SASFinSpy: the ultimate spying tool
FinSpy spyware targets Android, iOS, macOS, Windows, and Linux users. Here’s what it can do and how to stay protected.
Security Analyst Summit
28 articles
Tomiris backdoor
At the SAS 2021 conference, our experts talked about the Tomiris backdoor, which appears to be linked to the DarkHalo group.
Mobile apps are watching you
Mobile apps can track your location and sell the data to third parties. What can you do about it?
MontysThree: Industrial cyberspy
Cybercriminals are using steganography to hide their code and seek industrial data.
Malware delivery through UEFI bootkit with MosaicRegressor
Cybercriminals are employing a sophisticated malicious framework whose tools include some leaked from Hacking Team.
AndroidPhantomLance Android backdoor discovered on Google Play
Kaspersky experts found the PhantomLance Trojan backdoor for Android in Google Play.
Faking fingerprints — doable, but hard
Researchers found a way to create fake fingerprints to fool many devices, although it took a lot of effort.
5 travel security tips for the slightly paranoid
5 quick tips for (moderately) paranoid people on how to ensure security and privacy while traveling.
Uncovering fake news bots
How to expose fake news bots based on their behavior and what insights one can get while doing this.
Is it possible to guard against GPS attacks?
Has your sat nav ever insisted you are somewhere you are clearly not? Welcome to GPS spoofing.
Weaponized USB devices as an attack vector
Trojanized HID devices as well as surveilling or malicious cables are serious threats that can be used to compromise even air-gapped systems.
The complexities of public attribution
A look at the complexities of public attribution and why nation-states doing it will have real-world implications.
Microsoft Office and its vulnerabilities
The Microsoft Office threat landscape, and the technologies that help us catch related zero-day exploits, were the focus of this talk at the SAS 2019 conference.
Another Taj Mahal (between Tokyo and Yokohama)
A new APT attack targets the diplomatic mission of an Asian country.
The Gaza cybergang and its SneakyPastes campaign
A cybergang that specializes in cyberespionage, with its campaign mostly limited to the Middle East and countries in central Asia.
How crooks use your doppelgangers to pay with your card
How criminals use data harvested from users’ devices to fool antifraud systems and siphon money from victims’ accounts.
In defense of the IoT: First-hand experience
The day I turned home network defender and stopped making fun of IoT developers.
#TheSAS2018Do not become a link in a supply chain attack
Even if you are really not an interesting target for an APT actor, you can still be used in a malware delivery chain
A robot’s ransom
Researchers investigate how vulnerabilities in robots can be exploited to take control of them.
Small hacks: Free coffee, spying taxis, and a vulnerable airport
At this year’s Security Analyst Summit, Inbar Raz revealed how he managed to crack a cafe chain’s loyalty card system, a taxi service, and an airport
Modern yacht hacking
Yachts are now Internet-friendly — and vulnerable because developers aren’t focusing on information security.