1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Microsoft finds hackers using unknown Windows security flaws

    From TechnologyDaily@1337:1/100 to All on Thu Jul 28 12:15:04 2022
    Microsoft finds hackers using unknown Windows security flaws

    Date:
    Thu, 28 Jul 2022 10:57:23 +0000

    Description:
    Austrian firm was abusing new Windows zero-days in the process of selling spyware to governments.

    FULL STORY ======================================================================

    Microsoft has revealed a potentially damaging new spyware campaign targeting victims around the world.

    In a blog post , Microsoft claims that an Austrian company posing as a risk analysis and business intelligence service provider is in fact, a spyware developer responsible for Subzero, malware used against endpoints belonging
    to law firms, banks, and consultancy firms in the UK, Austria, and Panama.

    The company, known as DSIRF, was found allegedly abusing zero-days exploits
    in both Windows and Adobe Reader to provide its customers with remote code execution capabilities, among other things. Before identifying the threat actor, Microsoft was tracking it under the codename KNOTWEED. Commercial spyware

    Before identifying the threat actor, Microsoft was tracking it under the codename KNOTWEED, and says it has now patched the vulnerabilities abused by DSIRF.

    MSTIC [Microsoft Threat Intelligence Center] has found multiple links between DSIRF and the exploits and malware used in these attacks. These include command-and-control infrastructure used by the malware directly linking to DSIRF, a DSIRF-associated GitHub account being used in one attack, a code signing certificate issued to DSIRF being used to sign an exploit, and other open-source news reports attributing Subzero to DSIRF, Microsoft said in the blog.

    As spotted by The Verge , Microsofts report was published while the company testified in front of the House Intelligence Committee, on Combatting the Threats to U.S. National Security from the Proliferation of Foreign
    Commercial Spyware. In the testimony, submitted in written form, Microsoft argues that in the past decade, theres been a boom of commercial entities developing, and selling, spyware, to repressive regimes around the world.
    Read more

    NSO Group spyware targeted senior EU officials


    Google says NSO Group iPhone hack was "incredible and terrifying"


    These are the best secure browsers today

    Over a decade ago, we started to see companies in the private sector move
    into this sophisticated surveillance space as autocratic nations and smaller governments sought the capabilities of their larger and better resourced counterparts, it says in the testimony.

    In some cases, companies were building capabilities for governments to use consistent with the rule of law and democratic values. But in other cases, companies began building and selling surveillance as a service ... to authoritarian governments or governments acting inconsistently with the rule of law and human rights norms.

    Microsoft has urged the U.S. to classify spyware as a cyberweapon. Keep your online activities to yourself with the best firewalls around

    Via: The Verge



    ======================================================================
    Link to news story: https://www.techradar.com/news/microsoft-finds-hackers-using-unknown-windows-s ecurity-flaws/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)