CyberSecurity Insiders

JULY 19, 2021

As the media around the world is busy speculating about the targets related to Pegasus Mobile Spying malware, Apple Inc, the American company that is into the production of iPhones has issued a press statement that its engineers are working on a fix to protect the users from becoming victims to the said spying Israeli malware.

Spyware 145

Spyware Mobile Media Malware 145

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme.

Malware 226

Malware Advertising Marketing System Administration 226

CyberSecurity Insiders

NOVEMBER 4, 2021

NSO Group that is struck in a legal controversy for producing Pegasus Spyware has received a ban from United States and has been added to the US Trade Blacklist. So, from now on the company cannot buy any goods, services or licenses from the American companies and cannot sell its spyware on the American soil.

Spyware 141

Spyware Government Software Marketing 141

Krebs on Security

MAY 30, 2019

In March 2019, the Canadian Radio-television and Telecommunications Commission (CRTC) — Canada’s equivalent of the U.S. Section 8 involves the surreptitious installation of computer programs on computers or networks including malware and spyware.

Computers and Electronics 233

Computers and Electronics Malware Software Telecommunications 233

Security Affairs

APRIL 25, 2020

Facebook advocates have challenged a plea from spyware maker NSO Group to dismiss the legal dispute over the hacking accusations, arguing it has immunity from prosecution. The surveillance implant used by the NSO group used an exploit for a vulnerability, tracked as CVE-2019-3568 , in the WhatsApp VoIP feature. Pierluigi Paganini.

Spyware 133

Spyware Surveillance Advertising Mobile 133

Malwarebytes

JUNE 29, 2022

Google’s Threat Analysis Group (TAG) has revealed a sophisticated spyware activity involving ISPs (internet service providers) aiding in downloading powerful commercial spyware onto users’ mobile devices. The spyware, dubbed Hermit, is reported to have government clients much like Pegasus.

Spyware 113

Spyware Government Social Engineering Mobile 113

eSecurity Planet

SEPTEMBER 14, 2021

Apple continues to be haunted by spyware developed by an Israeli security firm that hostile governments used to hack into Apple devices to spy on journalists, activists and world leaders (see Apple Security Under Scrutiny Amid Fallout from NSO Spyware Scandal ). operating system was being exploited by the invasive Pegasus spyware.

Spyware 120

Spyware Mobile Engineering Government 120

Security Affairs

JUNE 17, 2022

Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country.

Spyware 106

Spyware Surveillance Telecommunications Mobile 106

Security Affairs

OCTOBER 19, 2020

Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. Researchers from Kaspersky Lab have spotted new variants of the GravityRAT malware that now can be also used to infect Android and macOS devices.

Malware 138

Malware Computers and Electronics Spyware Advertising 138

Security Affairs

FEBRUARY 22, 2020

The infamous Joker malware has found a way to bypass the security checks to be published in the official Play Store, new clicker was found by experts. The spyware is able to steal SMS messages, contact lists, and device information and to sign victims up for premium service subscriptions. wpaper com. vailsmsplus.

Malware 145

Malware Spyware Advertising Mobile 145

Security Affairs

MARCH 5, 2020

China-linked cyber espionage groups increasingly targeted organizations in the telecommunications industry in 2019. “Analysis in 2019 revealed a focus by Chinese adversaries on the telecommunications sector, which could support both signals intelligence and further upstream targeting. ” reads the report. .

Telecommunications 133

Telecommunications Advertising Mobile Government 133

Security Affairs

APRIL 9, 2020

Group-IB’s CERT-GIB analyzed hundreds of coronavirus -related phishing emails and discovered top malware strains in COVID-19 campaigns. Spyware turned out to be the most common malware class hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains. Source: CERT-GIB. Source: CERT-GIB.

Phishing 142

Phishing Malware Spyware DDOS 142

Security Affairs

APRIL 11, 2021

More than 500,000 Huawei users have been infected with the Joker malware after downloading apps from the company’s official Android store. More than 500,000 Huawei users were infected with the Joker malware after they have downloaded tainted apps from the company’s official Android store. ” reads the post published by Dr. Web.

