News

News

• April 28, 2017 28 Apr'17

  Verizon DBIR 2017: Basic cybersecurity focus misplaced

  Basic cybersecurity measures like limiting password reuse and implementing multifactor authentication could be big benefits, according to the Verizon DBIR 2017.

• April 28, 2017 28 Apr'17

  Pretexting is a rising threat, according to 2017 Verizon DBIR

  The 2017 Verizon DBIR details threats becoming more popular, like ransomware, and some that are less known, but dangerous, like pretexting.

• April 28, 2017 28 Apr'17

  Still waiting for a cybersecurity executive order from Trump

  News roundup: A cybersecurity executive order overdue, but 'close and nearby.' Plus, the USPTO says it will stop using HTTPS; a teenage hacker sentenced to prison; and more.

• April 28, 2017 28 Apr'17

  Risk & Repeat: More Equation Group cyberweapons leaked

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the latest round of Equation Group cyberweapons and how Microsoft patched them.

• April 27, 2017 27 Apr'17

  AWS promises to be GDPR compliant by May 2018 deadline

  Amazon promises all AWS cloud services will be GDPR compliant before enforcement of the new EU data privacy regulation starts in 2018, offers customers assistance.

• Sponsored News

  • Keep out vulnerable third-party scripts that help steal data from your website

    Sponsored by Akamai - Visiting a website today, users gain access to a rich, interactive experience that is often customized to their preferences and enhanced for their convenience. See More

  • DDoS attacks are growing in frequency and scale during the pandemic. What can businesses do?

    Sponsored by Akamai - At a time when many businesses have their resources stretched to the limit, the scourge of distributed denial-of-service (DDoS) attacks has continued unabated and added to the difficulties faced by many during this ongoing pandemic. See More

  • Product Video: Page Integrity Manager

    Sponsored by Akamai - With modern web pages relying heavily on scripts to run services and access data, attackers are exploiting those scripts as a new attack vector to steal sensitive customer information. See More

  • Product Video: Web Application Protector

    Sponsored by Akamai - With limited security expertise, protecting your web applications is a daunting task. Web Application Protector provides automated web application firewall (WAF) and distributed denial-of-service (DDoS) protection that’s designed to offload the complexity associated with a traditional WAF. See More

  View All Sponsored News
• April 25, 2017 25 Apr'17

  Symantec certificate authority issues, answered

  Google and Mozilla weigh the proper response to Symantec certificate authority issues, as the CA giant prepares an alternative proposal for reinstating trust.

• April 25, 2017 25 Apr'17

  NSA spyware found infecting tens of thousands worldwide

  A new security tool will let users scan their systems for the presence of NSA spyware found in the latest Equation Group leak, and tens of thousands are already infected.

• April 21, 2017 21 Apr'17

  Stuxnet worm flaw still the most exploited after seven years

  Security researchers say the vulnerability behind the infamous Stuxnet worm is still the most exploited in the world, seven years after being patched.

• April 21, 2017 21 Apr'17

  Hajime worm fights the forces of evil IoT malware, maybe

  News roundup: The Hajime worm is the nicer, sneakier brother of Mirai malware. Plus, the FBI and CIA hunt for the Vault 7 whistleblower, Symantec adds to Zscaler lawsuit, and more.

• April 21, 2017 21 Apr'17

  Q&A: Software-Defined Secure Networks with Juniper's Kevin Walker

  Juniper's Kevin Walker talks with SearchSecurity about his company's Software-Defined Secure Network platform, improving SDN security, and the evolution of machine learning.

• April 20, 2017 20 Apr'17

  Oracle patches Apache Struts exploits, Equation Group vulnerability

  There were 299 Oracle patches in the April Critical Patch Update, including a fix for the Apache Struts exploits found in the wild and a vulnerability from the Equation Group dump.

• April 19, 2017 19 Apr'17

  Cheap ransomware as a service arrives for malicious actors

  A new type of ransomware as a service has appeared on the dark web, with unique features and an inexpensive price to attract malicious actors.

• April 19, 2017 19 Apr'17

  Risk & Repeat: Mozilla joins the Symantec certificate authority debate

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss mounting pressure on the Symantec certificate authority business to provide answers about its practices.

