#AitM – Xynik

China-backed Hackers Hijack Software Updates to Implant “NSPX30” Spyware

January 25, 2024 by Xynik

January 25, 2024 at 05:22AM A new China-aligned threat actor, tracked by ESET under the name Blackwood, has been linked to AitM attacks deploying the sophisticated NSPX30 implant via software update mechanisms. This multistage implant allows for packet interception, network information harvesting, and bypassing of anti-malware solutions. Information suggests a network implant is being deployed … Read more

New BLUFFS Bluetooth Attack Expose Devices to Adversary-in-the-Middle Attacks

December 4, 2023 by Xynik

December 4, 2023 at 08:36AM New BLUFFS vulnerabilities, detailed in CVE-2023-24023 with a 6.8 CVSS score, compromise Bluetooth Classic’s forward and future secrecy by enabling adversaries to impersonate devices and intercept communications between paired devices. Researchers suggest mitigation by using secure connection modes and sufficient key entropy. Key Takeaways from the Meeting on Bluetooth Vulnerability … Read more