Cybercrime, Firmware and Surveillance - Cyber Security Informer

MoonBounce: the dark side of UEFI firmware

SecureList

JANUARY 20, 2022

At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner , which has been integrated into Kaspersky products since the beginning of 2019. This one is made up of implants found in the UEFI firmware within the SPI flash, a non-volatile storage external to the hard drive.

Firmware

Firmware Malware Encryption Passwords

GUEST ESSAY: The many ways your supply chain is exposing your company to a cyber attack

The Last Watchdog

MAY 16, 2022

The inherent complexity of the supply chain for modern technology is a reason why so many cybercrime attempts have been successful. Then there are firmware developers, transport agencies, testing facilities, and security evaluation agencies that handle the device before it is sent to the corporate client. Threat detection.

Cyber Attacks

Cyber Attacks Firmware Artificial Intelligence Manufacturing

Swiss expert Till Kottmann indicted for conspiracy, wire fraud, and aggravated identity theft

Security Affairs

MARCH 21, 2021

Hackers also posted images captured from the hacked surveillance video on Twitter with an #OperationPanopticon hashtag, published images show that they have gained root shell access to the surveillance cameras used by Telsa and Cloudflare. SecurityAffairs – hacking, cybercrime). Pierluigi Paganini.

Identity Theft

Identity Theft Computers and Electronics Surveillance Hacking

Beastmode Mirai botnet now includes exploits for Totolink routers

Security Affairs

APRIL 2, 2022

The threat actors added TOTOLINK exploits just a week after the exploit codes were publicly released on GitHub in the attempt to compromise the largest number of devices as possible before the owners upgrade to the latest firmware releases. TOTOLINK has already addressed these flaws with the release of new firmware for vulnerable devices.

DDOS

DDOS Firmware Surveillance IoT

Security Affairs newsletter Round 376 by Pierluigi Paganini

Security Affairs

JULY 31, 2022

and Blackmatter ransomware U.S. increased rewards for info on North Korea-linked threat actors to $10 million Threat actors leverages DLL-SideLoading to spread Qakbot malware Zero Day attacks target online stores using PrestaShop? and Blackmatter ransomware U.S.

Firmware

Firmware Malware Surveillance DDOS

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches

Data breaches DDOS Ransomware Artificial Intelligence

Top 10 Malware Strains of 2021

SecureWorld News

AUGUST 8, 2022

Remcos, short for Remote Control and Surveillance, was leveraged by malicious cyber actors conducting mass phishing campaigns during the COVID-19 pandemic to steal personal data and credentials. Qakbot can also be used to form botnets. Remcos Remcos is marketed as a legitimate software tool for remote management and penetration testing.

Malware

Malware Banking Penetration Testing Healthcare

APT trends report Q1 2022

SecureList

APRIL 27, 2022

In December we were made aware of a UEFI firmware-level compromise through logs from our firmware scanning technology. Further analysis showed that the attackers modified a single component within the firmware to append a payload to one of its sections and incorporate inline hooks within particular functions.

Malware

Malware Firmware Government Phishing

IT threat evolution Q3 2021

SecureList

NOVEMBER 26, 2021

At the end of September, at the Kaspersky Security Analyst Summit , our researchers provided an overview of FinSpy , an infamous surveillance toolset that several NGOs have repeatedly reported being used against journalists, political dissidents and human rights activists. FinSpy: analysis of current capabilities.

Malware

Malware Banking Energy and Utilities Accountability

APT trends report Q3 2021

SecureList

OCTOBER 26, 2021

On June 3, Check Point published a report about an ongoing surveillance operation targeting a Southeast Asian government, and attributed the malicious activities to a Chinese-speaking threat actor named SharpPanda. In this quarter we focused on researching and dismantling surveillance frameworks following malicious activities we detected.

Malware

Malware Government Surveillance Spyware

What is Malware? Definition, Purpose & Common Protections

eSecurity Planet

OCTOBER 21, 2022

Once a system is infected, ransomware attacks usually come in 3 stages: Surveillance: The hackers scan their target for more information on the system they are attacking. Firmware rootkits are also known as “hardware rootkits.”.

Malware

Malware Adware Spyware Antivirus

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

In May, Ars Technica reported that BootGuard private keys had been stolen following a ransomware attack on Micro-Star International (MSI) in March this year (firmware on PCs with Intel chips and BootGuard enabled will only run if it is digitally signed using the appropriate keys).

Hacking

Hacking Energy and Utilities Media Malware

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

The cyber-offense ecosystem still appears to be shaken by the sudden demise of NSO Group; at the same time, these activities indicate to us that we’ve only seen the tip of the iceberg when it comes to commercial-grade mobile surveillance tooling. The first one, in January, was MoonBounce ; the other was CosmicStrand in July 2022.

Firmware

Firmware Surveillance Mobile Telecommunications

Security Affairs newsletter Round 503 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 22, 2024

CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog ConnectOnCall data breach impacted over 900,000 individuals Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware Multiple flaws in Volkswagen Group’s infotainment unit allow for vehicle compromise (..)

Data breaches

Data breaches Cybercrime Spyware Firmware

Cyber Security Informer

MoonBounce: the dark side of UEFI firmware

GUEST ESSAY: The many ways your supply chain is exposing your company to a cyber attack

Trending Sources

Swiss expert Till Kottmann indicted for conspiracy, wire fraud, and aggravated identity theft

Beastmode Mirai botnet now includes exploits for Totolink routers

Security Affairs newsletter Round 376 by Pierluigi Paganini

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Top 10 Malware Strains of 2021

APT trends report Q1 2022

IT threat evolution Q3 2021

APT trends report Q3 2021

What is Malware? Definition, Purpose & Common Protections

Advanced threat predictions for 2024

Advanced threat predictions for 2023

Security Affairs newsletter Round 503 by Pierluigi Paganini – INTERNATIONAL EDITION

Stay Connected