DoublePulsar: The Leaked NSA Exploit Kit Spreading In The Wild

This is your #AxisOfEasy Weekly Briefing for the week of May 1, 2017, wherein Mark sends out a short briefing on the state of the ‘net and how it affects whatever your business, security and privacy. Comments always appreciated, just hit “reply” or leave a comment below.

In this issue:

  • DoublePulsar: The Leaked NSA Exploit Kit Spreading in the wild
  • Uber employs private intelligence firm to datamine your inbox
  • Browsers vulnerable to IDN phishing vulnerability 
  • Meet the AI that wrote all of David Hasselhoff’s lines in his latest film

DoublePulsar: The leaked NSA exploit kit spreading in the wild

The second ShadowBrokers leak of proprietary NSA hacking tools contains a Windows exploit kit dubbed DoublePulsar. DoublePulsar allows an attacker to remotely execute arbitrary shell code on the compromised machine. Described as the most critical Windows vulnerability since the Conflicker Worm (over 10 years ago), experts report that 3.1% of vulnerable hosts are already infected since the NSA toolkit was leaked on April 7. (Can we also just pause for a moment to digest with the reality that the government has an entire agency that not only vacuums their own citizen’s communications and data, but also employs hackers who are actively penetrating our security systems?) 


(TL,DR if you’re running a Windows SMB Server make sure you have the MS17-1010 Critical Patch applied )

Uber employs private intelligence firm to datamine your inbox

In addition to recent PR problems such as the video of their CEO getting into it with one of his own drivers and allegations of systemic sexual harassment rampant inside the company, details emerged that Uber has been employing the services of Slice Intelligence’s “” to datamine users emails (namely emailed ride receipts of them and their competitor Lyft). 

What does this mean?

Slice Intelligence is a private competitive intelligence firm dressed up as a free service called “” which users install on their email boxes to help them manage subscriptions to all those newsletters. What they probably don’t realize is that the service data mines their mailbox with an eye toward selling analytics to companies like Uber. Unroll discloses this practice in the “Collection and Use of Non-Personal Information” section of their Privacy Policy. Remember the old adage folks “If you aren’t paying for the product, you are the product”.

Maybe business guru (and easyDNS customer) Jason Jennings is correct when he forecasts that Lyft will eventually prevail over Uber owing largely to a more ethically grounded culture baked-in to the smaller rival.


(P.S In case you were wondering, neither the easyDNS Plain English Terms of Service or privacy policy grants us the right to datamine your easyMail mailboxes. Or anything else you may have here)

Browsers vulnerable to IDN phishing vulnerability 

IDN domains enable URLs and domains to exist in non-English, non-UTF-8 character sets. One “Gotcha” has emerged in that the punycode  strings of the internationalized character sets, when rendered as unicode in the browsers location bar, may be indistinguishable to the human eye from completely different English language strings.

What this means is that while you ordinarily wouldn’t enter your iCloud credentials into xn—, once your browser renders that in the location bar as “”, maybe you would!


Meet the AI that wrote all of David Hasselhoff’s lines in his latest film

Having recently been turned from an AI skeptic to an AI believer (“believer” in the sense that I now think AI will happen although I’m not sure I actually want it to happen…), I found the fact that all of David Hasselhoff’s lines in his latest short film were written by an Artificial Intelligence a sign of the times.

(It reminded me of Gregory Rawlins’s “Moths to a Flame” book, written in the mid-90’s which was extremely prescient and ahead of its time. Rawlins saw all of this coming. His book is still relevant today, perhaps even more so…)


Previous Issues

In case you missed it, here are the past issues (so far only one 😉

Leave a Reply

Your email address will not be published. Required fields are marked *