Collaborate Disseminate
Microsoft has once again released a batch of essential security updates for users of its software. What are you waiting for?
Read more in my article on the Hot for Security blog.
Continue reading Microsoft strangles critical vulnerabilities, including in-the-wild zero-day flaw. Patch now!
A well-funded spy group appears to have recently acquired a highly sophisticated zero day vulnerability and used it to deploy a remote access trojan against a Russian-speaking “entity,” according to evidence discovered by U.S. cybersecurity firm FireEye. Researchers with FireEye found the disruptive software vulnerability, which affects recent versions of Microsoft Word, in July. The trojan, known as FinSpy, is made by infamous surveillance technology firm FinFisher, a blog post by FireEye says. The Word flaw remained unpatched until Tuesday afternoon, when Microsoft issued its monthly security update. This vulnerability, labeled CVE-2017-8759, was used as recently as late August to hack into systems, FireEye analyst Ben Read told CyberScoop. Analysts originally uncovered CVE-2017-8759 while examining a highly targeted phishing email that was written in Russian. The email contained an attachment that when opened exploited a software flaw in the word processor to remotely download FinSpy from a computer server controlled by the attacker. […]
The post New Microsoft Word zero day used in Russian-language spyware campaign, analysts say appeared first on Cyberscoop.
Continue reading New Microsoft Word zero day used in Russian-language spyware campaign, analysts say
The Israeli hacking company NSO Group has been put up for sale for a price of more than $1 billion, according to multiple people familiar with the matter. The U.S.-based private equity firm Francisco Partners Management, which owns NSO Group, is looking to bring in around 10 times the $120 million it paid for a majority stake in the company in 2014. The group grew from around 50 employees when it was acquired to nearly 10 times that size, including more than 200 engineers dedicated to the hacking products that bring in the company’s rising profits. NSO, which is known for selling cutting-edge offensive hacking technology to governments around the world, traces its roots and to the Israeli military’s world-renowned signals intelligence unit known as Unit 8200. The Israeli business publication Calcalist reported that NSO Group was being shopped around last month. CyberScoop independently spoke with numerous NSO business associates who confirmed that report. NSO Group and Francisco Partners both […]
The post Israeli hacking company NSO Group is on sale for more than $1 billion appeared first on Cyberscoop.
Continue reading Israeli hacking company NSO Group is on sale for more than $1 billion
Researchers have learned that the recently patched Office zero day was used to target victims in Russia with FINSPY spyware. Continue reading Office Zero Day Delivering FINSPY Spyware to Victims in Russia
The hackers exploited the unknown vulnerability to install spyware made by the infamous surveillance company FinFisher. Continue reading Government Hackers Used Microsoft Word Zero-Day to Install Spyware on Russian Targets
Activists mull challenge to court’s ruling that remote hacking can’t be litigated in the US Continue reading Court blocks American from suing Ethiopia over alleged hacking
Digital rights activists sued Ethiopia in what they hoped could become a landmark case against government spyware. Continue reading Court Says Hacking Victim Can’t Sue a Foreign Government For Hacking Him on US Soil
These are the world’s most notorious cyber mercenaries, and the lone hacker fighting—and hacking—them. Continue reading Meet The Cyber Mercenaries Selling Spyware To Governments