Notícias

Security News This Week: Oh Crap, Kohler's Toilet Cameras Aren't Really End-to-End Encrypted

Plus: The Trump administration declines to issue sanctions over Salt Typhoon's hacking spree, officials warn of a disturbingly stealthy Chinese malware specimen, and more.

Predator Spyware Maker Intellexa Evades Sanctions, New Victims Identified

Data leaks have shed a new light on Intellexa's flagship spyware infrastructure and attack vectors

US Organizations Warned of Chinese Malware Used for Long-Term Persistence

Warp Panda has been using the BrickStorm, Junction, and GuestConduit malware in attacks against US organizations. The post US Organizations Warned of Chinese Malware Used for Long-Term Persistence appeared first on SecurityWeek.

AutoIT3 Compiled Scripts Dropping Shellcodes, (Fri, Dec 5th)

AutoIT3[1] is a powerful language that helps to built nice applications for Windows environments, mainly to automate tasks. If it looks pretty old, the latest version was released last September and it remains popular amongst developers, for the good… or the bad! Malware written in AutoIt3 has existed since the late 2000s, when attackers realized that the language was easy to learn (close to basic) but can also compiled into standalone PE files! From a malware point of view, such executables make an extended use of packed data, making them more stealthy.

Arizona Sues Temu Over Covert Data Harvesting Claims

Arizona's lawsuit claims Temu's popular app acts like spyware and harvests sensitive device data. The post Arizona Sues Temu Over Covert Data Harvesting Claims appeared first on eSecurity Planet.

New Variant of ClayRat Android Spyware Seize Full Device Control

The dangerous ClayRat Android spyware has evolved, gaining the ability to steal PINs, record screens, and disable security by abusing Accessibility Services. Users must beware of fake apps spreading through phishing sites and Dropbox.

Intellexa remotely accessed Predator spyware customer systems, investigation finds

It was one of a trio of reports about the spyware vendor over the course of a day, with additional evidence about further infections among the findings. The post Intellexa remotely accessed Predator spyware customer systems, investigation finds appeared first on CyberScoop.

Predator spyware uses new infection vector for zero-click attacks

The Predator spyware from surveillance company Intellexa has been using a zero-click infection mechanism dubbed "Aladdin" that compromised specific targets when simply viewing a malicious advertisement. [...]

Newly Sold Albiriox Android Malware Targets Banks and Crypto Holders

Cleafy analysis reveals Albiriox, a new Android Malware-as-a-Service (MaaS) RAT that targets over 400 global banking and crypto apps. Learn how ODF fraud enables full device takeover.

Shai Hulud 2.0, now with a wiper flavor

Kaspersky researchers uncover a new version of the Shai Hulud npm worm, which is attacking targets in Russia, India, Brazil, China, and other countries, and has wiper features.