• April 18, 2017 18 Apr'17

  Shadow Brokers' Windows exploits target unsupported systems

  A new release of NSA cyberweapons falls flat, as Windows exploits from the Shadow Brokers have mostly been patched. But unsupported systems are still at risk.

• April 14, 2017 14 Apr'17

  Shadow Brokers release SWIFT banking and Windows exploits

  The Shadow Brokers released another cache of cyberweapons linked to the Equation Group, including Windows exploits and attack details for the SWIFT banking system.

• April 14, 2017 14 Apr'17

  DARPA's SSITH program takes aim at hardware vulnerabilities

  News roundup: DARPA's SSITH program tackles hardware vulnerabilities for better security. Plus, new risks placed in OWASP Top 10, SWIFT launches new anti-fraud tool, and more.

• April 14, 2017 14 Apr'17

  CLDAP reflection attacks may be the next big DDoS technique

  Security researchers discovered a new reflection attack method using CLDAP that can be used to generate destructive but efficient DDoS campaigns.

• April 13, 2017 13 Apr'17

  Risk & Repeat: Juniper's Kevin Walker on SDN security challenges

  In this episode of SearchSecurity's Risk & Repeat podcast, Kevin Walker, Juniper Networks' security chief technology and strategy officer, talks about SDN security challenges.

• April 13, 2017 13 Apr'17

  U.S. election hacking not an act of cyberwarfare, experts say

  The government needs a better definition for an act of cyberwarfare, says ex-CIA Director Michael Hayden, because he doesn't think the U.S. election hacking applies.

• April 12, 2017 12 Apr'17

  Symantec CA woes debated by browser community

  Compliance with CA/B Forum Baseline Requirements was debated after Symantec CA posted responses to 14 issues raised by Mozilla developers.

• April 12, 2017 12 Apr'17

  Security Update Guide brings growing pains to Patch Tuesday

  Microsoft fundamentally changes how IT pros will consume Patch Tuesday releases with the Security Update Guide and brings fixes for an actively exploited Word zero-day.

• April 11, 2017 11 Apr'17

  CIA Vault 7 tools attributed to hacking group for years

  Security researchers said the CIA Vault 7 tools and techniques are linked to cyberattacks over the past six years targeting various foreign entities.

• April 07, 2017 07 Apr'17

  State Department hack and APT29 prove attacker resilience

  News Roundup: 'Hand-to-hand' combat in State Department hack, APT29 has a stealth backdoor, the creator of the internet backs strong encryption, and more.

• April 07, 2017 07 Apr'17

  CA Strong Authentication offers businesses low-cost MFA and 2FA

  CA Strong Authentication brings inexpensive multi- and two-factor authentication to businesses looking to protect mobile applications and devices and to prevent identity theft.

• April 07, 2017 07 Apr'17

  Windows 10 telemetry data collection details revealed

  Microsoft exposes Windows 10 telemetry practices just a week before Creators Update; may allay privacy concerns over Windows 10 data collection.

• April 06, 2017 06 Apr'17

  Public/private threat intelligence sharing faces roadblocks

  The U.S. government says it wants to improve threat intelligence sharing between the public and private sectors, but experts are unsure that is possible in the current climate.

• April 06, 2017 06 Apr'17

  Chinese hacking group APT10 linked to global trade target

  Evidence points to Chinese hacking group APT10 conducting economic espionage in the breach of a trade policy group prior to U.S.-China trade summit talks in Florida.

• April 05, 2017 05 Apr'17

  Risk & Repeat: Strong encryption under fire again

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the latest round of the encryption debate and what it means for apps that use strong encryption.

• April 05, 2017 05 Apr'17

  Pegasus malware expands from iOS to Android

  One of the more malicious iOS threats -- Pegasus malware -- has made its way to Android devices and it has some dangerous new tricks in its arsenal.

• April 05, 2017 05 Apr'17

  Internet security protocol bodies ISOC, OTA announce merger

  The two leading internet security protocol bodies, Online Trust Alliance and Internet Society, merge to work for improved IoT security and online security.

• April 04, 2017 04 Apr'17

  Symantec certificate authority issues listed by Mozilla developers

  Mozilla developers respond to questionable Symantec certificate authority practices, as the security provider questions Google's proposed solutions.

