Firmware, Spyware and Surveillance - Cyber Security Informer

June 2023 Security Update for Android fixed Arm Mali GPU bug used by spyware?

Security Affairs

JUNE 7, 2023

June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The flaw made headlines because it was exploited by surveillance firms for their spyware. This vulnerability grants the attacker system access.

Spyware

Spyware Surveillance Firmware Hacking

Google TAG shares details about exploit chains used to install commercial spyware

Security Affairs

MARCH 29, 2023

Google’s Threat Analysis Group (TAG) discovered several exploit chains targeting Android, iOS, and Chrome to install commercial spyware. The exploit chains were used to install commercial spyware and malicious apps on targets’ devices. The experts pointed out that both campaigns were limited and highly targeted.

Spyware

Spyware Surveillance Firmware Internet

Experts observed for the first time FinFisher infections involving usage of a UEFI bootkit

Security Affairs

SEPTEMBER 28, 2021

Experts spotted a new variant of the FinFisher surveillance spyware that is able to hijack and replace the Windows UEFI bootloader to infect Windows machines. Kaspersky experts shared the results of an 8-months investigation into FinSpy spyware at the Security Analyst Summit (SAS) 2021.

Spyware

Spyware Surveillance Firmware Malware

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. In 2015, the hacker who breached the systems of the Italian surveillance firm Hacking Team leaked a 400GB package containing hacking tools and exploits codes.

Firmware

Firmware Spyware Surveillance Hacking

Zero-Click Attacks a Growing Threat

eSecurity Planet

FEBRUARY 22, 2022

NSO Group’s Pegasus software has been routinely in the headlines in recent years for using zero-click attacks to install its spyware. Spyware and Zero-Days: A Troubling Market. It can even access the chip’s firmware to gain root access on the device, a significant privilege escalation.

Spyware

Spyware Software Government Social Engineering

Top 10 Malware Strains of 2021

SecureWorld News

AUGUST 8, 2022

Cybercriminals often use malware to gain access to a computer or mobile device to deploy viruses, worms, Trojans, ransomware, spyware, and rootkits. Remcos, short for Remote Control and Surveillance, was leveraged by malicious cyber actors conducting mass phishing campaigns during the COVID-19 pandemic to steal personal data and credentials.

Malware

Malware Banking Penetration Testing Healthcare

MoonBounce UEFI implant spotted in a targeted APT41 attack

Security Affairs

JANUARY 21, 2022

At the end of 2021, researchers discovered a UEFI firmware-level compromise by analyzing logs from its Firmware Scanner. Threat actors compromised a single component within the firmware image to intercept the original execution flow of the machine’s boot sequence and inject the sophisticated implant. Pierluigi Paganini.

Firmware

Firmware Malware Spyware Surveillance

APT annual review 2021

SecureList

NOVEMBER 30, 2021

Based on forensic analysis of numerous mobile devices, Amnesty International’s Security Lab found that the software was repeatedly used in an abusive manner for surveillance. Firmware vulnerabilities. FinSpy is an infamous, commercial surveillance toolset that is used for “legal surveillance” purposes.

Malware

Malware Mobile Spyware Surveillance

What is Malware? Definition, Purpose & Common Protections

eSecurity Planet

OCTOBER 21, 2022

From ransomware attacks locking businesses out of their data until they pay potentially millions of dollars to spyware tracking users’ every move through their infected device, the effects of malware can be devastating. Firmware rootkits are also known as “hardware rootkits.”. Need More Intel on Rootkits?

Malware

Malware Adware Spyware Antivirus

APT trends report Q3 2021

SecureList

OCTOBER 26, 2021

On June 3, Check Point published a report about an ongoing surveillance operation targeting a Southeast Asian government, and attributed the malicious activities to a Chinese-speaking threat actor named SharpPanda. Historically, its Windows implant was represented by a single-stage spyware installer.

Malware

Malware Government Surveillance Spyware

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

The cyber-offense ecosystem still appears to be shaken by the sudden demise of NSO Group; at the same time, these activities indicate to us that we’ve only seen the tip of the iceberg when it comes to commercial-grade mobile surveillance tooling. The first one, in January, was MoonBounce ; the other was CosmicStrand in July 2022.

Firmware

Firmware Surveillance Mobile Telecommunications

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

In May, Ars Technica reported that BootGuard private keys had been stolen following a ransomware attack on Micro-Star International (MSI) in March this year (firmware on PCs with Intel chips and BootGuard enabled will only run if it is digitally signed using the appropriate keys).

Hacking

Hacking Energy and Utilities Media Malware

Cyber Security Informer

June 2023 Security Update for Android fixed Arm Mali GPU bug used by spyware?

Google TAG shares details about exploit chains used to install commercial spyware

Trending Sources

Experts observed for the first time FinFisher infections involving usage of a UEFI bootkit

Second-ever UEFI rootkit used in North Korea-themed attacks

Zero-Click Attacks a Growing Threat

Top 10 Malware Strains of 2021

MoonBounce UEFI implant spotted in a targeted APT41 attack

APT annual review 2021

What is Malware? Definition, Purpose & Common Protections

APT trends report Q3 2021

Advanced threat predictions for 2023

Advanced threat predictions for 2024

Stay Connected