Visit our new website: worldnews.easybranches.com

Windows 0-day is exploited to install creepy Finspy malware (again)

  • Wed, 13 Sep 2017 20:41

Enlarge / The WSDL parser, where the zero-day was located. (credit: FireEye)

On Tuesday, Microsoft patched a previously unknown vulnerability that researchers say was actively exploited by an undisclosed nation to install surveillance malware on one or more vulnerable computers.

The exploit, according to a blog post published Tuesday by security firm FireEye, was embedded in a Microsoft Word document. Once opened, the document exploited a zero-day vulnerability in Microsoft's .Net framework. The exploit caused the targeted computer to install Finspy (sometimes "FinSpy"), a family of surveillance software that its controversial developer, UK-based Gamma Group, sells to governments throughout the world. Tuesday's blog post said the document might have been used to infect an unnamed "Russian speaker." The vulnerability, indexed as CVE-2017-8759, comes five months after FireEye disclosed a different zero-day being used to distribute Finspy.

"These exposures demonstrate the significant resources available to 'lawful intercept' companies and their customers," FireEye researchers wrote. "Furthermore, Finspy has been sold to multiple clients, suggesting the vulnerability was being used against other targets."

Read 4 remaining paragraphs | Comments

Biz & IT – Ars Technica

Tags


Related Stories

Varo Money raises $45 million for mobile banking without fees
  • Fri, 19 Jan 2018 11:43

 There are a number of startups looking to disrupt traditional banking. We’ve covered Chime, Zero and Jiko, just to name a few. Another one...

How Did President Trump Do on His Physical? It’s Complicated
  • Fri, 19 Jan 2018 10:44

The answers to impolite but salient questions about personal health aren’t, it turns out, straightforward—for anyone, not just a president. Feed:...

Chrissy Chambers: Revenge porn almost killed me
  • Fri, 19 Jan 2018 07:40

Singer Chrissy Chambers describes how her life changed when her ex posted an explicit video online. BBC News - Technology

Bringing luxury perks to co-living life, Ollie raises cash to expand
  • Fri, 19 Jan 2018 04:42

 As rents continue to soar in America’s most desirable cities, companies like New York-based Ollie are angling to transform the real estat...

Even without El Nino last year, Earth keeps on warming
  • Fri, 19 Jan 2018 02:46

Government scientists calculate that 2017 wasn't the hottest year on record, but close and unusually warm for no El Nino adding warmth ABC News: Tech...

Facebook adds its first African American board member
  • Fri, 19 Jan 2018 00:40

Today, Facebook announced that the Chairman and CEO of American Express, Kenneth I. Chenault, has joined the company's Board of Directors. It wil...

Samsung starts producing GDDR6 RAM for next-gen graphics cards
  • Thu, 18 Jan 2018 20:40

You can start getting pumped about the next generation of graphics cards, as Samsung has announced that it's building the first-ever 16-gigabit G...

Chinese carmaker Chery to use Nvidia's self-driving technology
  • Thu, 18 Jan 2018 19:42

(Reuters) - Nvidia Corp said on Tuesday China’s Chery Automobile Co would use its self-driving technology that it has developed with Baidu and ZF F...

China’s VPN Crackdown May Aid Government Surveillance
  • Thu, 18 Jan 2018 18:41

(WSJ) China’s clampdown on the cyber tunnels used to burrow through its Great Firewall may do more than further restrict internet access—it also ...

New botnet infects cryptocurrency mining computers, replaces wallet address
  • Thu, 18 Jan 2018 16:44

Enlarge / A cryptocurrency mining farm. (credit: Marco Krohn) Satori—the malware family that wrangles routers, security cameras, and other Interne...

Nintendo Labo: Price, Details, Release Date
  • Thu, 18 Jan 2018 15:40

Labo is a set of cardboard, build-it-yourself accessories for Nintendo's super-popular Switch gaming console. Feed: All Latest

Google is investing in Indonesia-based Uber rival Go-Jek
  • Thu, 18 Jan 2018 14:42

 Google is backing investing in ride-hailing companies. The U.S. search firm and China’s Meituan-Dianping are among the tech giants set to ...


News Categories