• March 31, 2017 31 Mar'17

  Risk & Repeat: Google slams Symantec certificates

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss Google's proposed plan to distrust Symantec certificates following more allegations of mis-issuance.

• March 31, 2017 31 Mar'17

  EU encryption backdoor options for messaging apps set for June

  Messaging app developers will be offered 'three or four' legislative and non-legislative options for encryption backdoor access for EU law enforcement.

• March 31, 2017 31 Mar'17

  WikiLeaks' false flag attack allegations against CIA unfounded

  Another set of documents from the Vault 7 CIA cache was released by WikiLeaks, but experts say the allegations of false flag attacks are unfounded and dangerous.

• March 31, 2017 31 Mar'17

  Obama-era cyber executive order extended by Trump

  A cyber executive order from the Obama era has been extended by President Trump to allow sanctions placed on cybercriminals who attack the U.S.

• March 31, 2017 31 Mar'17

  HTTPS traffic has yet to surpass HTTP traffic, Fortinet study shows

  News roundup: HTTPS traffic has yet to surge, despite its security benefits, according to a report. Plus, the latest in the Apple extortion; a Mirai attack lasted 54 hours; and more.

• March 30, 2017 30 Mar'17

  Experts debunk strong encryption claims by FBI's Comey

  FBI Director James Comey clearly laid out his views on strong encryption and urged more conversation, but experts say his arguments fall flat and may even be misleading.

• March 30, 2017 30 Mar'17

  Google's Project Zero Prize uncovers zero Android remote exploits

  After six months, Google's Project Zero Prize competition uncovered zero Android remote exploits: no bugs, no prizes, no entries.

• March 29, 2017 29 Mar'17

  Potential SSL API flaw could reveal private keys

  A researcher claims to have found Symantec SSL API issues with extremely dangerous consequences, but a lack of evidence causes confusion.

• March 24, 2017 24 Mar'17

  Encryption debate needs to be nuanced, FBI's Comey says

  FBI Director James Comey brought the encryption debate back to the forefront by asking for a 'nuanced and thoughtful' conversation on the topic before there is a serious attack.

• March 24, 2017 24 Mar'17

  Google considers options on Symantec certificate authority 'failures'

  Symantec certificate authority cries foul, as Google considers severe options following the company allegedly misissuing as many as 30,000 digital certificates.

• March 24, 2017 24 Mar'17

  Comodo to open its Certificate Transparency logs to all CAs

  Certificate authority Comodo has submitted two new Certificate Transparency logs for approval by Google, which aim to accept any publicly trusted certificates from any CA.

• March 24, 2017 24 Mar'17

  Cisco issues fix for Vault 7 vulnerability without help from WikiLeaks

  News roundup: Cisco fixes a Vault 7 flaw unaided, despite WikiLeaks' pledge to work with vendors. Plus, LastPass flaws leak user data; Apple held hostage by hackers; and more.

• March 23, 2017 23 Mar'17

  DV certificates abused, but policing may not be possible

  Research shows DV certificates can be a prime target for phishing and malware operators, but experts are unsure how certificate authorities should deal with the issue.

• March 22, 2017 22 Mar'17

  Risk & Repeat: Accused Yahoo hackers indicted

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the indictments of the alleged Yahoo hackers and how the attackers minted Yahoo authentication cookies.

• March 22, 2017 22 Mar'17

  HTTPS interception, middlebox models under fire

  HTTPS interception in security products and services may be reducing security rather than improving it, according to US-CERT, which puts middleboxes in a precarious position.

• March 21, 2017 21 Mar'17

  WikiLeaks' disclosure of CIA hacks comes with requirements

  WikiLeaks reportedly made demands of vendors at risk from the Vault 7 CIA hacks, but without knowing what the requirements are, experts are unsure how to react.

• March 21, 2017 21 Mar'17

  FBI investigating Trump campaign ties to Russia, DNC breach

  FBI Director James Comey confirmed the bureau is investigating the Trump campaign's ties to the Russian government and election cyberattacks such as the DNC breach.

• March 17, 2017 17 Mar'17

  Yahoo fallout: Minted authentication cookies raise concerns

  Although minting authentication cookies is not widely understood, the Yahoo hacker indictments has brought it to the forefront and shown it can be very dangerous.

