Security Affairs

JUNE 24, 2022

Researchers from Google’s Threat Analysis Group (TAG) revealed that the Italian surveillance firm RCS Labs was helped by some Internet service providers (ISPs) in Italy and Kazakhstan to infect Android and iOS users with their spyware. SecurityAffairs – hacking, RCS Labs). Follow me on Twitter: @securityaffairs and Facebook.

Surveillance 135

Surveillance Mobile Spyware Telecommunications 135

Security Affairs

NOVEMBER 14, 2018

The Zero Day Initiative’s Pwn2Own Tokyo 2018 is a success, participants earned over $300,000 for disclosing flaws affecting iPhone X, Xiaomi Mi 6 and Samsung Galaxy S9 smartphones. During the first day of the Pwn2Own Tokyo 2018 contest, participants hacked Apple iPhone X, Samsung Galaxy S9 and Xiaomi Mi 6 devices earning more than $225,000.

Hacking 109

Hacking Advertising Surveillance IoT 109

Security Affairs

FEBRUARY 8, 2021

Iran-linked APT group Domestic Kitten, also tracked as APT-C-50, has been conducting widespread surveillance targeting over 1,000 individuals. Domestic Kitten , also tracked as APT-C-50, is an Iran-linked APT group that has been active at least since 2018. SecurityAffairs – hacking, Domestic Kitten). Pierluigi Paganini.

Surveillance 114

Surveillance Mobile Malware Cyber Attacks 114

Security Affairs

MARCH 13, 2025

North Korea-linked threat actor ScarCruft (aka APT37 , Reaper, and Group123) is behind a previously undetected Android surveillance tool namedKoSpythat was used to target Korean and English-speaking users. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon PierluigiPaganini ( SecurityAffairs hacking,ScarCruft) .

Spyware 77

Spyware Surveillance Encryption Malware 77

Schneier on Security

FEBRUARY 13, 2021

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. This is a follow on, with a lot more detail, to a story Bloomberg reported on in fall 2018. ”) Here’s me in 2018: Supply-chain security is an incredibly complex problem.

Surveillance 363

Surveillance Internet Internet Government 363

Krebs on Security

NOVEMBER 5, 2024

Bloomberg first reported Moucka’s alleged ties to the Snowflake hacks on Monday. On May 2, 2024, Judische claimed on the fraud-focused Telegram channel Star Chat that they had hacked Santander Bank , one of the first known Snowflake victims. Image: [link] On October 30, Canadian authorities arrested Alexander Moucka, a.k.a.

Cybercrime 280

Cybercrime Mobile Media Hacking 280

Security Affairs

NOVEMBER 9, 2018

Snowden warns of abuse of surveillance software that also had a role in the murder of the Saudi Arabian journalist Jamal Khashoggi. Officially the sale of surveillance software is limited to authorized governments to support investigation of agencies on criminal organizations and terrorist groups. COUNTRY NEXUS. Saudi Arabia.

Surveillance 111

Surveillance Spyware Software Advertising 111

Krebs on Security

MARCH 22, 2021

An ad for RedTorch’s “Cheetah” counter-surveillance tech. ” Frigg promises to include “elements that stems [sic] from major data hacks of known systems like Ashley Madison, LinkedIn, Dropbox, Fling.com, AdultFriendFinder and hundreds more. Last month, the U.S.

Surveillance 329

Surveillance Computers and Electronics Internet Internet 329

Security Affairs

AUGUST 30, 2019

A Russian security researcher has found that hardware wiretapping equipment composing Russia’s SORM surveillance system had been leaking user data. SORM is a mass surveillance system that allows the Government of Moscow to track online activities of single individuals thanks to the support of the Russian ISPs. Pierluigi Paganini.

Surveillance 105

Surveillance Firmware Advertising Mobile 105

Security Affairs

MAY 13, 2019

Yoroi Cyber Security Annual Report 2018 – In 2018 cyber-security experts observed an increased number of cyber attacks, malware endure to be the most aggressive and pervasive threat. Yoroi Cyber Security Annual Report 2018 analyzes the evolution of the threat landscape observed between January 2018 and December 2018.

Malware 108

Malware Advertising DNS Surveillance 108

Security Affairs

MARCH 2, 2024

Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Judge ordered the surveillance firm to hand over the source code for its Pegasus spyware and other products to the social network giant. from April 29, 2018, to May 10, 2020).

