Tag: iran
-
VB2019 paper: Domestic Kitten: an Iranian surveillance program
In September last year, researchers at Check Point uncovered an Iranian operation they named ‘Domestic Kitten’ and that used Android apps for targeted surveillance. Active since 2016, the operation continued after this discovery with new malware found during the course of 2019. In a paper presented at VB2019 in London, Check Point researchers Aseel Kayal…
-
VB2018 video: Behind the scenes of the SamSam investigation
Yesterday, a federal grand jury in the US unsealed an indictment charging two Iranians with being behind the SamSam ransomware. SamSam has been one of the most successful ransomware campaigns in recent years, thanks to the clever targeting of specific organisations, including universities, hospitals and local governments. This targeting allowed the attackers to ensure the…
-
VB2018 video: Behind the scenes of the SamSam investigation
Yesterday, a federal grand jury in the US unsealed an indictment charging two Iranians with being behind the SamSam ransomware. SamSam has been one of the most successful ransomware campaigns in recent years, thanks to the clever targeting of specific organisations, including universities, hospitals and local governments. This targeting allowed the attackers to ensure the…
-
Stuxnet infected Natanz plant via carefully selected targets rather than escape from it
Five initial victims of infamous worm named. Today, as Wired journalist Kim Zetter publishes her book Countdown to Zero Day on Stuxnet, researchers from Kaspersky and Symantec published blog posts that shine a light on how the malware spread to its likely target, the Natanz plant in Iran, and to hundreds of thousands of other…
-
US lifts ban on anti-virus software for Iran
Eased restrictions welcomed by security experts. The United States has announced it has eased export restrictions to Iran, and now allows for the export of mobile phones and software, including anti-virus software. The US originally imposed sanctions against Iran following the Iranian Revolution of 1979 and has tightened them several times since, among other things…
-
Flame worm one of the most complex threats ever discovered
Malware possibly used for cyber-espionage. The jury is out on whether ‘Flame’ (also known as ‘Flamer’ or ‘Skywiper’) is ‘the most lethal cyberweapon to date’ as some have claimed , or just a highly complex and sophisticated piece of malware. But simply from looking at the volume of security vendors’ blog posts dedicated to the…
-
Iranians spied on using rogue DigiNotar certificates
Fake certificates signed for CIA, Mossad, Google, Facebook. It is likely that Iranian Internet users have been spied on following a hack discovered at Dutch certificate authority (CA) DigiNotar last week, according to Trend Micro . In July, a hack at DigiNotar resulted in a large number of fake SSL certificates being issued for popular…
-
Rogue SSL certificates issued for popular websites
Certificates revoked, but browsers still need to be updated. Comodo , a major vendor of SSL certificates, has admitted to one of its affiliates’ servers being hacked, leading to nine rogue SSL certificates for popular domains to be issued. SSL (secure socket layer) allows for traffic over the Internet that can not be intercepted by…