malware – Page 9 – SSL and internet security news

New Research into Russian Malware

October 2, 2019 infossl

cyberespionage, malware, operationalsecurity, russia, Security technology

There’s some interesting new research about Russian APT malware: The Russian government has fostered competition among the three agencies, which operate independently from one another, and compete for funds. This, in turn, has resulted in each group developing and hoarding its tools, rather than sharing toolkits with their counterparts, a common sight among Chinese and … Read More “New Research into Russian Malware” »

Massive iPhone Hack Targets Uyghurs

September 3, 2019 infossl

android, apple, hacking, iphone, malware, Security technology, smartphones, windows, zeroday

China is being blamed for a massive surveillance operation that targeted Uyghur Muslims. This story broke in waves, the first wave being about the iPhone. Earlier this year, Google’s Project Zero found a series of websites that have been using zero-day vulnerabilities to indiscriminately install malware on iPhones that would visit the site. (The vulnerabilities … Read More “Massive iPhone Hack Targets Uyghurs” »

Attacking the Intel Secure Enclave

August 30, 2019 infossl

academicpapers, computersecurity, intel, malware, Security technology

Interesting paper by Michael Schwarz, Samuel Weiser, Daniel Gruss. The upshot is that both Intel and AMD have assumed that trusted enclaves will run only trustworthy code. Of course, that’s not true. And there are no security mechanisms that can deal with malicious enclaves, because the designers couldn’t imagine that they would be necessary. The … Read More “Attacking the Intel Secure Enclave” »

AT&T Employees Took Bribes to Unlock Smartphones

August 8, 2019 infossl

att, bribes, cellphones, courts, hacking, malware, Security technology, smartphones

This wasn’t a small operation: A Pakistani man bribed AT&T call-center employees to install malware and unauthorized hardware as part of a scheme to fraudulently unlock cell phones, according to the US Department of Justice. Muhammad Fahd, 34, was extradited from Hong Kong to the US on Friday and is being detained pending trial. An … Read More “AT&T Employees Took Bribes to Unlock Smartphones” »

Details of the Cloud Hopper Attacks

July 10, 2019 infossl

advancedpersistentthreats, china, fraud, hacking, ibm, intelligence, malware, Security technology, theft

Reuters has a long article on the Chinese government APT attack called Cloud Hopper. It was much bigger than originally reported. The hacking campaign, known as “Cloud Hopper,” was the subject of a U.S. indictment in December that accused two Chinese nationals of identity theft and fraud. Prosecutors described an elaborate operation that victimized multiple … Read More “Details of the Cloud Hopper Attacks” »

Florida City Pays Ransomware

June 25, 2019 infossl

hacking, malware, ransomware, Security technology

Learning from the huge expenses Atlanta and Baltimore incurred by refusing to pay ransomware, the Florida City of Riveria Beach decided to pay up. The ransom amount of almost $600,000 is a lot, but much cheaper than the alternative. Powered by WPeMatico

Backdoor Built into Android Firmware

June 21, 2019 infossl

android, backdoors, crime, firmware, google, malware, phones, Security technology, supplychain

In 2017, some Android phones came with a backdoor pre-installed: Criminals in 2017 managed to get an advanced backdoor preinstalled on Android devices before they left the factories of manufacturers, Google researchers confirmed on Thursday. Triada first came to light in 2016 in articles published by Kaspersky here and here, the first of which said … Read More “Backdoor Built into Android Firmware” »

The Human Cost of Cyberattacks

June 1, 2019 infossl

cyberattack, infrastructure, malware, reports, Security technology

The International Committee of the Red Cross has just published a report: “The Potential Human Cost of Cyber-Operations.” It’s the result of an “ICRC Expert Meeting” from last year, but was published this week. Here’s a shorter blog post if you don’t want to read the whole thing. And commentary by one of the authors. … Read More “The Human Cost of Cyberattacks” »

More Attacks against Computer Automatic Update Systems

May 16, 2019 infossl

games, insiders, malware, Security technology, southkorea, supplychain

Last month, Kaspersky discovered that Asus’s live update system was infected with malware, an operation it called Operation Shadowhammer. Now we learn that six other companies were targeted in the same operation. As we mentioned before, ASUS was not the only company used by the attackers. Studying this case, our experts found other samples that … Read More “More Attacks against Computer Automatic Update Systems” »

Malicious MS Office Macro Creator

May 8, 2019 infossl

malware, microsoft, mitigation, Security technology

Evil Clippy is a tool for creating malicious Microsoft Office macros: At BlackHat Asia we released Evil Clippy, a tool which assists red teamers and security testers in creating malicious MS Office documents. Amongst others, Evil Clippy can hide VBA macros, stomp VBA code (via p-code) and confuse popular macro analysis tools. It runs on … Read More “Malicious MS Office Macro Creator” »