<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>kaspersky &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/kaspersky/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Fri, 07 Feb 2025 15:26:11 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>Screenshot-Reading Malware</title>
		<link>https://noise.getoto.net/2025/02/07/screenshot-reading-malware/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 07 Feb 2025 15:26:11 +0000</pubDate>
				<category><![CDATA[kaspersky]]></category>
		<category><![CDATA[Malware]]></category>
		<category><![CDATA[smartphones]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69888</guid>

					<description><![CDATA[Kaspersky is reporting on a new type of smartphone malware.
The malware in question uses optical character recognition (OCR) to review a device&#8217;s photo library, seeking screenshots of recovery phrases for crypto wallets. Based on their assessment...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>2017 ODNI Memo on Kaspersky Labs</title>
		<link>https://noise.getoto.net/2024/07/23/2017-odni-memo-on-kaspersky-labs/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 23 Jul 2024 11:08:40 +0000</pubDate>
				<category><![CDATA[foia]]></category>
		<category><![CDATA[kaspersky]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69186</guid>

					<description><![CDATA[It&#8217;s heavily redacted, but still interesting.
Many more ODNI documents here.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>New iPhone Exploit Uses Four Zero-Days</title>
		<link>https://noise.getoto.net/2024/01/04/new-iphone-exploit-uses-four-zero-days/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 04 Jan 2024 12:11:49 +0000</pubDate>
				<category><![CDATA[backdoors]]></category>
		<category><![CDATA[exploits]]></category>
		<category><![CDATA[iPhone]]></category>
		<category><![CDATA[kaspersky]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[zero day]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=68259</guid>

					<description><![CDATA[<p>Kaspersky researchers <a href="https://arstechnica.com/security/2023/12/exploit-used-in-mass-iphone-infection-campaign-targeted-secret-hardware-feature/#p3">are detailing</a> “an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow-based security firm Kaspersky.” It’s a zero-click exploit that makes use of four iPhone zero-days.</p>
<blockquote><p>The most intriguing new detail is the targeting of the heretofore-unknown hardware feature, which proved to be pivotal to the Operation Triangulation campaign. A zero-day in the feature allowed the attackers to bypass advanced <a href="https://support.apple.com/guide/security/operating-system-integrity-sec8b776536b/web">hardware-based memory protections</a> designed to safeguard device system integrity even after an attacker gained the ability to tamper with memory of the underlying kernel. On most other platforms, once attackers successfully exploit a kernel vulnerability they have full control of the compromised system...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>New UFEI Rootkit</title>
		<link>https://noise.getoto.net/2022/07/28/new-ufei-rootkit/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 28 Jul 2022 11:16:52 +0000</pubDate>
				<category><![CDATA[implants]]></category>
		<category><![CDATA[kaspersky]]></category>
		<category><![CDATA[Malware]]></category>
		<category><![CDATA[reports]]></category>
		<category><![CDATA[rootkits]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=65704</guid>

					<description><![CDATA[<p>Kaspersky is <a href="https://securelist.com/cosmicstrand-uefi-firmware-rootkit/106973/">reporting</a> on a new UFEI rootkit that survives reinstalling the operating system and replacing the hard drive. From an <a href="https://arstechnica.com/information-technology/2022/07/researchers-unpack-unkillable-uefi-rootkit-that-survives-os-reinstalls/">article</a>:</p>
<blockquote><p>The firmware compromises the UEFI, the low-level and highly opaque chain of firmware required to boot up nearly every modern computer. As the software that bridges a PC’s device firmware with its operating system, the UEFI—short for Unified Extensible Firmware Interface—is an OS in its own right. It’s located in an SPI-connected flash storage chip soldered onto the computer motherboard, making it difficult to inspect or patch the code. Because it’s the first thing to run when a computer is turned on, it influences the OS, security apps, and all other software that follows. ...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 27/100 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-09 20:00:03 by W3 Total Cache
-->