"🔍 Kaspersky Unveils Scripts for Detecting Pegasus Spyware on iPhones 📱"
Kaspersky has developed scripts to detect Pegasus, Reign, and Predator spyware on iPhones. These scripts, written in Python (100% Python according to GitHub), analyze the Shutdown.log file in the iPhone's sysdiagnose archive for forensic artifacts indicative of these spywares. Infections leave traces in Shutdown.log, especially in the path "/private/var/db/". These scripts, available for macOS, Windows, and Linux, simplify spyware detection by extracting, analyzing, and parsing Shutdown.log. Open-source and under an MIT license, you can find them on GitHub.
Someone tried to hack Kaspersky via a complex iPhone attack (“Operation Triangulation”); Jake Appelbaum got (reluctantly) kicked out of CCC; NASA launched a cybersecurity guide for the space industry; India’s Prime Minister Narendra Modi tried to strongarm and retaliate against Apple over hacking warnings, plus early Pandemic Roundup items.
Kaspersky has released details regarding the Apple iMessage attack. Apparently it involved four, yes four 0-day exploits in the 0-click exploit chain. I often say if you have to jump up and down, rub your belly, and tap your head for the exploit to work, it’s low risk as most exploits are opportunistic. This definitely looks like an exception.
Hello everyone, I am researching about Operation #Triangulation and I heard that there are victims outside of #Kaspersky. I would really love to know more and ideally hear from them. Could you help me spread the word? People can contact me via Signal, Threema or Matrix (-> bio). I promise of course confidentiality. I don't mention their names, if they don't want me to etc. Right now for me it is about getting an idea of the target and scope of the attack.
Thanks for your support! #cybersecurity
Il malware in Google Play supera i 600 milioni di download nel 2023
Un’analisi di #Kaspersky su alcuni casi recenti di malware per Android che è riuscito a infiltrarsi nel più ufficiale degli app store ufficiali: Google Play.
Malware: Mehr als 600 Millionen Downloads 2023 in Google Play
Kaspersky hat in diesem Jahr bereits mehr als 600 Millionen Malware-Downloads aus dem Google-Play-Store gezählt. Der bleibt aber sicherste Paketquelle.
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #44/2023 is out! It includes the following and much more:
➝ 🔓 #Okta hit by another #breach, this one stealing employee data from 3rd-party vendor
➝ 🔓 💸 #LastPass breach linked to theft of $4.4 million in crypto
➝ 🇮🇳 #India's Biggest Data Leak So Far? Covid-19 Test Info of 81.5Cr Citizens With ICMR Up for Sale
➝ 🔓 ✈️ #Lockbit ransomware group claims to have hacked #Boeing
➝ 🇳🇱 ⚖️ Dutch hacker jailed for extortion, selling stolen data on RaidForums
➝ 🇷🇺 🇺🇸 Russian Reshipping Service ‘SWAT USA Drop’ Exposed
➝ 🇮🇷 🦠 Iranian Cyber Spies Use ‘#LionTail’ Malware in Latest Attacks
➝ 📉 Security researchers observed ‘deliberate’ takedown of notorious #Mozi#botnet
➝ 🇮🇳 📱 Apple warns Indian opposition leaders of state-sponsored #iPhone attacks
➝ 🌍 Four dozen countries declare they won’t pay #ransomware ransoms
➝ 🇷🇺 How #Kopeechka, an Automated Social Media Accounts Creation Service, Can Facilitate #Cybercrime
➝ 🇪🇺 EU digital ID reforms should be ‘actively resisted’, say experts
➝ 🇷🇺 🇺🇦 #FSB arrests Russian hackers working for Ukrainian cyber forces
➝ 🇺🇸 FTC orders non-bank financial firms to report breaches in 30 days
➝ 🇨🇦 📱 #Canada Bans #WeChat and #Kaspersky Apps On Government Devices
➝ 🇺🇸 #SEC Charges #SolarWinds and Its #CISO With Fraud and Cybersecurity Failures
➝ 🇺🇸 🤖 #Biden Wants to Move Fast on AI Safeguards and Will Sign an Executive Order to Address His Concerns
➝ 🦠 📱 #Avast confirms it tagged Google app as #malware on Android phones
➝ 🦠 🇰🇵 North Korean Hackers Targeting Crypto Experts with #KANDYKORN#macOS Malware
➝ 👥 💸 EleKtra-Leak #Cryptojacking Attacks Exploit #AWS IAM Credentials Exposed on #GitHub
➝ 🦠 🐍 Trojanized #PyCharm Software Version Delivered via #Google Search Ads
➝ ✅ 🤖 #GooglePlay adds security audit badges for Android #VPN apps
➝ 🔐 Microsoft pledges to bolster security as part of ‘Secure Future’ initiative
➝ 🆕 FIRST Releases #CVSS 4.0 Vuln Scoring Standard
➝ 🆕 #MITRE Releases ATT&CK v14 With Improvements to Detections, ICS, Mobile
➝ ⛔️ 🦠 #Samsung Galaxy gets new Auto Blocker anti-malware feature
➝ 🍏 🔐 #Apple Improves #iMessage Security With Contact Key Verification
➝ 🔓 Researchers Find 34 #Windows Drivers Vulnerable to Full Device Takeover
➝ 🔓 🪶 3,000 #Apache#ActiveMQ servers vulnerable to RCE attacks exposed online
➝ 🗣️ #Atlassian CISO Urges Quick Action to Protect #Confluence Instances From Critical #Vulnerability
➝ 🔓 🩸 “This vulnerability is now under mass exploitation.” #CitrixBleed bug bites hard
➝ 🐛 💰 HackerOne paid ethical hackers over $300 million in #bugbounties
📚 This week's recommended reading is: "Permanent Record" by Edward Snowden
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
Kaspersky elaborates on Operation Triangulation in which domestic subscribers, diplomatic missions, and embassies were targeted with Apple iOS zero-days (Russia’s FSB accused the USA for Operation Triangulation). The threat actors introduced two validators in the infection chain in order to ensure that the exploits and the implant do not get delivered to security researchers. Additionally, microphone recording could be tuned in such a way that it stopped when the screen was being used. They used private undocumented APIs in the course of the attack, indicating a great understanding of iOS internals. They additionally implemented in some modules support for iOS versions prior to 8.0, suggesting access for years. Link:https://securelist.com/triangulation-validators-modules/110847/
Between 2020 - 2022 (perhaps even early 2023), you may have unknowingly installed a TROJAN targeting Linux.
This is concerning to me, since I used the program myself, last month. -- All reports seem to suggest the issue was resolved, before I used the program, but it still gives me pause.
I wish there was a working download manager that integrated with Mozilla Firefox, that was still being actively developed.
To Threads or Not to Threads? That is the privacy question (www.kaspersky.com)
Discussing privacy in Threads, and whether you should sign up to Zuckerberg’s Twitter clone.