Malware 145

Malware Spyware Mobile Antivirus 145

Security Affairs

OCTOBER 11, 2021

A Togolese human rights advocate was hit by mobile spyware that has been allegedly developed by an Indian firm called Innefu Labs. Experts believe the attackers used a spyware developed by an Indian company called Innefu Labs. In the past, the Donot Team spyware was found in attacks outside of South Asia. Pierluigi Paganini.

Spyware 102

Spyware Surveillance Accountability Mobile 102

Security Affairs

JULY 16, 2021

The Joker malware is back, experts spotted multiple malicious apps on the official Google Play store that were able to evade scanners. The spyware is able to steal SMS messages, contact lists, and device information and to sign victims up for premium service subscriptions. ” states a post published by the experts.

Malware 145

Malware Mobile Spyware Encryption 145

Security Affairs

APRIL 19, 2022

Researchers from Citizen Lab have published a report detailing the use of a new zero-click iMessage exploit, dubbed HOMAGE, to install the NSO Group Pegasus spyware on iPhones belonging to Catalan politicians, journalists, academics, and activists. To nominate, please visit:? Follow me on Twitter: @securityaffairs and Facebook.

Spyware 108

Spyware Surveillance Government Software 108

Security Affairs

JULY 11, 2019

Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices. Experts at Kaspersky have discovered a new improved variant of the FinFisher spyware used to spy on both iOS and Android users in 20 countries. Pierluigi Paganini.

Spyware 111

Spyware Advertising Mobile Architecture 111

Security Affairs

MAY 29, 2023

Cisco Talos and the Citizen Lab researchers have published a technical analysis of the powerful Android spyware Predator. Security researchers at Cisco Talos and the Citizen Lab have shared technical details about a commercial Android spyware named Predator that is sold by the surveillance firm Intellexa (formerly known as Cytrox).

Spyware 98

Spyware Surveillance Media Malware 98

Security Affairs

MARCH 3, 2023

The phone of an opposition-linked Polish mayor was infected with the powerful Pegasus spyware, local media reported. Reuters reported that the phone of an opposition-linked Polish mayor was infected with the Pegasus spyware. According to rumors, the Polish special services are using surveillance software to spy on government opponents.

Spyware 98

Spyware Surveillance Hacking Government 98

Security Affairs

AUGUST 22, 2019

The popular malware researcher Lukas Stefanko from ESET discovered that a malicious spyware, built on the AhMyth open-source espionage tool, was uploaded on Google Play twice over two weeks, bypassing Google security checks. The researchers first discovered the app on Google Play on July 2, 2019, then it was removed within 24 hours.

Spyware 103

Spyware Advertising Malware Mobile 103

Security Affairs

MARCH 13, 2019

One of the zero-day flaws ( CVE-2019-0797 ) patched this week by Microsoft has been exploited in targeted attacks by several threats groups, including FruityArmor and SandCat APT groups. “In addition to CVE-2019-0797 and CHAINSHOT , SandCat also uses the FinFisher /FinSpy framework.” Pierluigi Paganini.

Advertising 111

Advertising Spyware Hacking Government 111

SecureList

MARCH 1, 2021

The word “covid” in various combinations was typically used in the names of packages hiding spyware and banking Trojans, adware or Trojan droppers. The mobile malware Trojan-Ransom.AndroidOS.Agent.aq Number of attacks on mobile users in 2019 and 2020 ( download ). apk , tousanticovid.apk , covidMappia_v1.0.3.apk

Mobile 145

Mobile Malware Adware Banking 145

Security Affairs

JUNE 21, 2020

Shlayer Mac malware is back, the Mac threat is now spreading through new black SEO operations. Researchers spotted a new version of the Shlayer Mac malware that is spreading via poisoned Google search results. The malware can be used to download other malicious payloads, including malware or adware. up to 10.14.3.

Engineering 145

Engineering Malware Adware Antivirus 145

Security Affairs

NOVEMBER 11, 2022

The threat actors behind the campaigns used two Android spyware to spy on the victims and steal sensitive information. The campaigns involved a new piece of malware called BadBazaar and new variants of the MOONSHINE surveillance software discovered by Citizen Lab in 2019 and employed in attacks against Tibetan activists. .

