Security Affairs

AUGUST 30, 2023

The campaigns observed by the researchers are likely active since July 2020 and since July 2022, respectively. FlyGram can be used to extract basic device information, and sensitive data, such as contact lists, call logs, and the list of Google Accounts. org) and a Telegram alternative app (flygram[.]org).”

Spyware 132

Spyware Accountability Malware Hacking 132

Security Affairs

OCTOBER 11, 2021

A Togolese human rights advocate was hit by mobile spyware that has been allegedly developed by an Indian firm called Innefu Labs. Experts believe the attackers used a spyware developed by an Indian company called Innefu Labs. In the past, the Donot Team spyware was found in attacks outside of South Asia.

Spyware 102

Spyware Surveillance Accountability Mobile 102

Security Affairs

NOVEMBER 24, 2021

federal court for illegally targeting its customers with the surveillance spyware Pegasus. According to the lawsuit, NSO Group is accountable for hacking into Apple’s iOS-based devices using zero-click exploits. The complaint provides new information on how NSO Group infected victims’ devices with its Pegasus spyware.

Spyware 100

Spyware Surveillance Software Hacking 100

eSecurity Planet

JULY 21, 2021

Reports that the NSO Group’s Pegasus spyware was used by governments to spy on Apple iPhones used by journalists, activists, government officials and business executives is becoming a global controversy for NSO, Apple and a number of governments at the center of the scandal. Spyware is Evolving. Apple Under Fire.

Spyware 125

Spyware Mobile Government Surveillance 125

SecureWorld News

JULY 18, 2022

The controversial Pegasus spyware continues to stay in the news cycle, as a new report from the Citizen Lab details how the technology was used to target pro-democracy activists in Thailand. The increase in surveillance also means the use of Pegasus spyware. Pegasus spyware in Thailand.

Spyware 98

Spyware Surveillance Government Hacking 98

Security Affairs

JULY 12, 2020

The tech giant announced that the update will be effective starting from August 11, 2020. “In August 2020, the Google Ads Enabling Dishonest Behavior policy will be updated to clarify restrictions on advertising for spyware and surveillance technology.”reads ”reads the post published by Google.

Surveillance 141

Surveillance Spyware Advertising Marketing 141

Security Affairs

SEPTEMBER 16, 2024

Apple drops its lawsuit against commercial spyware vendor NSO Group, due to the risk of “threat intelligence” information exposure. Apple is seeking to drop its lawsuit against Israeli spyware company NSO Group , citing the risk of “threat intelligence” information exposure. ” reads the court filing.

Surveillance 118

Surveillance Spyware Risk Hacking 118

Malwarebytes

FEBRUARY 16, 2021

In short, in 2020, cyberthreats evolved. of all Mac detections in 2020—the rest can be attributed to Potentially Unwanted Programs (PUPs) and Adware ThiefQuest tricked many researchers into believing it was the first example of ransomware on macOS since 2017, but the malware was hiding its real activity of massive data exfiltration.

Malware 130

Malware Scams Spyware Healthcare 130

Security Affairs

JUNE 24, 2022

Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. The following image shows a landing page to trick Italian users into installing one of the following apps in order to recover their accounts. CVE-2020-9907 internally referred to as AveCesare.

Surveillance 134

Surveillance Mobile Spyware Telecommunications 134

Security Affairs

APRIL 9, 2020

Group-IB’s Computer Emergency Response Team ( CERT-GIB ) analyzed hundreds of coronavirus-related phishing emails between February 13 and April 1, 2020. Spyware turned out to be the most common malware class hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains. Source: CERT-GIB.

Phishing 141

Phishing Malware Spyware DDOS 141

CyberSecurity Insiders

JULY 11, 2022

Reacting to the news on the government spyware like NSO Group Pegasus and Android affecting Hermit malware, the Mobile Giant of Korea said that it offers a firm commitment to safeguarding the personal and sensitive information of its users.

Cyber Attacks 113

Cyber Attacks Spyware Mobile Accountability 113

Security Affairs

MAY 1, 2023

Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). The researchers are tracking the spyware since March 2020, starting in 2023, multiple security experts [ 1 , 2 ] started monitoring its activity.

Surveillance 98

Surveillance Malware Spyware Accountability 98

Security Affairs

APRIL 26, 2020

Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS [link]. Are Maze operators behind the attack on the IT services giant Cognizant? Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking 121

Hacking Advertising Spyware Antivirus 121

SiteLock

AUGUST 27, 2021

Data security is a problem for anyone who has an online account, whether it be for health services, banking, or social media. There will be an estimated 30 billion IoT networked devices by 2020. What Can You Do to Protect Your Networked Devices? The growing list of IoT network threats should put all of us on our guard. The Bottom Line.