• March 17, 2017 17 Mar'17

  Will the Yahoo breach indictments be an effective hacker deterrent?

  The Department of Justice indicted suspects in the 2014 Yahoo breach, but experts are unsure if this will prove to be an effective hacker deterrent moving forward.

• March 17, 2017 17 Mar'17

  Patched Apache Struts vulnerability exploited in the wild

  News roundup: An Apache Struts vulnerability is still being exploited, despite being patched. Plus, WhatsApp and Telegram release patches; Assange contacts Microsoft; and more.

• March 15, 2017 15 Mar'17

  DOJ indicts suspected Yahoo hackers from Russia; extradition unclear

  The U.S. Department of Justice indicted four men -- including two Russian Federal Security Service officers -- accused of being the Yahoo hackers, but only one person was arrested.

• March 15, 2017 15 Mar'17

  Risk & Repeat: Leak of CIA hacking tools creates confusion

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the confusion around WikiLeaks' release of government documents regarding CIA hacking tools.

• March 14, 2017 14 Mar'17

  Nine critical Windows security bulletins in Patch Tuesday

  After its cancelled February Patch Tuesday, Microsoft's March 2017 Patch Tuesday includes nine critical Windows security bulletins targeting remote code execution flaws.

• March 14, 2017 14 Mar'17

  Is the antivirus industry dead? Experts weigh in

  RSAC 2017: With malware-detecting software increasingly coming under fire for vulnerabilities, find out what the experts had to say about the future of the antivirus industry.

• March 14, 2017 14 Mar'17

  Deprecated SHA-1 certificates trip up SAP Ariba

  SHA-1 certificates are still in play, despite browser deprecation, as SAP Ariba advises legacy users to use unpatched browsers to avoid error messages, blocked access.

• March 14, 2017 14 Mar'17

  Android ransomware and more pre-installed on devices

  Security researchers found Android ransomware and malware pre-installed on popular devices, putting users at risk for information theft, tracking and more.

• March 10, 2017 10 Mar'17

  Report on zero-day vulnerabilities highlights shelf life, overlap

  News roundup: Report on zero-day vulnerabilities questions government stockpiling. Plus, Comey talks encryption and privacy, FCC blocks consumer protection rule, and more.

• March 10, 2017 10 Mar'17

  WikiLeaks vows to disclose CIA hacking tools; CIA to investigate

  WikiLeaks founder Julian Assange promised to work with vendors to help patch products vulnerable to CIA hacking tools, while the FBI and CIA will investigate the leak.

• March 09, 2017 09 Mar'17

  Operation Rosehub patches Java vulnerabilities in open source projects

  Google employees recently completed Operation Rosehub, a grass roots effort that patches a set of serious Java vulnerabilities in thousands of open source projects.

• March 08, 2017 08 Mar'17

  Responsible vulnerability disclosure lacking by CIA and WikiLeaks

  Experts criticize both WikiLeaks and the CIA for failing responsible vulnerability disclosure around the Vault 7 documents, and question the CIA's use of the VEP.

• March 08, 2017 08 Mar'17

  Vault 7 CIA hacking weapons include iOS, Android and Windows zero days

  WikiLeaks released a massive dump of files it claims to be CIA hacking tools, codenamed Vault 7, which includes iOS and Android zero-day exploits.

• March 06, 2017 06 Mar'17

  FBI chooses to protect Tor vulnerability and dismiss child porn case

  The Department of Justice dropped a child pornography case in order to avoid disclosing a Tor vulnerability; dozens more cases potentially affected.

• March 06, 2017 06 Mar'17

  New cybersecurity report gets the hacker perspective

  A new cybersecurity report used a hacker survey to offer a perspective on IT that can often be overlooked and found there may not be any easy answers.

• March 03, 2017 03 Mar'17

  Slack hack threatened to expose user account data and messages

  News roundup: A researcher discovers a Slack hack through stolen tokens. Plus, another WordPress flaw puts 1 million users at risk; Necurs botnet does DDoS now; and more.

• March 03, 2017 03 Mar'17

  Cloudflare security team calms fears over Cloudbleed bug

  Cloudflare security researchers continue investigations as CEO calms fears over potential exposure of sensitive personal data by the Cloudbleed bug, though doubts remain.