Surveillance 98

Surveillance Spyware Malware Mobile 98

The Last Watchdog

MAY 8, 2019

And earlier this year, three popular “ selfie beauty apps ”– Pro Selfie Beauty Camera, Selfie Beauty Camera Pro and Pretty Beauty Camera 2019 – accessible in Google Play Store were revealed to actually be tools to spread adware and spyware. Adware are unwanted ads that redirect you to sketchy webpages, and spyware collects your data.

Adware 176

Adware Mobile Spyware Banking 176

Security Affairs

JULY 16, 2020

Researchers spotted a new Android banking trojan dubbed BlackRock malware that steals credentials and credit card data from hundreds of apps. The BlackRock malware borrows the code from the Xerxes banking malware, which is a strain of the popular LokiBot Android trojan.

Malware 130

Malware Banking Mobile Advertising 130

Security Affairs

JULY 9, 2020

Check Point research discovered that the Joker (aka Bread) Android malware once again has bypassed protections implemented by Google for its Play Store. “Check Point’s researchers recently discovered a new variant of the Joker Dropper and Premium Dialer spyware in Google Play. . Pierluigi Paganini.

Malware 114

Malware Spyware Advertising Mobile 114

Malwarebytes

MAY 16, 2022

2021 saw a massive surge in detections of malware, adware, and Potentially Unwanted Programs (PUPs). Detections of malware on Windows business machines were 143% higher in 2021 than in 2020, and 65% higher on consumer machines. Windows malware detection totals 2019-2021.

Malware 97

Malware Adware Cryptocurrency Cybercrime 97

Threatpost

APRIL 8, 2019

The surveillance tool was signed with legitimate Apple developer certificates.

Spyware 83

Spyware Surveillance Mobile Malware 83

Security Affairs

OCTOBER 5, 2020

A China-linked threat actor used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea. Researchers from Kaspersky have spotted a UEFI malware that was involved in attacks on organizations with an interest in North Korea.

Firmware 145

Firmware Spyware Surveillance Hacking 145

Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. The binaries are obfuscated and do some checks to detect if the spyware is running in a Virtual Machine. ” reads the Amnesty’s report.

Spyware 145

Spyware Surveillance Advertising Mobile 145

Security Affairs

APRIL 20, 2025

infrastructure International Press Newsletter Cybercrime Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks Threat actors misuse Node.js infrastructure International Press Newsletter Cybercrime Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks Threat actors misuse Node.js

Data breaches 61

Data breaches Malware Phishing Hacking 61

Security Affairs

SEPTEMBER 18, 2020

Ransomware , the headliner of the previous half-year, walked off stage: only 1 percent of emails analyzed by Group-IB’s Computer Emergency Response Team (CERT-GIB) contained this kind of malware. Another 17 percent contained downloaders, while backdoors and banking Trojans came third with a 16- and 15-percent shares, respectively.

Phishing 136

Phishing Ransomware Spyware Banking 136

SecureList

SEPTEMBER 9, 2021

which continued a downward trend that began in H2 2019. Regions ranked by percentage of ICS comuters on which malware was blocked when removable media was connected in H1 2021 ( download ). Regions ranked by percentage of ICS comuters on which malware was blocked when removable media was connected in H1 2021 ( download ).

Spyware 137

Spyware Media Internet Internet 137

Security Affairs

APRIL 5, 2019

A few days ago, the researchers of ZLab Yoroi-Cybaze dissected another attack wave of the infamous Ursnif malware, also known as Gozi ISFB , an offspring of the original Gozi which source code was leaked in 2014. Ursnif/Gozi is active from over a decade and was one of the most active malware listed in 2017 and 2018.

Banking 109

Banking Malware Cryptocurrency Advertising 109

Security Affairs

APRIL 21, 2020

Hackers launched spear-phishing attacks against organizations in the oil and gas industry sector spreading the Agent Tesla info-stealer malware. The attacks aim at infecting victims with the infamous Agent Tesla info-stealer malware. To do this, the spyware creates different threads and timer functions in the main function.

Spyware 136

Spyware Manufacturing Malware Engineering 136

Security Affairs

JUNE 24, 2022

Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. CVE-2019-8605 internally referred to as SockPort2 and publicly known as SockPuppet CVE-2020-3837 internally referred to and publicly known as TimeWaste. Pierluigi Paganini.

Surveillance 136

Surveillance Mobile Spyware Telecommunications 136