Source: Costin Raiu, Secure List
Two days ago we intercepted a new APT campaign using a new MacOS X backdoor variant targeted at Uyghur activists.
Posts tagged “Tibet”
Source: Luke Allnutt, Radio Free Europe
Individuals active in the pro-Tibetan human rights community have been targeted by malware embedded in a European Parliament document.
Source: Neal Ungerleider, Fast Company
Syrian and Tibetan activists have recently been the targets of sophisticated cyberattacks in spoofed emails and Skype messages.
The Citizen Lab analyzes a recent targeted malware attack against the Tibetan community spoofing the June 14, 2012 resolution of the European Parliament (EP) on the human rights situation in Tibet. While such repurposing of authentic content for use as a malware delivery mechanism is not unusual, this incident raises serious questions surrounding the use of legitimate political resources for illegitimate ends.
Source: Dennis Fisher, Threatpost
After looking at recent examples of malware signed with stolen certificates, researchers at Norman ASA, a security firm in Norway, noticed that there was an odd string in one specific optional field included in the stolen certificates.
Source: Alien Vault
A couple of days ago, Adobe issued a security update for Adobe Flash Player that has been detected in the wild targeting specific objectives.
A breach of computers belonging to companies in Japan and India and to Tibetan activists has been linked to a former graduate student at a Chinese university — putting a face on the persistent espionage by Chinese hackers against foreign companies and groups.
Source: Jason Burke, The Guardian
A Tibetan exile who set himself on fire in Delhi earlier this week has died, as Indian police and paramilitaries launch a security crackdown to prevent further protests or self-immolations during the visit of the Chinese premier, Hu Jintao.
Over the last week, supporters of Tibet, and the merely curious, have seen information warfare up close.
A new Mac backdoor exploiting CVE-2011-3544 (a Java vulnerability) is being reported. The backdoor appears to be connected to GhostNet. The malware is being used in targeted attacks against non-governmental organizations (NGO).