Schneier on Security

JANUARY 4, 2024

Kaspersky researchers are detailing “an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow-based security firm Kaspersky.” ” It’s a zero-click exploit that makes use of four iPhone zero-days. This was mitigated as CVE-2023-38606.

Spyware 328

Spyware Authentication 328

SecureList

DECEMBER 27, 2023

Today, on December 27, 2023, we ( Boris Larin , Leonid Bezvershenko , and Georgy Kucherin ) delivered a presentation, titled, “Operation Triangulation: What You Get When Attack iPhones of Researchers”, at the 37th Chaos Communication Congress (37C3), held at Congress Center Hamburg.

Firmware 145

Firmware Engineering Spyware Retail 145

SecureList

AUGUST 30, 2023

Mobile statistics Targeted attacks Gopuram backdoor deployed through 3CX supply-chain attack Earlier this year, a Trojanized version of the 3CXDesktopApp, a popular VoIP program, was used in a high-supply-chain attack. Gopuram was additionally observed to launch in-memory modules.

Malware 73

Malware Spyware Cryptocurrency Government 73

Security Affairs

DECEMBER 28, 2023

Experts discovered that Operation Triangulation targeting Apple iOS devices leveraged an undocumented hardware feature. Researchers from the Russian cybersecurity firm Kaspersky discovered that threat actors behind the Operation Triangulation exploited an undocumented hardware feature to target Apple iOS devices.

Spyware 125

Spyware Firmware Mobile Malware 125