IoT 98

IoT Spyware VPN Passwords 98

Malwarebytes

FEBRUARY 21, 2024

Note: this part dates back to 2020) The Android version can dump messages from all popular Chinese chatting apps QQ, WeChat, Telegram, and MoMo and is capable of elevating the system app for persistence against internal recovery. Targeted automatic penetration testing scenario framework.

Penetration Testing 143

Penetration Testing Spyware Media Government 143

Webroot

OCTOBER 25, 2021

Many third-party security solutions are designed to account for exactly this type of behavior. Even strong security can’t prevent an account from being hacked if account credentials are stolen in a phishing attack, one of the most common causes of identity theft. Web-borne malware remains widespread.

Identity Theft 131

Identity Theft Spyware Phishing Antivirus 131

SecureList

MAY 3, 2021

The link redirected them to a phishing page requesting their Microsoft account credentials. The link also required entering corporate account credentials. The potential victim received an email saying that their account had violated the social network’s terms of use. against Q4 2020 (47.78%). This is 0.71

Phishing 136

Phishing Banking Accountability Computers and Electronics 136

Security Affairs

JUNE 5, 2022

Anonymous: Operation Russia after 100 days of war GitLab addressed critical account take over via SCIM email change LuoYu APT delivers WinDealer malware via man-on-the-side attacks Clipminer Botnet already allowed operators to make at least $1.7 If you want to also receive for free the newsletter with the international press subscribe here.

Spyware 105

Spyware Firmware Ransomware Scams 105

SecureList

NOVEMBER 28, 2024

Epeius is a commercial spyware tool developed by an Italian company that claims to provide intelligence solutions to law enforcement agencies and governments. PhantomNet is a RAT first described by ESET in late 2020. Unlike previous campaigns, we did not observe the Golang SFX droppers this time.

Malware 118

Malware Government Software Spyware 118

Hot for Security

JUNE 14, 2021

A vulnerability in WhatsApp allegedly allows threat actors to install spyware onto iPhones. As shown in our 2020 Consumer Threat Landscape Report , the surge in popularity of video conferencing solutions during the pandemic opened an unlikely door for opportunistic threat actors. Weaponizing hype.

Mobile 132

Mobile Malware Media Spyware 132

Security Affairs

JULY 16, 2020

The malware targets 226 applications to steal account credentials, including Gmail, Google Play services, Uber, Amazon, Netflix and Outlook. The list of targeted apps includes cryptocurrency wallet applications (i.e. Coinbase, BitPay, and Coinbase), and banks (i.e. Santander, Barclays, Lloyds, ING, and Wells Fargo).

Malware 128

Malware Banking Mobile Advertising 128

Security Affairs

MARCH 4, 2023

stolen credit/debit cards Pegasus spyware used to spy on a Polish mayor Hundreds of thousands of websites hacked as part of redirection campaign MQsTTang, a new backdoor used by Mustang Panda APT against European entities Trusted Platform Module (TPM) 2.0 FiXS, a new ATM malware that is targeting Mexican banks BidenCash leaks 2.1M

Data breaches 98

Data breaches Ransomware Spyware Hacking 98

Hot for Security

JUNE 18, 2021

Agent Tesla’s popularity surged during the second half of 2020, with more than 46% of all global Agent Tesla reports occurring in Q4. The updated password-stealing capabilities and security-dodging techniques paired with the malware distribution-as-a-service business model have proven highly profitable.

Malware 105

Malware Phishing Spyware Software 105

Security Affairs

MAY 25, 2021

According to the experts, the Agrius group has been active since early 2020. Initial attacks targeted entities in the Middle East region, but since December 2020, Agrius extended its operations to Israeli targets. “Agrius uses those webshells to tunnel RDP traffic in order to leverage compromised accounts to move laterally.

Ransomware 131

Ransomware Malware VPN Hacking 131

SecureList

NOVEMBER 26, 2021

Number of attacks targeting users of Kaspersky mobile solutions, Q3 2020 — Q3 2021 ( download ). In Q3 2021, Kaspersky detected 676,190 malicious installation packages — 209,915 less than in the previous quarter and 445,128 less than in Q3 2020. Number of detected malicious installation packages, Q3 2020 — Q3 2021 ( download ).

