A good reason to get your land line back: Google Project Zero security researcher Ian Beer has revealed that, until May, a variety of Apple iPhones and other iOS devices were vulnerable to an incredible exploit that could let attackers remotely reboot and take complete control of their devices from a distance — including reading emails and other messages, downloading photos, and even potentially watching and listening to you through the iPhone’s microphone and camera. Read more here.
Time to Drop the Box?: Russian-backed hacking group Turla has used a previously undocumented malware toolset to deploy backdoors and steal sensitive documents in targeted cyber-espionage campaigns directed at high-profile targets such as the Ministry of Foreign Affairs of European Union countries. The previously unknown malware framework, named Crutch by its authors, was used in campaigns spanning from 2015 to at least early 2020. Turla’s Crutch malware was designed to help harvest and exfiltrate sensitive documents and various other files of interest to Dropbox accounts controlled by the Russian hacking group. Read more here.
North Korea’s Newest Export…: It took only a few years for North Korea to advance its cyber capabilities from solely destructive campaigns to sophisticated technical operations. This shift puts North Korea in competition with top nation-state groups and reveals strategic changes in how it plans to support its regime. “[To say] I’m intrigued is an understatement by what they’ve done over the years,” says Josh Burgess, technical lead and threat intelligence adviser at CrowdStrike. “I’ve been watching them at least six to seven years, personally, as they progress through their malware campaigns: how they’ve grown, how they’ve evolved, how they’ve done what they’ve done.” Read more here.
