"The tools and exploits released today have been specifically created to target earlier versions of Windows operating system", said security specialist Pierluigi Paganini on the Security Affairs website.
Earlier today, Microsoft concluded an investigation which it started yesterday after a mysterious group of hackers known as The Shadow Brokers dumped a trove of Windows exploits online, as part of a plan started past year and aimed at ousting the Equation Group cyber-espionage group as the NSA, and so, exposing the US' foreign hacking operations.
The SWIFT messaging system, which is headquartered in Belgium, is used by banks to transfer trillions of dollars each day.
Previous releases by the Shadow Brokers have contained tools and exploits that analysts have stated were years old and for which many companies had issued patches and updates.
The documents posted by the Shadow Brokers include Excel files listing computers on a service bureau network, user names, passwords and other data, Suiche said.
Researchers are now poring over the cache of files.
Cris Thomas, a security researcher with Tenable, said analysis of the leaked files suggested the United States government had the capability "to monitor, if not disrupt, financial transactions to terrorists groups".
Supreme Court Bars N Srinivasan From Representing BCCI In ICC Meet
The Deccan Chronicle's website reports that the Supreme Court said that there is a "cloud on Srinivasan's integrity". Supreme Court directed BCCI acting secretary Amitabh Choudhary & CEO Rahul Johri to attend the ICC meeting.
The document purports to show the infrastructure behind the system, along with another document, which shows that the NSA has deep access to some networks by exploiting VPN and firewall systems.
The tools appear legitimate, he said, and at least one of the zero-day exploits in the release still works against Windows Server 2013. Kevin Beaumont, who has been working tirelessly to fill in the blanks, says he thinks numerous vulnerabilities, including those that affect Windows XP, 2003, Vista, 7, and 8, are zero-day.
An SMBv3 remote code execution flaw in Windows 8 and Server 2012, which Microsoft says it patched via the same MS17-010.
Dubai-based financial services bureau EastNets has denied claims that its network had been hacked by the US National Security Agency, enabling the agency to monitor transactions made by some Middle Eastern institutions and companies. One researcher, speaking to Vice, said the exploits would have been worth more than $2m if sold privately.
But Beaumont said that some of the tools he examined "may be" previously undisclosed, but they have yet "to be confirmed".
Microsoft said in a statement to the BBC that it was "reviewing the report and will take the necessary actions to protect our customers".
Contacted via email, Matthew Hickey expressed a similar outlook, saying that "most home users will not be directly impacted by these vulnerabilities as an attacker needs to connect to services on their computer".
Comments