Spyware 143

Spyware Surveillance Software Architecture 143

Security Affairs

NOVEMBER 11, 2022

Lookout researchers discovered two long-running surveillance campaigns targeting the ethnic minority Uyghurs. Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. Bazar is a lesser known spelling of Bazaar.” ” reads the report published by Lookout.

Surveillance 98

Surveillance Spyware Malware Mobile 98

Security Affairs

APRIL 17, 2020

Syrian-linked APT group SEA recently used COVID-19-themed lures as part of a long-running surveillance campaign, security researchers warn. Syrian hackers are behind a long-running campaign that has been active since January 2018 and that targets Arabic-speaking Android users. SecurityAffairs – SEA, hacking).

Surveillance 129

Surveillance Telecommunications Mobile Advertising 129

Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Spyware 131

Spyware Government Surveillance Media 131

Krebs on Security

SEPTEMBER 30, 2024

In December 2018, a then 21-year-0ld Troy Woody Jr. ” Islam and Woody were both core members of UGNazi, a hacker collective that sprang up in 2012 and claimed credit for hacking and attacking a number of high-profile websites. . Iza’s complaint says he also harassed a man identified only as T.W., and refers to T.W.

Cryptocurrency 317

Cryptocurrency Government Internet Internet 317

Security Affairs

NOVEMBER 18, 2024

The General Data Protection Regulation ( GDPR ), enacted in 2018, has set a new standard for data privacy across the European Union (EU). government surveillance. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, GDPR ) What is GDPR and Why Does It Matter?

Data privacy 127

Data privacy Risk Surveillance Government 127

Krebs on Security

AUGUST 7, 2018

On July 18, 2018, Pasco County authorities arrested Ricky Joseph Handschumacher , an employee of the city of Port Richey, Fla, charging him with grand theft and money laundering. ” A SIM card is the tiny, removable chip in a mobile device that allows it to connect to the provider’s network. A WORRIED MOM. GRAND PLANS.

Mobile 251

Mobile Cryptocurrency Computers and Electronics Scams 251

Security Affairs

FEBRUARY 11, 2021

Since 2018, the hackers started targeting mobile users with an Android surveillance malware ChatSpy. “We are confident SunBird and Hornbill are two tools used by the same actor, perhaps for different surveillance purposes.” SecurityAffairs – hacking, Confucius). ” reads the report published by Lookout.

Spyware 143

Spyware Surveillance Malware Mobile 143

Security Affairs

AUGUST 1, 2018

An employee at Amnesty International has been targeted with Israeli surveillance malware, the news was revealed by the human rights group. Amnesty International revealed that one of its employees was targeted with a surveillance malware developed by an Israeli firm. com , pine-sales[.]com com , and ecommerce-ads[.]org.”

Surveillance 67

Surveillance Malware Spyware Mobile 67

Security Affairs

MAY 30, 2024

Researchers spotted a macOS version of the LightSpy surveillance framework that has been active in the wild since at least January 2024. ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants. The flaw resides in WebKit and impacts macOS version 10.13.3

Spyware 136

Spyware Malware Surveillance Mobile 136

Krebs on Security

AUGUST 16, 2018

Terpin alleges that crooks stole almost $24 million worth of cryptocurrency after fraudulently executing a “SIM swap” on his mobile phone account at AT&T in early 2018. According to Terpin, this was the second time in six months someone had hacked his AT&T number. On June 11, 2017, Terpin’s phone went dead.

Mobile 269

Mobile Cryptocurrency Accountability Authentication 269

Security Affairs

OCTOBER 30, 2019

WhatsApp sued Israeli surveillance firm NSO Group, accusing it of using a flaw in its messaging service to conduct cyberespionage on journalists and activists. WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. The lawsuit filed by WhatsApp in U.S.

Surveillance 75

Surveillance Technology Spyware Mobile 75

Security Affairs

MARCH 3, 2023

According to rumors, the Polish special services are using surveillance software to spy on government opponents. The news of the hack was reported by the Gazeta Wyborcza daily, and unfortunately, it isn’t the first time that the Pegasus spyware was used in the country.

Spyware 98

Spyware Surveillance Hacking Government 98

Krebs on Security

APRIL 4, 2019

In April 2018, KrebsOnSecurity heard from a Romanian person who claimed to have been working for Intacash. The last time I heard from that source was June 2018, just after a like-minded associate at Intacash was shot dead in his car. Marcu was shot and killed in June 2018, allegedly by Mr. Tudor and/or his associates.

