What the recently leaked Shadow Brokers information means for you
WHITE PAPER |
In mid-April 2017, a hacking group named the Shadow Brokers (SB) released a significant amount of data and exploitation tools onto the internet. While the information security community is still analyzing the data, the leaked information includes exploitation frameworks, working exploits, backdoors and post-exploitation payloads that could threaten a wide range of systems and applications that many companies use every day.
SB allegedly obtained this data from another high-profile hacking collective, known as the Equation Group. Significant speculation surrounds the identity of the two groups, with indicators pointing to Russian intelligence backing for the SB and National Security Agency (NSA) involvement with the Equation Group.
Some of the platforms that are affected by these exploits include multiple versions of Microsoft Windows (from XP to 2012), Microsoft Exchange, Microsoft IIS, Linux, Sun Solaris, Lotus Mail, Lotus Domino and Oracle databases, among others. The most affected systems are Microsoft Windows systems; fortunately, Microsoft released a critical patch that addresses most of the vulnerabilities. However, the patch is still very new, and many companies have yet to implement it.
Many other non-Windows platforms may also be affected by the released exploits that are currently being analyzed by the global information security community. As those exploits become more understood, vendors will release patches and updates to mitigate threats. However, until then, those systems will remain vulnerable.
Read our white paper to understand what threats the SB leak presents, which of your systems may be vulnerable and how to remediate your risks.