Security News

Former foreign secretary Dominic Raab rebuked GCHQ for secretly halting internal compliance audits that ensured the spy agency was obeying the law, a government report has revealed - while just 0.06 per cent of spying requests made by Britain's public sector were refused by its supposed overseer. Explaining how GCHQ's COVID excuse "Deviated from our expectations," IPCO said: "The IPC and the Foreign Secretary made clear to GCHQ that, in future, they expect GCHQ to inform them of any changes relevant to the handling of warranted data."

Researchers have disclosed a novel technique by which malware on iOS can achieve persistence on an infected device by faking its shutdown process, making it impossible to physically determine if an iPhone is off or otherwise. NoReboot works by interfering with the routines used in iOS to shutdown and restart the device, effectively preventing them from ever happening in the first place and allowing a trojan to achieve persistence without persistence as the device is never actually turned off.

Any individual or any company can become their target, as long as someone pays to spy on them. Engagement: This part consists of engaging contact with the target or people close to it in an effort to build enough trust to entice the target to download/execute files or click on infecting links.

The spyware industry spreads far beyond the infamous Israeli spyware company NSO Group, Meta said, it being "Only one piece of a much broader global cyber-mercenary ecosystem." Facebook sued NSO Group, maker of the notorious, industrial-grade spyware Pegasus, in 2019 over an alleged attack that exploited a zero-day vulnerability in WhatsApp's messaging platform to inject spyware onto victims' phones in targeted campaigns. The Israeli firm markets spyware that Meta's report said has been used in "Frequent targeting of activists, opposition politicians and government officials in Hong Kong and Mexico." Its clients reportedly include the Department of Homeland Security, the Internal Revenue Service, and Saudi Arabia.

Facebook successor Meta on Thursday said it canceled 1,500 social media accounts used by seven surveillance-for-hire firms to conduct online attacks against government critics and members of civil society. These accounts were primarily used to observe targets and lure them into visiting malicious websites, or receiving booby-trapped messages, typically, that compromise their devices and online profiles.

The North Korea-linked ScarCruft advanced persistent threat group has developed a fresh, multiplatform malware family for attacking North Korean defectors, journalists and government organizations involved in Korean Peninsula affairs. ScarCruft specifically controls the malware using a PHP script on a compromised web server, directing the binaries based on HTTP parameters.

A new Iranian threat actor has been discovered exploiting a now-addressed critical flaw in the Microsoft Windows MSHTML platform to target Farsi-speaking victims with a new PowerShell-based information stealer designed to harvest extensive details from infected machines. The phishing campaign, which began in July 2021, involved the exploitation of CVE-2021-40444, a remote code execution flaw that could be exploited using specially crafted Microsoft Office documents.

Researchers from the National University of Singapore and Yonsei University in South Korea have devised a mobile application that uses smartphones' time-of-flight sensor to find tiny spy cameras hidden in everyday objects. The app is more successful at detecting hidden cams than existing state-of-the-art commercial hidden camera detectors and much more successful than the human eye/brain.

Recent model smartphones can be smarter still about finding hidden cameras in their vicinity, if they take advantage of time-of-flight sensors. Sriram Sami, Bangjie Sun, and Sean Rui Xiang Tan, from National University of Singapore, and Jun Han from Yonsei University, describe how this might be done in a paper [PDF] titled "LAPD: Hidden Spy Camera Detection using Smartphone Time-of-Flight Sensors".

The Office of the Commissioner for Personal Data Protection in Cyprus has collected a $1 million fine from intelligence company WiSpear for gathering mobile data from various individuals arriving at the airport in Larnaca. While this is just an administrative fine under the European Union's General Data Protection Regulation, it is related to a scandal two years ago widely publicized as the "Spy van" case.