Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks

A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group APT41. Kaspersky, which codenamed the rootkit MoonBounce, characterized the malware as the...

Researchers Discover UEFI Bootkit Targeting Windows Computers Since 2012

Cybersecurity researchers on Tuesday revealed details of a previously undocumented UEFI Unified Extensible Firmware Interface bootkit that has been put to use by threat actors to backdoor Windows systems as early as 2012 by modifying a legitimate Windows Boot Manager binary to achieve persistence...

New FinSpy Malware Variant Infects Windows Systems With UEFI Bootkit

Commercially developed FinFisher surveillanceware has been upgraded to infect Windows devices using a UEFI Unified Extensible Firmware Interface bootkit that leverages a trojanized Windows Boot Manager, marking a shift in infection vectors that allow it to elude discovery and analysis. Detected i...

FinSpy: unseen findings

FinSpy, also known as FinFisher or Wingbird, is an infamous surveillance toolset. Kaspersky has been tracking deployments of this spyware since 2011. Historically, its Windows implant was distributed through a single-stage installer. This version was detected and researched several times up to...

Police Raided German Spyware Company FinFisher Offices

German investigating authorities have raided the offices of Munich-based company FinFisher that sells the infamous commercial surveillance spyware dubbed 'FinSpy,' reportedly in suspicion of illegally exporting the software to abroad without the required authorization. Investigators from the Germ...

Police Raided German Spyware Company FinFisher Offices

German investigating authorities have raided the offices of Munich-based company FinFisher that sells the infamous commercial surveillance spyware dubbed 'FinSpy,' reportedly in suspicion of illegally exporting the software to abroad without the required authorization. Investigators from the Germ...

FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines

Office 365 Advanced Threat Protection Office 365 ATP blocked many notable zero-day exploits in 2017. In our analysis, one activity group stood out: NEODYMIUM. This threat actor is remarkable for two reasons: Its access to sophisticated zero-day exploits for Microsoft and Adobe software Its use of...

Flaw in Adobe Flash Player Used to Install FinFisher Spyware

By Waqas A serious flaw has been identified in Adobe Flash Player, This is a post from HackRead.com Read the original post: Flaw in Adobe Flash Player Used to Install FinFisher Spyware...

Adobe Patches Flash Zero Day Exploited by Black Oasis APT

Adobe today released an out-of-band Flash Player update addressing a zero-day vulnerability being exploited by a little-known Middle Eastern APT group. The group known as Black Oasis was, as recently as this month, using exploits for the flaw to drop FinSpy as a payload. Sold by the controversial...

Hackers Use New Flash Zero-Day Exploit to Distribute FinFisher Spyware

FinSpy—the infamous surveillance malware is back and infecting high-profile targets using a new Adobe Flash zero-day exploit delivered through Microsoft Office documents. Security researchers from Kaspersky Labs have discovered a new zero-day remote code execution vulnerability in Adobe Flash,...

ISPs May Be Helping Hackers to Infect you with FinFisher Spyware

Are you sure the version of WhatsApp, or Skype, or VLC Player installed on your device is legitimate? Security researchers have discovered that legitimate downloads of several popular applications including WhatsApp, Skype, VLC Player and WinRAR have reportedly been compromised at the ISP level t...

PSA: New Microsoft Word 0day used in the wild

Microsoft has just patched an important vulnerability in Microsoft Word during its latest patch Tuesday cycle. According to the security firm that found it 1, this new zero-day CVE-2017-8759 was used in targeted attacks to install a piece of malware known as FinFisher. Microsoft Office has been i...

Microsoft Patches 85 Flaws, One Allowed FinFisher Spyware Installation

By Waqas Microsoft Releases Patch for Dangerous .NET Vulnerability in Latest Security This is a post from HackRead.com Read the original post: Microsoft Patches 85 Flaws, One Allowed FinFisher Spyware Installation...

Immediately Patch Windows 0-Day Flaw That's Being Used to Spread Spyware

Get ready to install a fairly large batch of security patches onto your Windows computers. As part of its September Patch Tuesday, Microsoft has released a large batch of security updates to patch a total of 81 CVE-listed vulnerabilities, on all supported versions of Windows and other MS products...

CVE-2017-8759

Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka “.NET Framework Remote Code Execution Vulnerability.” Recent assessments: hrbrmstr at May 12, 2020 7:51pm UTC reported: This CVE made ...

Not Just Criminals, But Governments Were Also Using MS Word 0-Day Exploit

Recently we reported about a critical code execution vulnerability in Microsoft Word that was being exploited in the wild by cyber criminal groups to distribute malware like Dridex banking trojans and Latentbot. Now, it turns out that the same previously undisclosed vulnerability in Word...

Police Arrested Suspected Hacker Who Hacked the 'Hacking Team'

Remember the Hacker who hacked Hacking Team? In 2015, a hacker named Phineas Fisher hacked Hacking Team – the Italy-based spyware company that sells spying software to law enforcement agencies worldwide – and exposed some 500 gigabytes of internal data for anyone to download. Now, the Spanish...

Detekt - scans your Windows computer for traces of known surveillance spyware

Detekt is a free tool that scans your Windows computer for traces of FinFisher and Hacking Team RCS, commercial surveillance spyware that has been identified to be also used to target and monitor human rights defenders and journalists around the world. In recent years we have witnessed a huge...

Company That Sells 'FinFisher' Spying Tool Got Hacked, 40GB Data Leaked

FinFisher spyware, a spyware application used by government and law enforcement agencies for the purpose of surveillance, appears to have been hacked earlier this week and a string of files has been dumped on the Internet. The highly secret surveillance software called “FinFisher” sold by British...

EU Petition Seeks to Restrict Export of 'Digital Arms'

A Dutch member of the European parliament is supporting a grass-roots effort to restrict the export of surveillance software such as FinFisher and others, which are used by some governments and law-enforcement agencies to monitor their citizens’ activities. The effort, dubbed Stop Digital Arms, i...