• March 02, 2017 02 Mar'17

  Employees knew about Yahoo security breach years ago, per new SEC filing

  A new SEC filing details who knew about the major Yahoo security breach in 2014, but experts are confused by the repercussions of the announcement.

• February 28, 2017 28 Feb'17

  Edge and IE vulnerability disclosed by Project Zero

  Google Project Zero's 90-day disclosure policy bites Microsoft again, as a zero-day Edge and IE vulnerability is made public before a patch is available.

• February 27, 2017 27 Feb'17

  Chrome backs out of TLS 1.3 support after proxy issues

  After Google rolled out the latest version of Chrome, Blue Coat proxy software issues prompt rollback of TLS 1.3 support in latest version of Chrome browser.

• February 24, 2017 24 Feb'17

  Experts: Government Vulnerabilities Equities Process should be law

  Experts say codifying the Vulnerabilities Equities Process into law would increase transparency and trust regarding vulnerability disclosure by the government.

• February 24, 2017 24 Feb'17

  RSA Conference 2017: Are software regulations coming for developers?

  Security expert Bruce Schneier said programmers' freedom to code whatever they want will likely come to an end. Should the industry brace itself for software regulations?

• February 24, 2017 24 Feb'17

  Suspect in Mirai malware attack on Deutsche Telekom arrested

  News roundup: U.K. authorities arrested a suspect in the Mirai malware attack on Deutsche Telekom. Plus, a judge denies a government request to collect fingerprints, and more.

• February 24, 2017 24 Feb'17

  Project Zero discovers Cloudflare bug leaking sensitive customer data

  The Cloudflare bug in CDN is fixed after causing sensitive customer data to leak. Google Project Zero discovered the flaw, and users were warned to change passwords.

• February 23, 2017 23 Feb'17

  BeyondCorp brings software-defined network security to Google

  Google restructured its network security with the BeyondCorp program and wants to show other organizations how to move past firewalls.

• February 23, 2017 23 Feb'17

  SHA-1 deprecation more important after hash officially broken

  SHA-1 deprecation in browsers comes as researchers create hash collisions and Google offers website and developer tools to protect against malicious uses.

• February 22, 2017 22 Feb'17

  Risk & Repeat: RSA Conference 2017 highlights and trends

  In this episode of SearchSecurity's Risk & Repeat podcast, editors recap RSA Conference 2017 and discuss how the show addressed many security problems, but had very few answers.

• February 22, 2017 22 Feb'17

  Understanding of security remediation differs for CISOs, researchers

  One expert warned there can be a disconnect between what security remediation means to CISOs and what researchers announce because of divergent objectives.

• February 22, 2017 22 Feb'17

  Microsoft commits to GDPR compliance in the cloud by 2018 deadline

  Microsoft vows GDPR compliance in all cloud services when enforcement of the new EU data privacy regulation begins in May 2018, but companies still must take action to avoid fines.

• February 21, 2017 21 Feb'17

  Google discloses Windows vulnerability after canceled Patch Tuesday

  Google Project Zero discloses a Windows vulnerability that passed the 90-day deadline. And it comes soon after Microsoft canceled its Patch Tuesday release.

• February 21, 2017 21 Feb'17

  Windows 10 privacy issues persist, says EU privacy watchdog

  Windows 10 privacy issues remain as EU's top privacy watchdog group, the Article 29 Working Party, issues a second warning letter to Microsoft to simplify, clarify data collection.

• February 17, 2017 17 Feb'17

  Microsoft Patch Tuesday February release delayed by a month

  News roundup: Microsoft Patch Tuesday was canceled in February without a clear reason. Plus, APT28 is linked to new Mac malware; Lazarus targets more banks and more.

• February 17, 2017 17 Feb'17

  Q&A: Digging into darknet technology with Farsight's Andrew Lewman

  At RSAC, former Tor Project CEO Andrew Lewman explains the latest research into darknet technology and how that tech continues to evolve as an attack vector.

• February 16, 2017 16 Feb'17

  Connected medical devices spark debate at RSA Conference session

  An RSA Conference session on a new attack on connected medical devices led to a spirited debate on vulnerability disclosure and manufacturer responsibility.

