Эволюция шпионского софта под iOS

Возможности программного обеспечения Sysdiagnose для компьютерной криминалистики на iOS Среди некоторых пользователей распространено мнение, что смартфоны под iOS лучше защищены от бэкдоров и вредоносного ПО, чем смартфоны Android. Отчасти это справедливо. Софт в каталоге App Store более жёстко модерируется, так что у обычных граждан меньше шансов подхватить зловреда. Но с точки зрения уязвимостей операционная система iOS совсем не уступает другим ОС. Соответственно, и вредоносные программы для неё создают регулярно. Под iOS создаётся коммерческий шпионский софт, который применяется на государственном уровне против конкретных граждан — гражданских активистов, журналистов, бизнесменов. В нём применяют более интересные уязвимости и изощрённые эксплоиты, чем в обычных троянах. Для обнаружения таких зловредов требуются специальные инструменты.

https://habr.com/ru/companies/globalsign/articles/890860/

#iOS #Pegasus #Predator #iCloud #Advanced_Data_Protection #сквозное_шифрование #E2E #эксплоиты #0day #iPhone #0Click #1Click #NSO_Group #iSoon #Hermit #Mobile_Verification_Toolkit #MVT #форензика #компьютерная_криминалистика #Sysdiagnose #режим_блокировки

Remember I-Soon?
DOJ charged a few people in relation to it earlier this week.

https://www.justice.gov/opa/pr/justice-department-charges-12-chinese-contract-hackers-and-law-enforcement-officers-global

#iSoon #iS00n

NHK紀錄片「追蹤中國洩漏的文件」

感謝網友熱心翻譯並提供字幕

由日本NHK電視台製作的紀錄片，詳細揭露中國政府國安系統與民間資安公司聯手竊取各國政府機密、操作社群媒體輿論風向的手法。

片長45分鐘，但內容毫無冷場：

1.安洵企圖駭入政治大學
2.安洵竊取歐盟內部資料
3.中國官民合作模式分析
4.中國滲透海外民運人士社群
5.戰爭新型態：認知戰
6.Dcard假帳號操作街頭遊行
7.假帳號操作社群平台輿論手法
8.台灣法務部對認知戰的防範

歡迎分享。

#NHK
#安洵文件
#isoon

https://www.youtube.com/watch?v=YTkpV0Zw13s

Our second speaker, Petteri Nakamura, is on stage with the "Hacking as a Service. What to Learn from the Data Leak of a Chinese State Affiliated APT Actor" talk

#TurkuSec #isoon #leak

Western governments struggle to coordinate response to Chinese hacking

#Chinese #hacking attempts are not isolated events. Rather, they constitute the #ecosystem in which all western governments must navigate their relationships with Beijing.

In a report published on 27 March, Google said China “continues to lead the way for government-backed exploitation”.
#APT31 alone has been linked to hacks in France, Finland and of Microsoft, while New Zealand said this week that another well-known Chinese hacking outfit, #APT40, attacked its parliament in 2021 (the Chinese embassy in New Zealand denied the allegations).

A recent leak of data from the Chinese cybersecurity firm #iSoon revealed the extent to which China’s hackers for hire compete for government contracts,
sometimes hoovering up data from foreign agencies "on spec" with the hope of selling it to the highest bidder.
In the case of APT31, the US Department of Justice alleges that the hacking operation was💥 directly run by a provincial department of China’s ministry of state security.💥
But in general, said Mei #Danowski, a China cybersecurity expert and author of the "Natto Thoughts" newsletter,
🔸nearly every cybersecurity firm in China 🔸would have some sort of contract with government clients.
With a cybersecurity industry worth an estimated $13bn, that is a lot of potential hackers.

That leaves western governments struggling to coordinate an effective response to hacks or hacking attempts.
In many cases, the Chinese government has #plausible #deniability about responsibility, and it is not always clear what the impact of data breaches are.
Audrye #Wong, an assistant professor at the University of Southern California, said that while #Russian-based hacks oftene “sow discord and chaos”, #China was “more cautious” and “still very much cares about shaping perceptions of China and the Chinese Communist party”.

Many western international security experts refer to the maxim that while Russia may be the storm, China is climate change.

https://www.theguardian.com/world/2024/mar/29/western-governments-struggle-coordinate-response-chinese-hacking?CMP=Share_iOSApp_Other

TurkuSec April Meetup

Date: 05.04.2024 (Friday)
Time: 17:45 – Onwards
Venue: SparkUp Turku (Tykistökatu 4B)

"Digital natives are not cybersecurity natives" by Joel Latto

“Hacking as a Service. What to Learn from the Data Leak of a Chinese State Affiliated APT Actor” by Petteri Nakamura

More info: https://turkusec.fi/turkusec-april-meetup-4/

#TurkuSec #Meetup #Turku #cybersecurity #awareness #isoon