×

Register to Access Intelligence Summary

First Name
Last Name
Job Title
Company
Country
State
Thank you!
Error - something went wrong!
   

Weekly Intelligence Summary 26 February

February 26, 2021

The People’s Republic of China (PRC)-linked advanced persistent threat (APT) group “APT31” reportedly cloned and deployed a zero-day exploit developed by the US National Security Agency's (NSA) Equation Group in 2013. APT31 accessed two versions of Equation Group’s “EpMe” files, which they repurposed into the zero-day exploit “Jian”. Jian was deployed from 2015 until the vulnerability it exploited (CVE-2017-2005) was patched in 2017. The is the second reported incident of a PRC-linked APT targeting the NSA to repurpose cyber tools.  This raises questions about how the NSA's prized offensive tools have been discovered or stolen by nation-state threat actors. With the theft of NSA cyber tools back in the spotlight, it is realistically possible APT31’s actions will have national security implications, compelling government agencies to reconsider how zero-day exploits should be managed under the Vulnerabilities Equities Process (VEP).  

Previous Video
Silence the Noise | Digital Shadows
Silence the Noise | Digital Shadows

Threat intelligence is noisy. Tune out the noise with Digital Shadows. Visit www.digitalshadows.com to sche...

Next Post
Weekly: When Initial Access Brokers Attack
Weekly: When Initial Access Brokers Attack

ShadowTalk hosts Alec, Ivan, Charles, and Digital Shadows CISO Rick bring you the latest in threat intellig...

×

Cyber Threat Intelligence Solutions Guide

First Name
Last Name
Company
Job Title
Country
Thank you!
Error - something went wrong!