The LightSpy surveillance framework, originally aimed at messaging applications, has improved operational capabilities to infiltrate and extract data from social media databases across Android, iOS, Windows, macOS, and Linux. The malware targets Facebook and Instagram databases, enabling the extraction of private messages, contact lists, and profile metadata, and has a range of cross-platform directives and command capabilities. The malware has transformed into a significant and persistent threat necessitating behavioural rather than static indicators, requiring enhanced detection measures.
Silent Killers Exploit Windows Policy Loophole to Evade Detections and Deploy Malware
Researchers discovered a cybersecurity campaign exploiting a loophole in a Windows policy to deploy malware undetected. The attack uses an old driver, Truesight.sys (version 2.0.2),
