Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Quotidien Hebdomadaire Mensuel

Quotidien Shaarli

Tous les liens d'un jour sur une page.

Jour précédent
Jour suivant

May 28, 2023

Vulnerability in GCP CloudSQL Leads to Data Exposure

The Dig research team reveals recently discovered critical vulnerability in GCP CloudSQL service that lead to internal container access and data exposure

23:21
dig.security, EN, 2023, cloud, GCP, CloudSQL, leak, exposure, Google, Cloud, PII
Here’s how long it takes new BrutePrint attack to unlock 10 different smartphones

Researchers have devised a low-cost smartphone attack that cracks the authentication fingerprint used to unlock the screen and perform other sensitive actions on a range of Android devices in as little as 45 minutes.

14:11
arstechnica, EN, 2023, BrutePrint, low-cost, smartphone, attack, fingerprint, authentication, attack
Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware

We would like to thank The Citizen Lab for their cooperation, support and inputs into this research.

  • Commercial spyware use is on the rise, with actors leveraging these sophisticated tools to conduct surveillance operations against a growing number of targets. Cisco Talos has new details of a commercial spyware product sold by the spyware firm Intellexa (formerly known as Cytrox).
  • Our research specifically looks at two components of this mobile spyware suite known as “ALIEN” and “PREDATOR,” which compose the backbone of the spyware implant. Our findings include an in-depth walkthrough of the infection chain, including the implants’ various information-stealing capabilities.
  • A deep dive into both spyware components indicates that ALIEN is more than just a loader for PREDATOR and actively sets up the low-level capabilities needed for PREDATOR to spy on its victims.
  • We assess with high confidence that the spyware has two additional components — tcore (main component) and kmem (privilege escalation mechanic) — but we were unable to obtain and analyze these modules.
  • If readers suspect their system(s) may have been compromised by commercial spyware, please consider notifying Talos’ research team at talos-mercenary-spyware-help@external.cisco.com to assist in furthering the community’s knowledge of these threats.
13:46
talosintelligence, EN, 2023, PREDATOR, spyware, Intellexa, ALIEN, analysis, Android
Inner workings revealed for “Predator,” the Android malware that exploited 5 0-days

Spyware is sold to countries including Egypt, Indonesia, Oman, Saudi Arabia, and Serbia.
Smartphone malware sold to governments around the world can surreptitiously record voice calls and nearby audio, collect data from apps such as Signal and WhatsApp, and hide apps or prevent them from running upon device reboots, researchers from Cisco’s Talos security team have found.

13:46
arstechnica, EN, 2023, Smartphone, PREDATOR, 0-days, spyware, Android