Collaborate Disseminate
A global mobile espionage campaign collecting a trove of sensitive personal information from victims since at least 2012 has accidentally revealed itself—thanks to an exposed server on the open internet.
It’s one of the first known examples of a succe… Continue reading Researchers Uncover Government-Sponsored Mobile Hacking Group Operating Since 2012
Security researchers uncover several years-long espionage and hacking campaigns, pinpointing them to a specific building in Beirut, Lebanon. Continue reading Lebanese Government Hackers Hit Thousands of Victims With Incredibly Simple Campaign
The man who was once in charge of overseeing Tor will soon turn to law enforcement in order to explain how to de-anonymize the service’s users. Andrew Lewman, once revered as a giant in the world of hacking and privacy activism, is slated to headline the ISS World conference in Malaysia, a controversial surveillance tech and government trade show that features hacking heavyweights like Italy’s Hacking Team, Germany’s FinFisher and Israel’s NSO Group. Lewman will be attending as vice president of dark web intelligence firm DarkOWL (previously OWL Cybersecurity). Although it’s one of the most contentious conferences in tech, Lewman says ISS World isn’t nearly as bad as it’s made out to be by critics. “I don’t think ISS World is controversial at all,” he said. “I think it’s a training exercise. If you’re working with law enforcement, that’s where they go to learn about the cool new technology.” “It’s like RSA for law enforcement,” he […]
The post Tor’s ex-director thinks ISS World gets a bad rap appeared first on Cyberscoop.
Continue reading Tor’s ex-director thinks ISS World gets a bad rap
By Waqas
A serious flaw has been identified in Adobe Flash Player,
This is a post from HackRead.com Read the original post: Flaw in Adobe Flash Player Used to Install FinFisher Spyware
Continue reading Flaw in Adobe Flash Player Used to Install FinFisher Spyware
Adobe Systems released an emergency patch for a critical vulnerability in Flash Player that was being exploited in the wild through Microsoft Word documents to infect computers with a known surveillance tool. The vulnerability, tracked as CVE-2017-1129… Continue reading Adobe Fixes Critical Flash Player Vulnerability Exploited in the Wild
A well-funded, highly active group of Middle Eastern hackers was caught, yet again, using a lucrative zero-day exploit in the wild to break into computers and infect them with powerful spyware developed by an infamous cyberweapons dealer named Gamma Group. The incident, as described by security researchers with Moscow-based cybersecurity firm Kaspersky Lab, shines a rare light on the opaque although apparently vibrant market for software exploits and spyware, which in this case appears to have been purchased by a nation-state. The Middle Eastern hacker group in this case is codenamed “BlackOasis.” Kaspersky found the group was exploiting a Adobe Flash Player zero-day vulnerability (CVE-2016-4117) to remotely deliver the latest version of “FinSpy” malware, according to a new blog post published Monday. Adobe issued a fix Monday to its users in the form of a software update. FinSpy, a final-stage payload that allows for an attacker to covertly learn what a target is talking […]
The post Middle Eastern hacking group is using FinFisher malware to conduct international espionage appeared first on Cyberscoop.
Adobe today released an out-of-band Flash Player update addressing a zero-day vulnerability being exploited by a little-known Middle Eastern APT group called Black Oasis. Continue reading Adobe Patches Flash Zero Day Exploited by Black Oasis APT
A spying tool known as FinFisher is involved in a seven-country campaign that most likely involve “complicit” internet providers helping to infect targets of surveillance, according to researchers with the cybersecurity firm ESET. “In two of the campaigns, the spyware has been spread via a man-in-the-middle attack and we believe that major internet providers have played the role of the man in the middle,” Filip Kafka, the ESET Malware Analyst who conducted the research, explained. This falls directly in line with FinFisher’s own marketing material which boasts it collaborates with internet service providers to distribute malicious files. ESET declined to name the countries or internet providers involved in the unprecedented scheme. The reason is “so as not to put anyone in danger,” the company said. Downloading a popular targeted application led users to be redirected to a malicious server hosting spyware enabling keylogging, file exfiltration and real-time surveillance. “The most important innovation is the way […]
The post ISPs ‘likely’ helped infect targets of state surveillance appeared first on Cyberscoop.
Continue reading ISPs ‘likely’ helped infect targets of state surveillance
Are you sure the version of WhatsApp, or Skype, or VLC Player installed on your device is legitimate?
Security researchers have discovered that legitimate downloads of several popular applications including WhatsApp, Skype, VLC Player and WinRAR have … Continue reading ISPs May Be Helping Hackers to Infect you with FinFisher Spyware
This week saw a veritable patchwork quilt of updates to Microsoft products – including one zero-day Continue reading Microsoft patches second FinSpy zero-day exploit this year