Wireless 258

Wireless Media Surveillance Accountability 258

Security Affairs

FEBRUARY 24, 2021

Vietnam-linked APT32 group targeted Vietnamese human rights defenders (HRDs) between February 2018 and November 2020. “This unlawful surveillance violates the right to privacy and stifles freedom of expression.” SecurityAffairs – hacking, APT32). ” reads the post published by Amnesty International. .

Spyware 128

Spyware Government Surveillance Phishing 128

Security Affairs

DECEMBER 16, 2020

The campaign has been active since at least 2013, but the Goontact malware samples were first observed by Lookout in November 2018. SecurityAffairs – hacking, Goontact). ” conclude the experts. . ” conclude the experts. Pierluigi Paganini.

Spyware 143

Spyware Mobile Surveillance Malware 143

Security Affairs

MAY 2, 2023

Threat actors are attempting to exploit a five-year-old authentication bypass issue, tracked as CVE-2018-9995 (CVSS score of 9.8), in TBK DVR devices. The CVE-2018-9995 flaw is due to an error when handling a maliciously crafted HTTP cookie. At this time, the vendor has yet to release security patches to address the flaw.

Authentication 98

Authentication Retail Surveillance Education 98

Security Affairs

JANUARY 14, 2021

Security experts from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax , against Colombian government institutions and private companies. Malware researchers from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax , against Colombian entities exclusively. Pierluigi Paganini.

Malware 140

Malware Surveillance Phishing Government 140

Security Affairs

JUNE 22, 2020

In October 2019, security experts at Amnesty International’s Security Lab have uncovered targeted attacks against Moroccan human rights defenders Maati Monjib and Abdessadak El Bouchattaoui that employed NSO Group surveillance tools. reads the analysis published by Amnesty International in October.

Spyware 144

Spyware Surveillance Mobile Advertising 144

Security Affairs

OCTOBER 18, 2020

SecurityAffairs – hacking, newsletter). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. The post Security Affairs newsletter Round 286 appeared first on Security Affairs.

VPN 103

VPN Advertising Surveillance Ransomware 103

Security Affairs

SEPTEMBER 16, 2018

Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal. 20% discount. Kindle Edition. Paper Copy. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising 87

Advertising Firmware Surveillance Data breaches 87

Security Affairs

MARCH 4, 2024

How does the European Consumer Organisation view Meta’s data processing practices in relation to surveillance-based business models? This is the biggest fine since the adoption of the General Data Protection Regulation (GDPR) by the European Union (EU) on May 25, 2018.

Data collection 131

Data collection Surveillance Hacking Information Security 131

The Last Watchdog

JUNE 10, 2019

In July 2015, researchers at FireEye described how hackers successfully modified the firmware of certain types of Cisco routers , putting themselves in prime position to surveil the victim’s network and potentially move laterally to different machines. This is already happening in the wild on a rising curve.

Firmware 233

Firmware Cybersecurity Technology Engineering 233

Security Affairs

DECEMBER 29, 2018

A vulnerability in the Guardzilla home video surveillance system could be exploited by users to watch Guardzilla footage of other users. The Guardzilla All-In-One Video Security System is an indoor video surveillance solution. ” read a post published by 0dayallday.org. ” reads the analysis published by Rapid7.

Firmware 109

Firmware Surveillance IoT Passwords 109

Security Affairs

FEBRUARY 1, 2021

. “Three different malware families were spotted being distributed from tailored malicious updates to selected victims, with no sign of leveraging any financial gain, but rather surveillance-related capabilities.” SecurityAffairs – hacking, NoxPlayer). Pierluigi Paganini.

Malware 132

Malware Surveillance Mobile Hacking 132

Security Affairs

MARCH 5, 2019

The Iran-linked Chafer APT group used a new Python-based backdoor in attacks carried out in November 2018 that targeted a Turkish government entity. The Chafer APT group has distributed data stealer malware since at least mid-2014, it was focused on surveillance operations and the tracking of individuals. Pierluigi Paganini.

Malware 109

Malware Advertising Government Surveillance 109

The Last Watchdog

NOVEMBER 20, 2019

What does Chinese tech giant Huawei have in common with the precocious kid next door who knows how to hack his favorite video game? The latter knows how to carry out a DLL injection hack — to cheat the game score. percent from 2018. Any kid with the attention span to study and master a DLL hacking tutorial can do this.

Firmware 174

Firmware Hacking Software Surveillance 174