VB Migration

Tag: spyware

  • VB2017 video: FinFisher: New techniques and infection vectors revealed

    Over the last few years, the infamous FinFisher government spyware (already the subject of a VB2013 paper ) has done a good job of staying under the radar. Recently, however, it made the news because of its use of the then zero-day CVE-2017-8759 and the likely involvement of ISPs in targets getting infected. In a…

  • VB2017 video: FinFisher: New techniques and infection vectors revealed

    Over the last few years, the infamous FinFisher government spyware (already the subject of a VB2013 paper ) has done a good job of staying under the radar. Recently, however, it made the news because of its use of the then zero-day CVE-2017-8759 and the likely involvement of ISPs in targets getting infected. In a…

  • Hot FinSpy research completes VB2017 programme

    The infamous FinSpy (or FinFisher) government spyware has managed to keep a low profile in recent years, though its use of two Microsoft zero-days ( CVE-2017-0199 and CVE-2017-8759 ) this year shows that it is still active. Today, researchers from ESET have published new research which points to the spyware using a different infection method:…

  • Hot FinSpy research completes VB2017 programme

    The infamous FinSpy (or FinFisher) government spyware has managed to keep a low profile in recent years, though its use of two Microsoft zero-days ( CVE-2017-0199 and CVE-2017-8759 ) this year shows that it is still active. Today, researchers from ESET have published new research which points to the spyware using a different infection method:…

  • Consumer spyware: a serious threat with a different threat model

    We all know the risks of having a device infected with malware: an anonymous adversary far away can encrypt your files and hold them to ransom; they can steal your personal data and sell it online; or they can steal your money directly from your online financial services. But imagine if the adversary is neither…

  • Consumer spyware: a serious threat with a different threat model

    We all know the risks of having a device infected with malware: an anonymous adversary far away can encrypt your files and hold them to ransom; they can steal your personal data and sell it online; or they can steal your money directly from your online financial services. But imagine if the adversary is neither…

  • Those doing bad things deserve privacy too

    Hacking Team leakers should have taken a leaf out of Snowden’s book. I can understand, at least in principle, that targeted malware could be used by law enforcement agencies for legitimate purposes. After all, with proper court orders in place, it is not significantly different from the hidden cameras placed by those same agencies. However,…

  • Little sympathy for breached Hacking Team

    Lists of customers, source code and zero-day vulnerabilities made public. The biggest security story of this week, and probably one of the biggest of the year, is the hack of Italian company Hacking Team . The story has been covered widely, for instance by Wired , Ars Technica , The Register and Forbes , as…

  • Detekt tool searches PCs for traces of surveillance spyware

    Second opinion essential in circumstances under which likely victims operate. Last week, the release of the free ‘ Detekt ‘ tool was announced. Developed by Claudio Guarnieri and released in partnership with organizations including Amnesty International and the Electronic Frontier Foundation , the tool scans Windows computers for traces of government surveillance spyware. The tool…

  • Cheap Android phone comes shipped with spyware

    Trojan masquerades as Google Play app; cannot be removed. Researchers at German security firm G Data have discovered Android smartphones that come shipped with spyware. The phone is the N9500 from Chinese manufacturer Star , which appears to be very similar to the popular Samsung S5 , but with a much lower price tag. Following…