think u get the wrong email On Aug 26, 2016 8:57 AM, "Jacques Le Roux" <[email protected]> wrote:
> Thanks Daniel! > > Jacques > > > Le 26/08/2016 à 12:09, Daniel Gruno a écrit : > >> Hi Marco, >> >> I would suggest you check out >> https://musalbas.com/2016/08/16/equation-group-firewall-oper >> ations-catalogue.html >> for a review of the exploits supposedly found. There doesn't seem to be >> any ASF-related software mentioned, although it's of course always a >> possibility ;) >> >> With regards, >> Daniel. >> >> On 08/26/2016 12:00 PM, Marco Esser wrote: >> >>> Hi Mark, >>> >>> >>> Thank you for your quick response ! >>> I doesn't mean the leak by Edward Snowden. A group called Shadow Brokers >>> hacked a least one NSA server. Edward Snowden thinks that it must be a NSA >>> malware staging server. >>> >>> As far as I understand they spread some information and tools for free >>> and want to have a lot of money to give away the rest. See these links as a >>> start point to this story: >>> >>> http://www.wired.co.uk/article/nsa-hacking-tools-stolen-hackers >>> >>> <http://www.wired.co.uk/article/nsa-hacking-tools-stolen-hackers>< >>> https://theintercept.com/2016/08/19/the-nsa-was- >>> hacked-snowden-documents-confirm/>https://theintercept. >>> com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/ >>> >>> [https://prod01-cdn06.cdn.firstlook.org/wp-uploads/sites/1/ >>> 2016/08/NSA-drive-feature-hero.jpg]<https://theintercept >>> .com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/> >>> >>> The NSA Leak Is Real, Snowden Documents Confirm<https://theintercept.c >>> om/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/> >>> theintercept.com >>> A never-before-published NSA manual makes it clear that malware released >>> by a hacker group this week came from the spy agency. >>> >>> >>> [https://prod01-cdn06.cdn.firstlook.org/wp-uploads/sites/1/ >>> 2016/08/NSA-drive-feature-hero.jpg]<https://theintercept >>> .com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/> >>> >>> The NSA Leak Is Real, Snowden Documents Confirm<https://theintercept.c >>> om/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/> >>> theintercept.com >>> A never-before-published NSA manual makes it clear that malware released >>> by a hacker group this week came from the spy agency. >>> >>> >>> >>> [http://wi-images.condecdn.net/image/PJPdyP8z5km/crop/1020]< >>> http://www.wired.co.uk/article/nsa-hacking-tools-stolen-hackers> >>> >>> Hacking the hackers: everything you need to know about Shadow Brokers' >>> attack on the NSA<http://www.wired.co.uk/art >>> icle/nsa-hacking-tools-stolen-hackers> >>> www.wired.co.uk >>> A mystery group claims to be selling malware and tools used by America's >>> National Security Agency >>> >>> >>> >>> >>> >>> ________________________________ >>> Von: Mark Thomas <[email protected]> >>> Gesendet: Freitag, 26. August 2016 11:43 >>> An: [email protected] >>> Betreff: Re: Are Apache projects affected by the informations leaked by >>> the NSA hack ? >>> >>> On 26/08/2016 10:13, Marco Esser wrote: >>> >>>> Hello All, >>>> >>>> i hope I´m posting my question to the right mailing list. I searched a >>>> long time for as better place but din´t find one. >>>> >>>> >>>> Does somebody analyze the available information from the NSA Hack >>>> regarding influence on software developed in the apache projects ? >>>> >>> I assume you mean the leaks by Edward Snowden. I don't recall seeing >>> anything in the news regarding the NSA being hacked. >>> >>> I'm involved in the Apache security team and the Apache Tomcat project. >>> I'm not aware of any analysis of the Snowden leak w.r.t. vulnerabilities >>> in / back-doors in / influence on Apache software. >>> >>> My special interest is to get knowledge about NSA hack tools or the try >>>> to implement backdoors, etc in the following software used by my customers: >>>> >>>> Apache HTTP >>>> Tomcat applicationserver >>>> popular modules for both servers >>>> >>> I've only investigated the Tomcat vulnerabilities in any depth. None of >>> the issues I have seen in my long involvement in the Apache Tomcat >>> project has been suggestive of a deliberate back door being placed in >>> the code. >>> >>> Mark >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: [email protected] >>> For additional commands, e-mail: [email protected] >>> >>> >>> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> >> >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
