malware – SSL and internet security news

Operation Triangulation: Zero-Click iPhone Malware

June 9, 2023 infossl

exploits, forensics, ios, iphone, malware, Security technology, Uncategorized

Kaspersky is reporting a zero-click iOS exploit in the wild: Mobile device backups contain a partial copy of the filesystem, including some of the user data and service databases. The timestamps of the files, folders and the database records allow to roughly reconstruct the events happening to the device. The mvt-ios utility produces a sorted … Read More “Operation Triangulation: Zero-Click iPhone Malware” »

FBI Disables Russian Malware

May 10, 2023 infossl

cyberespionage, espionage, fbi, hacking, malware, russia, Security technology, Uncategorized

Reuters is reporting that the FBI “had identified and disabled malware wielded by Russia’s FSB security service against an undisclosed number of American computers, a move they hoped would deal a death blow to one of Russia’s leading cyber spying programs.” The headline says that the FBI “sabotaged” the malware, which seems to be wrong. … Read More “FBI Disables Russian Malware” »

PIPEDREAM Malware against Industrial Control Systems

May 9, 2023 infossl

advanced persistent threats, cybersecurity, infrastructure, malware, russia, Security technology, Uncategorized

Another nation-state malware, Russian in origin: In the early stages of the war in Ukraine in 2022, PIPEDREAM, a known malware was quietly on the brink of wiping out a handful of critical U.S. electric and liquid natural gas sites. PIPEDREAM is an attack toolkit with unmatched and unprecedented capabilities developed for use against industrial … Read More “PIPEDREAM Malware against Industrial Control Systems” »

FBI Advising People to Avoid Public Charging Stations

April 12, 2023 infossl

cell phones, fbi, malware, Security technology, smartphones, Uncategorized, usb

The FBI is warning people against using public phone-charging stations, worrying that the combination power-data port can be used to inject malware onto the devices: Avoid using free charging stations in airports, hotels, or shopping centers. Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices … Read More “FBI Advising People to Avoid Public Charging Stations” »

Car Thieves Hacking the CAN Bus

April 11, 2023 infossl

cars, hacking, malware, Security technology, theft, Uncategorized

Car thieves are injecting malicious software into a car’s network through wires in the headlights (or taillights) that fool the car into believing that the electronic key is nearby. News articles. Powered by WPeMatico

North Korea Hacking Cryptocurrency Sites with 3CX Exploit

April 4, 2023 infossl

cryptocurrency, cybersecurity, hacking, malware, North Korea, Security technology, supply chain, Uncategorized, vulnerabilities

News: Researchers at Russian cybersecurity firm Kaspersky today revealed that they identified a small number of cryptocurrency-focused firms as at least some of the victims of the 3CX software supply-chain attack that’s unfolded over the past week. Kaspersky declined to name any of those victim companies, but it notes that they’re based in “western Asia.” … Read More “North Korea Hacking Cryptocurrency Sites with 3CX Exploit” »

US Citizen Hacked by Spyware

March 21, 2023 infossl

cyberespionage, Greece, malware, Meta, Security technology, spyware, Uncategorized

The New York Times is reporting that a US citizen’s phone was hacked by the Predator spyware. A U.S. and Greek national who worked on Meta’s security and trust team while based in Greece was placed under a yearlong wiretap by the Greek national intelligence service and hacked with a powerful cyberespionage tool, according to … Read More “US Citizen Hacked by Spyware” »

Malware Delivered through Google Search

February 7, 2023 infossl

cybercrime, google, malware, Security technology, Uncategorized

Criminals using Google search ads to deliver malware isn’t new, but Ars Technica declared that the problem has become much worse recently. The surge is coming from numerous malware families, including AuroraStealer, IcedID, Meta Stealer, RedLine Stealer, Vidar, Formbook, and XLoader. In the past, these families typically relied on phishing and malicious spam that attached … Read More “Malware Delivered through Google Search” »

ChatGPT-Written Malware

January 10, 2023 infossl

ChatGPT, cybercrime, encryption, malware, Security technology, Uncategorized

I don’t know how much of a thing this will end up being, but we are seeing ChatGPT-written malware in the wild. …within a few weeks of ChatGPT going live, participants in cybercrime forums—some with little or no coding experience—were using it to write software and emails that could be used for espionage, ransomware, malicious … Read More “ChatGPT-Written Malware” »

Trojaned Windows Installer Targets Ukraine

December 20, 2022 infossl

backdoors, malware, russia, Security technology, supply chain, torrents, ukraine, Uncategorized

Mandiant is reporting on a trojaned Windows installer that targets Ukrainian users. The installer was left on various torrent sites, presumably ensnaring people downloading pirated copies of the operating system: Mandiant uncovered a socially engineered supply chain operation focused on Ukrainian government entities that leveraged trojanized ISO files masquerading as legitimate Windows 10 Operating System … Read More “Trojaned Windows Installer Targets Ukraine” »