Visit our new website: worldnews.easybranches.com

Windows 0-day is exploited to install creepy Finspy malware (again)

  • Wed, 13 Sep 2017 20:41

Enlarge / The WSDL parser, where the zero-day was located. (credit: FireEye)

On Tuesday, Microsoft patched a previously unknown vulnerability that researchers say was actively exploited by an undisclosed nation to install surveillance malware on one or more vulnerable computers.

The exploit, according to a blog post published Tuesday by security firm FireEye, was embedded in a Microsoft Word document. Once opened, the document exploited a zero-day vulnerability in Microsoft's .Net framework. The exploit caused the targeted computer to install Finspy (sometimes "FinSpy"), a family of surveillance software that its controversial developer, UK-based Gamma Group, sells to governments throughout the world. Tuesday's blog post said the document might have been used to infect an unnamed "Russian speaker." The vulnerability, indexed as CVE-2017-8759, comes five months after FireEye disclosed a different zero-day being used to distribute Finspy.

"These exposures demonstrate the significant resources available to 'lawful intercept' companies and their customers," FireEye researchers wrote. "Furthermore, Finspy has been sold to multiple clients, suggesting the vulnerability was being used against other targets."

Read 4 remaining paragraphs | Comments

Biz & IT – Ars Technica

Tags


Related Stories

Defakto’s ‘Stille Nacht’ watch is a limited edition of galactic proportions
  • Mon, 20 Nov 2017 21:53

 Independent watchmaker Defakto creates some stunning timepieces via its regular collection, but it has a new limited series that is particularly...

Baidu plans mass production of self-driving mini-bus
  • Mon, 20 Nov 2017 19:01

(China Plus) Chinese artificial intelligence (AI) giant Baidu has unveiled a plan to mass produce its self-driving mini-bus by July 2018, Economic V...

Apple delays launch of smart speaker
  • Mon, 20 Nov 2017 17:43

The HomePod will now be released in early 2018 as the gadget still needs work, said Apple. BBC News - Technology

Monzo’s latest round included £11M in secondary as founding employees partly cash in
  • Mon, 20 Nov 2017 16:53

 Earlier this month, U.K.-based challenger bank Monzo announced that it had raised a further £71 million in a round led by Goodwater Capital, gi...

Tech In Asia raises $6.6M led by Korean conglomerate Hanwha
  • Mon, 20 Nov 2017 14:41

 Tech In Asia, the Singapore-based media and events startup, has closed $ 6.6 million in fresh funding. The lead investor is a name that may not...

Mike and Nathaniel’s Week in Tech: Everybody Loves Bitcoin
  • Mon, 20 Nov 2017 12:43

In this week’s tech newsletter, Mike Isaac and Nathaniel Popper delve into the popularity of Bitcoin, and the new troubles at Twitter. NYT > Techno...

Argentine Navy diesel sub disappears, NASA plane joins in search
  • Mon, 20 Nov 2017 11:55

NASA The US Navy and NASA have joined the search for an Argentine Armada (navy) diesel-electric attack submarine—the...

Youth Radio Offers Kids' Take on Current Events
  • Mon, 20 Nov 2017 11:10

A stellar take on the news from diverse kid journalists Techlearning RSS Feed

Apple delays HomePod till 2018
  • Mon, 20 Nov 2017 09:50

Here’s one Apple product you won’t find under the tree this year: HomePod. While Apple had originally planned to release its HomePod smart speaker...

Investors in Chinese start-ups still eye exits through digital currency offerings
  • Mon, 20 Nov 2017 08:49

(SCMP) Founders and seed investors in Chinese technology companies are coming up with more innovative ways of exiting their investments, with some e...

Wine-making existed at least 500 years earlier than previously known
  • Mon, 20 Nov 2017 07:49

ACCORDING to the ancient Greeks, wine was first discovered by Dionysus, and proved so popular that he was rewarded with godhood. The ancient Persians ...

Exclusive: Qualcomm set to win conditional Japanese antitrust okay for NXP deal - source
  • Mon, 20 Nov 2017 06:53

BRUSSELS (Reuters) - U.S. smartphone chipmaker Qualcomm is set to win “imminent” Japanese antitrust clearance for its $ 38-billion bid for NXP S...


News Categories