Mobile 133

Mobile Adware Banking Malware 133

eSecurity Planet

AUGUST 11, 2021

McAfee recently published a report stating that mobile malware infections in the fourth quarter of 2020 surpassed 40 million after steadily climbing earlier in the year. Check Point published mobile security research showing that 46% of respondents experienced employees downloading at least one malicious app during 2020.

Mobile 104

Mobile Malware Adware Banking 104

Hacker's King

OCTOBER 3, 2024

WhatsApp Pegasus Spyware Attack (2019) One of the most famous zero-day exploits happened on WhatsApp in 2019. Hackers discovered a vulnerability in WhatsApp’s call feature, allowing them to install spyware on phones without the user’s knowledge. Even if the user didn’t answer the call, spyware called Pegasus was installed.

Media 52

Media Spyware Accountability Marketing 52

eSecurity Planet

SEPTEMBER 29, 2021

Recent research by Positive Technologies looked at the cyber threat landscape during Q2 2021 and found that ransomware attacks reached “stratospheric” levels, accounting for 69% of all malware attacks, a huge jump from 39% in Q2 2020. Detect compromised accounts, insider threats, and malware. Scan scheduling.

Ransomware 109

Ransomware VPN Backups Malware 109

SecureList

JUNE 7, 2021

In 2019, Gootkit stopped operating after it experienced a data leak , but has been active again since November 2020. The main body is a modular framework, containing registration, spyware, VMX detection and other modules. Its loader performs various virtual machine and sandbox checks and uses sophisticated persistence algorithms.

Malware 144

Malware Encryption Internet Internet 144

Security Affairs

MAY 8, 2020

H2 2019 has proved the tendency of past several years: mail remains the main method of delivering ransomware, spyware, backdoors and other malware, being used by cyber crooks in 94 percent of cases. They, in turn, let spyware and backdoors move ahead and become the second most popular malware with a 35-percent share.

Phishing 87

Phishing Spyware Banking Malware 87

Herjavec Group

AUGUST 26, 2021

They hack into their teacher’s account and leave messages making fun of him. Air Force research facility, discover a password “sniffer” has been installed onto their network, compromising more than 100 user accounts. banks using the Zeus Trojan virus to crack open bank accounts and divert money to Eastern Europe.

Cybercrime 135

Cybercrime Computers and Electronics Hacking Banking 135

SecureList

NOVEMBER 1, 2022

In June, we identified a previously unknown Android spyware app that targets Persian-speaking individuals. The spyware itself collects various data from the victims’ devices, such as call logs or lists of contacts. We discovered a previously unknown backdoor in active use since at least December 2020.

Malware 145

Malware Ransomware Spyware Encryption 145

SecureList

NOVEMBER 18, 2022

In late August 2020, we published an overview of DeathStalker and its activities, including the Janicab, Evilnum and PowerSing campaigns. Meanwhile, in August 2020, we also released a private report on VileRAT for our threat intelligence customers. Later that year, we documented the PowerPepper campaign.

Malware 122

Malware Computers and Electronics Adware Cryptocurrency 122

SecureList

AUGUST 15, 2022

Number of attacks targeting users of Kaspersky mobile solutions, Q1 2020 — Q2 2022 ( download ). Yemen rose to second place with 17.97%; the Trojan-Spy.AndroidOS.Agent.aas spyware was the threat most often encountered by users in that country. accounted for 89.95% of attacks on Spanish users. Trojan-Banker.AndroidOS.Bian.h

Mobile 141

Mobile Adware Banking Malware 141

Google Security

JULY 27, 2023

Maddie Stone, Security Researcher, Threat Analysis Group (TAG) This is Google’s fourth annual year-in-review of 0-days exploited in-the-wild [ 2021 , 2020 , 2019 ] and builds off of the mid-year 2022 review. More than 20% are variants of previous in-the-wild 0-days from 2021 and 2020. Bug collisions are high.

Spyware 94

Spyware Manufacturing Internet Internet 94

Hot for Security

JUNE 18, 2021

Agent Tesla’s popularity surged during the second half of 2020, with more than 46% of all global Agent Tesla reports occurring in Q4. The updated password-stealing capabilities and security-dodging techniques paired with the malware distribution-as-a-service business model have proven highly profitable.

Malware 52

Malware Phishing Spyware Software 52

SecureList

NOVEMBER 22, 2022

Unlike common stealers, this malware gathered data that can be used to identify the victims, such as browsing histories, social networking account IDs and Wi-Fi networks. This behavior was easy to identify because there was a boom in the Intel and AMD mobile graphic cards market in 2020-2021 compared to previous years.

Cryptocurrency 106

Cryptocurrency Mobile Ransomware Banking 106