• February 16, 2017 16 Feb'17

  Experts debate national cybersecurity policy suggestions at RSAC 2017

  Experts at RSAC 2017 discussed national cybersecurity policy suggestions for the new presidential administration, including what to do about encryption and the DHS mission.

• February 16, 2017 16 Feb'17

  Q&A: Yubico brings FIDO authentication protocol to the masses

  Yubico founder and CEO Stina Ehrensvard spoke with SearchSecurity at RSAC 2017 about FIDO authentication and how Google uses it to secure logins and cut costs.

• February 16, 2017 16 Feb'17

  RSA Conference speakers tackle tech immigration reform, travel ban

  Several speakers made pro-immigration remarks at RSA Conference 2017 and called for tech immigration reform following President Trump's controversial executive order.

• February 15, 2017 15 Feb'17

  Upcoming cybersecurity executive order leaves RSAC experts optimistic

  Experts at RSAC 2017 discussed the upcoming cybersecurity executive order from the new presidential administration and how the NIST Framework strengthens the plan.

• February 15, 2017 15 Feb'17

  Do IoT security risks require new legislation or will standards suffice?

  In a panel discussion about current IoT security risks, experts at RSA Conference 2017 weigh government legislation options against industry self-regulation.

• February 15, 2017 15 Feb'17

  Bruce Schneier: It's time for internet-of-things regulation

  Speaking at RSA Conference 2017, security expert Bruce Schneier called for the creation of a new government agency to oversee internet-of-things regulation.

• February 15, 2017 15 Feb'17

  Christopher Young: Don't sleep on the Mirai botnet

  RSA Conference 2017 was full of talk about future IoT attacks, but Intel Security's Christopher Young said the Mirai botnet is still an enormous threat and demonstrated why that is.

• February 15, 2017 15 Feb'17

  State-sponsored hacking needs to stop, says Congressman McCaul

  Rep. Michael McCaul took a harsh stance on Russian state-sponsored hacking at RSA Conference 2017 and pushed the U.S. government to do more to stop such attacks.

• February 14, 2017 14 Feb'17

  RSA panel covers cryptography trends, elections and more

  Panel at RSAC on cryptography trends offers views on AI's coming domination of cybersecurity, quantum computing and quantum cryptography, politics and elections and more.

• February 14, 2017 14 Feb'17

  Microsoft: Nation-state cyberattacks have changed the security game

  Microsoft's Brad Smith spoke at RSA Conference 2017 about the effects of nation-state cyberattacks and what businesses and governments can do about them.

• February 14, 2017 14 Feb'17

  Ramzan advocates collaborative security in RSAC keynote

  Zulfikar Ramzan opens RSA Conference 2017 by reminding enterprises that just as cyberattacks have long-tail repercussions, so too do collaborative security decisions made in business.

• February 14, 2017 14 Feb'17

  RSA President Rohit Ghai details new cybersecurity platform at RSAC 2017

  Michael Dell introduces RSA's newly appointed president, Rohit Ghai, who is set to lead the cybersecurity firm as it implements its new Business Driven Security platform.

• February 14, 2017 14 Feb'17

  Nation-state cyberattacks rising, warns former NSA director

  Speaking at RSA Conference 2017, former NSA Director Keith Alexander warned of increased nation-state cyberattacks and called for an overhaul of U.S. government cybersecurity.

• February 13, 2017 13 Feb'17

  Ransomware threat continues to evolve, defense needs to catch up

  With the rapid expansion of the ransomware threat landscape, defenders are scrambling to find ways to fight back. RSAC 2017 dedicated a full day for a ransomware seminar.

• February 10, 2017 10 Feb'17

  Trump tells White House cybersecurity officer, 'You're fired'

  Rumors have been confirmed that President Trump has fired the White House cybersecurity officer in charge of making sure he and his staff are not hacked.

• February 10, 2017 10 Feb'17

  Corero: Telecom carriers have fallen behind on DDoS defense

  Corero Network Security's Dave Larson talks with SearchSecurity about how DDoS defense has changed and why telecom service providers have struggled to keep up with new threats.

• February 10, 2017 10 Feb'17

  NSA contractor indicted for stealing elite cyberweapons over 20 years

  The NSA contractor accused of stealing elite cyberweapons over the course of 20 years, but his connection to the Shadow Brokers auction of similar hacking tools is still unclear.