Collaborate Disseminate
Never-before-seen Android spyware tools have been used in a widespread APT campaign to spy on the Uyghur ethnic minority group – since 2013. Continue reading New Android Spyware Tools Emerge in Widespread Surveillance Campaign
The saga of DoubleAgent is, among other things, a good reminder that ordinary users shouldn’t have admin privileges Continue reading DoubleAgent ‘vulnerability’ – just how bad is it?
The Cybellum team published a new 0-day technique for injecting code and maintaining persistency on a target computer, baptized DoubleAgent. This technique uses a feature that all Windows versions since XP provide, that allows for an Application Verifier Provider DLL to be installed for any executable. The verifier-provider DLL is just a DLL that is loaded into the process and is supposedly responsible for performing run-time verifications for the application. However, its internal behaviour can be whatever an attacker wants, since he can provide the DLL himself.
Microsoft describes it as:
Application Verifier is a runtime verification tool for unmanaged
Continue reading From XP to 10, DoubleAgent pwns all your Windows?