The US, DHS Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning concerning malicious cyber actors using commercial spyware programs to target messaging applications. CISA's alert highlights that various threat actors employ sophisticated targeting and social engineering methods to deliver spyware and gain unauthorized access to users' messaging applications. This initial access then facilitates the deployment of additional malware, leading to more extensive access to t
signal (4)
Russian state-backed actors are increasingly targeting secure messaging applications like Signal to intercept sensitive communications, reveals a recent report by Google’s Threat Intelligence Group. These groups, often aligned with Russian intelligence services, are focusing on compromising accounts used by individuals of interest, including military personnel, politicians, journalists, and activists. While the initial focus appears to be related to the conflict in Ukraine, researchers believe
The targeted operation utilized CVE-2017-8570 as the initial vector and employed a notable custom loader for Cobalt Strike, yet attribution to any known threat actor remains elusive. An unknown threat actor targeted government entities in Ukraine toward the end of 2023 using an old Microsoft Office remote code execution (RCE) exploit from 2017 (CVE-2017-8570) as the initial vector and military vehicles as the lure.
The threat actor initiated the attack using a malicious PowerPoint file (.PPSX)
The secure messaging service Signal[1] has released the details of a search warrant it received from the Santa Clara, California Police which shows the efforts US law enforcement agencies will go to force online platforms into disclosing the personal information of their users. In the search warrant, the police sought to get the name, street address, telephone number, and email address of a specific Signal user, which is not necessarily unusual. It also wanted billing records, the dates of whe
