Category: malware

Auto Added by WPeMatico

Remotely Controlling Touchscreens

Posted on By infossl
academic papers, malware, Security technology, side-channel attacks, Uncategorized

Researchers have demonstrated controlling touchscreens at a distance, at least in a laboratory setting: The core idea is to take advantage of the electromagnetic signals to execute basic touch events such as taps and swipes into targeted locations of the touchscreen with the goal of taking over remote control and manipulating the underlying device. The … Read More “Remotely Controlling Touchscreens” »

Malware-Infested Smart Card Reader

Posted on By infossl
malware, Security technology, smart cards, Uncategorized

Brian Krebs has an interesting story of a smart ID card reader with a malware-infested Windows driver, and US government employees who inadvertently buy and use them. But by all accounts, the potential attack surface here is enormous, as many federal employees clearly will purchase these readers from a myriad of online vendors when the … Read More “Malware-Infested Smart Card Reader” »

iPhone Malware that Operates Even When the Phone Is Turned Off

Posted on By infossl
bluetooth, iphone, malware, Security technology, Uncategorized

Researchers have demonstrated iPhone malware that works even when the phone is fully shut down. t turns out that the iPhone’s Bluetooth chip­ — which is key to making features like Find My work­ — has no mechanism for digitally signing or even encrypting the firmware it runs. Academics at Germany’s Technical University of Darmstadt … Read More “iPhone Malware that Operates Even When the Phone Is Turned Off” »

New Sophisticated Malware

Posted on By infossl
backdoors, botnets, malware, Security technology, threat models, Uncategorized

Mandiant is reporting on a new botnet. The group, which security firm Mandiant is calling UNC3524, has spent the past 18 months burrowing into victims’ networks with unusual stealth. In cases where the group is ejected, it wastes no time reinfecting the victim environment and picking up where things left off. There are many keys … Read More “New Sophisticated Malware” »

Zero-Day Vulnerabilities Are on the Rise

Posted on By infossl
hacking, malware, ransomware, Security technology, Uncategorized, vulnerabilities, zero-day

Both Google and Mandiant are reporting a significant increase in the number of zero-day vulnerabilities reported in 2021. Google: 2021 included the detection and disclosure of 58 in-the-wild 0-days, the most ever recorded since Project Zero began tracking in mid-2014. That’s more than double the previous maximum of 28 detected in 2015 and especially stark … Read More “Zero-Day Vulnerabilities Are on the Rise” »

Russian Cyberattack against Ukrainian Power Grid Prevented

Posted on By infossl
cyberattack, cyberwar, cyberweapons, malware, russia, Security technology, ukraine, Uncategorized

A Russian cyberweapon, similar to the one used in 2016, was detected and removed before it could be used. Key points: ESET researchers collaborated with CERT-UA to analyze the attack against the Ukrainian energy company The destructive actions were scheduled for 2022-04-08 but artifacts suggest that the attack had been planned for at least two … Read More “Russian Cyberattack against Ukrainian Power Grid Prevented” »

US Disrupts Russian Botnet

Posted on By infossl
botnets, fbi, malware, national security policy, russia, Security technology, Uncategorized

The Justice Department announced the disruption of a Russian GRU-controlled botnet: The Justice Department today announced a court-authorized operation, conducted in March 2022, to disrupt a two-tiered global botnet of thousands of infected network hardware devices under the control of a threat actor known to security researchers as Sandworm, which the U.S. government has previously … Read More “US Disrupts Russian Botnet” »

Developer Sabotages Open-Source Software Package

Posted on By infossl
malware, open source, russia, Security technology, Uncategorized

This is a big deal: A developer has been caught adding malicious code to a popular open-source package that wiped files on computers located in Russia and Belarus as part of a protest that has enraged many users and raised concerns about the safety of free and open source software. The application, node-ipc, adds remote … Read More “Developer Sabotages Open-Source Software Package” »

Linux-Targeted Malware Increased by 35%

Posted on By infossl
linux, malware, Security technology, Uncategorized

Crowdstrike is reporting that malware targeting Linux has increased considerably in 2021: Malware targeting Linux systems increased by 35% in 2021 compared to 2020. XorDDoS, Mirai and Mozi malware families accounted for over 22% of Linux-targeted threats observed by CrowdStrike in 2021. Ten times more Mozi malware samples were observed in 2021 compared to 2020. … Read More “Linux-Targeted Malware Increased by 35%” »

Faking an iPhone Reboot

Posted on By infossl
apple, ios, iphone, malware, Security technology, Uncategorized

Researchers have figured how how to intercept and fake an iPhone reboot: We’ll dissect the iOS system and show how it’s possible to alter a shutdown event, tricking a user that got infected into thinking that the phone has been powered off, but in fact, it’s still running. The “NoReboot” approach simulates a real shutdown. … Read More “Faking an iPhone Reboot” »