers. (“DSC01724” by intdev is marked with CC BY-ND 2.0.)

Device Security

Russian-linked botnet targeting Asus routers, other devices

Stephen WeigandMarch 22, 2022

Trend Micro researchers reported discovering a botnet linked to a Russian state-sponsored advanced persistent threat (APT) group has spread to Asus routers, in addition to WatchGuard devices.

A division in the VA’s Office of Information Technology (OIT) used SaaS applications and application programming interfaces (APIs) that did not meet federal security requirements. (“Department of Veterans Affairs” by Christopher Neugebauer is licensed under CC BY-SA 2.0)

Asset management

Proposal requires Veterans Affairs to hire outside contractor to assess cybersecurity needs

Derek B. JohnsonMarch 21, 2022

The Strengthening VA Cybersecurity Act would give the secretary of Veterans Affairs two months to contract with a federally funded research and development center for an independent cyber audit.

A satellite ground station that functions as a hub connecting a satellite network with a terrestrial telecommunications network. the FBI and Cybersecurity and Infrastructure Security Agency have issued a new joint advisory warning American and allied satellite owners and operators that they “are aware of possible threats to U.S. and international s...

Threat modeling

Agencies ‘aware’ of hacking threats to US, allied satellite networks

Derek B. JohnsonMarch 18, 2022

The advisory never mentions Russia – or any other country or hacking group – by name, but the language is notable because previous cybersecurity advisories put out in the wake of the Russian military build up and invasion have been careful to emphasize that there were no “specific or credible threats” driving their warnings.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Goddess of cyberwar: Athena CIA tool subject of latest WikiLeaks Vault 7 dump

Related

Russian-linked botnet targeting Asus routers, other devices

Proposal requires Veterans Affairs to hire outside contractor to assess cybersecurity needs

Agencies ‘aware’ of hacking threats to US, allied satellite networks

Get daily email updates