Data Sheet—Saturday, April 15, 2017

April 15, 2017, 5:59 PM UTC

On Friday the Shadow Brokers, a mysterious hacker or group of hackers, released the “Microsoft apocalypse” that wasn’t.

What originally appeared to be one of the most damaging releases in recent memory of “zero-day” exploits, or hacking tools that take advantage of previously unknown software vulnerabilities, fell from the sky with the shrieking ferocity of a MOAB bomb and landed with the soft thud of a dud. Unknown to members of the information security community all through the day, Microsoft had quietly patched the majority of the Windows flaws in a security update last month, preventing the NSA-crafted espionage tools from being abused by opportunistic attackers after their leak. The company only announced that fact late in the evening.

Prior to Microsoft’s hysteria-neutering blog post, security pros had been tearing apart the leaked cache of digital weapons, running the attack code on their test systems, and warning the world about the potential danger of anyone connected to the Internet with a Windows-based computer. That the researchers were running slightly outdated, un-patched versions of Microsoft’s software only became apparent after the company made its late-night announcement.

Given that Microsoft seemed to miraculously fix the hitherto unknown bugs just a month prior to their exposure leads any sane onlooker to the conclusion that the U.S. government must have alerted the company to these problems earlier and on the sly, preempting fallout. (A customary acknowledgement for the researcher who reported the bugs was conspicuously absent from Microsoft’s post, hmm.) If so, this coordinated disclosure represents a major policy coup. Instead of sticking its head in the sand (as critics often accuse the intelligence community of doing), the spy set appears to have worked with the tech sector, taking proactive measures to defuse the situation before it could get out of hand.

This is the right approach; kudos to all involved. To stay protected, make sure your systems—Windows 7 or later—are up to date with the latest patches, dear readers. And a Happy Easter to those who celebrate.

Robert Hackett


Welcome to the Cyber Saturday edition of Data Sheet, Fortune’s daily tech newsletter. Fortune reporter Robert Hackett here. You may reach me via Twitter, Cryptocat, Jabber (see OTR fingerprint on my, PGP encrypted email (see public key on my, Wickr, Signal, or however you (securely) prefer. Feedback welcome.


The wonderful "false wizard" of WikiLeaks. Mike Pompeo, recently appointed director of the Central Intelligence Agency, thrashed WikiLeaks during his first public remarks at the Center for Strategic and International Studies on Thursday. Although Pompeo did not confirm the authenticity of the "Vault 7" CIA leaks published by the anti-secrecy website in recent weeks, he did blast its editor, Julian Assange, saying he is "a narcissist who has created nothing of value." During the election season, Pompeo had cited WikiLeaks to buttress claims of corruption in the Democratic party. (New York Times, NPRTime)

Microsoft patches bank fraud bug. Scammers had been using a "zero-day," or previously unknown, exploit affecting Microsoft Office to install Dridex malware, associated with bank fraud, on people's computers. The attackers had sent booby-trapped Word document email attachments to millions of prospective victims. Microsoft fixed the problem in a security update on Tuesday. (Fortune, ZDNet, Ars Technica)

Tanium's inner turmoil. After a string of executive departures, the $3.5 billion-dollar IT systems management firm Tanium has appointed Fazal Merchant, former finance chief of DreamWorks, as chief financial officer and chief operations officer. Rumors have swirled for months about tumult within the company. Bloomberg spoke to more than two dozen current and former employees as well as other stakeholders who have alleged that the family business is wracked with serious leadership issues. (FortuneBloomberg)

Hey Jude, don't make it bad. The United States Food and Drug Administration sent a warning letter to Abbott Laboratories that cited flaws in its implantable cardiac defibrillators. Abbott acquired St. Jude Medical, makers of the allegedly faulty medical devices, earlier this year, despite a report surfacing that its tech had cybersecurity problems. The research firm MedSec discovered vulnerabilities in the products last year and partnered with the short-selling hedge fund Muddy Waters to expose them; Abbott is suing Muddy Waters for the gambit. (Reuters, The HillFDA)

Botnet faces Justice. The U.S. Justice Department said on Monday it would bring down the Kelihos botnet, one of the longest running networks of compromised computers used to distribute malware and steal people's passwords. The FBI teamed up with security researchers to "sinkhole," or incapacitate, the operation, which was allegedly run by the Russian national Peter Yuryevich Levashov. Believed to be the notorious spammer Peter Severa, Levashov was arrested in Spain last week. (Reuters, Wired, ForbesJustice Department)

Word to the wise: Be careful where you stick that floppy disk.

Share today's Data Sheet with a friend:

Looking for previous Data Sheets? Click here.


Fortune's Scott Cendrowski takes a look at how China's digital star chambers are affecting WeChat, the Chinese social network developed by Tencent, which is now the world's tenth most valuable publicly traded company. On its platform, speech is not free.

When it comes to censoring topics the government wants, Tencent's cooperation has gone to impressive new lengths, according to a new report released yesterday by The Citizen Lab at the University of Toronto. The report details the ways Tencent censors keywords without users ever knowing; deletes images appearing on WeChat news feeds, which was previously undiscovered; and doesn't subject overseas users to the same onerous censorship as Chinese users. With 889 million monthly average users and a Facebook-like closed infrastructure that creates a sense of privacy, Tencent's WeChat is becoming the more important platform for China's one-party government to monitor and shape. Read more on


Apple Malware Appears to Be Skyrocketingby Jonathan Vanian

Uber Had a Secret 'Hell' Program to Track Lyft Drivers, by Madeleine Farber

How to Stop Employees From Stealing Your Documents, by Jeff John Roberts

Trump Says He Offered Trade Concessions to China in Exchange for Help on North Korea, by Ryan Kilpatrick

Microsoft, HPE, and Singtel Invest $21 Million in Hackers for Hire, by Robert Hackett

Yes, Some Businesses Still Run Microsoft's Much-Maligned Windows Vista, by Barb Darrow



On the origins of DDoS. In 1998, an art group called Electronic Disturbance Theater staged "virtual sit-ins," inviting people to overload three target websites with a tool that constantly refreshed webpages related to Mexican president Ernesto Zedillo, the Frankfurt Stock Exchange, and the U.S. Department of Defense. This was the first popular Distributed Denial of Service attack, though it was preceded by a similar, if less effective, "net strike" by Strano Network, an Italian hacker group, that targeted French government sites in 1995. (Verge)

Read More

Artificial IntelligenceCryptocurrencyMetaverseCybersecurityTech Forward