Aggregator

Videos posted to social media on Tuesday evening showed a huge plume of smoke rising from the building, which local authorities said was targeted by Iran.

Security researchers say a highly sophisticated iPhone exploitation toolkit dubbed "Coruna," which possibly originated from a U.S. government contractor, has spread from suspected Russian espionage operations to crypto-stealing criminal campaigns. Apple has patched the exploited vulnerabilities in newer iOS versions, but tens of thousands of devices may have already been compromised. An anonymous reader quotes an excerpt from Wired's report: Security researchers at Google on Tuesday released a report describing what they're calling "Coruna," a highly sophisticated iPhone hacking toolkit that includes five complete hacking techniques capable of bypassing all the defenses of an iPhone to silently install malware on a device when it visits a website containing the exploitation code. In total, Coruna takes advantage of 23 distinct vulnerabilities in iOS, a rare collection of hacking components that suggests it was created by a well-resourced, likely state-sponsored group of hackers. In fact, Google traces components of Coruna to hacking techniques it spotted in use in February of last year and attributed to what it describes only as a "customer of a surveillance company." Then, five months later, Google says a more complete version of Coruna reappeared in what appears to have been an espionage campaign carried out by a suspected Russian spy group, which hid the hacking code in a common visitor-counting component of Ukrainian websites. Finally, Google spotted Coruna in use yet again in what seems to have been a purely profit-focused hacking campaign, infecting Chinese-language crypto and gambling sites to deliver malware that steals victims cryptocurrency. Conspicuously absent from Google's report is any mention of who the original surveillance company "customer" that deployed Coruna may have been. But the mobile security company iVerify, which also analyzed a version of Coruna it obtained from one of the infected Chinese sites, suggests the code may well have started life as a hacking kit built for or purchased by the US government. Google and iVerify both note that Coruna contains multiple components previously used in a hacking operation known as "Triangulation" that was discovered targeting Russian cybersecurity firm Kaspersky in 2023, which the Russian government claimed was the work of the NSA. (The US government didn't respond to Russia's claim.) Coruna's code also appears to have been originally written by English-speaking coders, notes iVerify's cofounder Rocky Cole. "It's highly sophisticated, took millions of dollars to develop, and it bears the hallmarks of other modules that have been publicly attributed to the US government," Cole tells WIRED. "This is the first example we've seen of very likely US government tools -- based on what the code is telling us -- spinning out of control and being used by both our adversaries and cybercriminal groups." Regardless of Coruna's origin, Google warns that a highly valuable and rare hacking toolkit appears to have traveled through a series of unlikely hands, and now exists in the wild where it could still be adopted -- or adapted -- by any hacker group seeking to target iPhone users. "How this proliferation occurred is unclear, but suggests an active market for 'second hand' zero-day exploits," Google's report reads. "Beyond these identified exploits, multiple threat actors have now acquired advanced exploitation techniques that can be re-used and modified with newly identified vulnerabilities."

Read more of this story at Slashdot.

CHRISTOPHER STEVENS: When mother-of-three Maria Chindamo told her husband Nando that she wanted a divorce, she sealed both her own fate and his.

Panic broke out amongst the some 240,000 Brits living in what they thought was 'the safest city in the world' after it was targeted by Iran's missiles on Saturday.

Gas prices have surged to a three-year-high and oil has shot up since the Iranian military threatened to blow up any vessels trying to pass through the Strait of Hormuz.

The health secretary pledged last year that future updates would use artificial intelligence to answer users' medical questions and bring the service into the 21st century.

It's the kind of plot you'd expect to see in Midsomer Murders: a group of community-minded villagers happens upon a bloodied dying stab victim as they go litter-picking on a Sunday morning.

High fat diets could make an aggressive form of breast cancer more difficult to treat, new research suggests, highlighting the possible role diet may play in cancer progression.

DAILY MAIL COMMENT: Imagine if Sir Keir Starmer had been in charge when Argentina invaded the Falklands. Or, worse still, in 1940 when Britain stood alone against Hitler.

The competition, which has run for nearly two decades, celebrates the most captivating photographs over the last year.

Marking the Prime Minister's card, his former deputy said that ministers should go 'further and harder' in tackling rogue managing agents.

The commercial director for Business Travel Association, Andrew Clarke, has pushed back at plans to expand tourism tax across the UK.

They met at just 12 years old while growing up in the Liverpool suburb of Croxteth before going official with their relationship four years later. 

Madonna's raunchy new music video is set to 'push boundaries and reclaim her throne' as the Queen of Pop.

Retains eight-weekly Extended Stable releases but warns fortnightly updates are the best way to stay safe

Google will halve the time between releases of its Chrome browser to two weeks, across versions of the software for desktop operating systems, Android, and iOS.…

It is a 'national scandal' that nearly half a million women are on hospital gynaecology waiting lists when treatments could be administered elsewhere, 'if only they could access them', report adds.

If you're looking for your next sunshine-filled break, but are keen to avoid the crowds of more popular tourist destinations, this could be the choice for you.

The crowd arrived at Clapham Common bandstand to commemorate Ms Everard's life as well as remember all the women and girls whose lives have been taken through violence.

Christopher Trybus, 43, also put a rope around his former wife Tarryn Baird's throat after becoming rough with her when he wanted sex, the jury was told.

Melanie, a 25-year-old clerical worker, was last seen sitting on a stool at the edge of the dancefloor at Cadillacs nightclub in Bath, Somerset, on June 9, 1996, at about 1.10am.