19 private links
In August 2016, Apple issued updates to iOS and macOS that patched three zero-day vulnerabilities that were being exploited in the wild to remotely install persistent malcode on a target’s device if they tapped on a specially crafted link. We linked the vulnerabilities and malcode to US-owned, Israel-based NSO Group, a government-exclusive surveillance vendor described by one of its founders as “a complete ghost”.
For the last 6 years my colleagues and I have been tracking the activities of the cyber-mercenaries we call Dark Caracal. In this time, we have observed them make a number of hilarious mistakes which have allowed us to gain crucial insights into their activities and victims. In this talk, we will discuss the story of Dark Caracal, the mistakes they have made, and how they have managed to remain effective despite quite possibly being the dumbest APT to ever exist.
Logs are a vital component for maintaining application reliability, performance, and security. They serve as a source of information for developers, security teams, and other stakeholders to understand what has happened or gone wrong within an application. However, logs can also be used to compromise the security of an application by injecting malicious content.
In this presentation, we will explore how ANSI escape sequences can be used to inject, vandalize, and even weaponize logfiles of modern applications. We will revisit old terminal injection research and log tampering techniques from the 80-90s, and combine them with new features to create chaos and mischief in the modern cloud cli's, mobile, and feature-rich DevOps terminal emulators of today....
Imagine discovering a zero-click attack targeting Apple mobile devices of your colleagues and managing to capture all the stages of the attack. That’s exactly what happened to us! This led to the fixing of four zero-day vulnerabilities and discovering of a previously unknown and highly sophisticated spyware that had been around for years without anyone noticing. We call it Operation Triangulation. We've been teasing this story for almost six months, while thoroughly analyzing every stage of the attack. Now, for the first time, we're ready to tell you all about it. This is the story of the most sophisticated attack chain and spyware ever discovered by Kaspersky.