Security News > 2021 > September

There's a new cybersecurity threat to gamers: An advanced trojan, dubbed BloodyStealer, has emerged on underground forums and is being used to steal gamer accounts on various platforms, including Steam, Epic Games Store and EA Origin. Demand for stolen gamer data throughout the underground markets is increasing, experts at Kaspersky say, making compromising those accounts a priority for cybercriminals of all stripes.

A flaw in ASUS's ROG Armoury Crate hardware management app could have allowed low-privileged users to execute code as administrator. Federico discovered the vuln after taking a close look at ROG Armoury Crate, finding a DLL hijacking vuln that allowed ordinary users to execute code with SYSTEM privileges after pasting a crafted file into a directory used by the app.

Commercially developed FinFisher malware now can infect Windows devices using a UEFI bootkit that it injects in the Windows Boot Manager. "During our research, we found a UEFI bootkit that was loading FinSpy. All machines infected with the UEFI bootkit had the Windows Boot Manager replaced with a malicious one," Kasperksy researchers revealed today.

The FinSpy surveillance kit has been driven from its hiding place following an eight-month investigation by Kaspersky researchers. One day researchers stumbled across a Burmese-language website that hosted both the trojanized installers as well as samples of FinSpy for Android.

Companies are vulnerable to potential cyberthreats during mergers and acquisitions; learn from an expert why and how to reduce security risks during the transition. Why are cybercriminals targeting companies undergoing a merger or acquisition?

The fully-automated security operations center solution comes with 24/7 support and sets up in less than an hour. Deepwatch, a managed detection and response security provider, announced Tuesday a MDR solution for SMBs to protect against cyber threats.

The new Idle Detection API gives Chrome the ability to register whether a user is active, and has drawn concerns from privacy advocates. Google Chrome version 94 was recently released with a long list of patch notes, and buried among it is the announcement of the stable release of Chrome's Idle Detection API, which has drawn criticism from privacy advocates.

A new phishing campaign spotted by Armorblox tried to steal user credentials by spoofing a message notification from a company that provides email encryption. A successful phishing email that obtains the right username and password can gain access to an entire network.

Twitter is experiencing a worldwide outage affecting their web platform that prompts users to logout and prevents them from accessing tweets. The outage began at around noon EST and only affects the web/desktop version of Twitter, not the mobile platform.

Kaspersky has presented the findings of an eight-month probe into the FinFisher spyware toolset - including the discovery of a UEFI "Bootkit" infection method and "Advanced anti-analysis methods" such as "Four-layer obfuscation." The toolkit receives frequent updates to evade detection and add new functionality, with Kaspersky having previously investigated a 2019 update which boosted its spying capabilities to include chat, physical movement, microphone, and camera access, alongside locally stored data capture and exfiltration.