Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Upon installing the two spyware, they request extensive device permissions.

Spyware 98

Spyware Surveillance Mobile Malware 98

Security Affairs

NOVEMBER 11, 2022

The threat actors behind the campaigns used two Android spyware to spy on the victims and steal sensitive information. The investigation into the BadBazaar campaign started in late 2021 and is based on a tweet from @MalwareHunterTeam research team that was referencing a malicious English-Uyghur dictionary app. Pierluigi Paganini.

Surveillance 98

Surveillance Spyware Malware Mobile 98

SecureList

APRIL 27, 2021

This is our latest installment, focusing on activities that we observed during Q1 2021. In parallel, Volexity also reported the same Exchange zero-days being in use in early 2021. During routine monitoring of detections for FinFisher spyware tools, we discovered traces that point to recent FinFly Web deployments.

Malware 145

Malware Government Spyware Social Engineering 145

Security Affairs

JULY 7, 2024

CapraTube Remix | Transparent Tribe’s Android Spyware Targeting Gamers, Weapons Enthusiasts Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz Caught in the Net: Using Infostealer Logs to Unmask CSAM Consumers I am Goot (Loader) Exposing FakeBat loader: distribution methods and adversary infrastructure MerkSpy: (..)

Malware 120

Malware Spyware Cybercrime Ransomware 120

Security Affairs

DECEMBER 16, 2021

Tens of thousands of devices worldwide, including many industrial control systems (ICS), have been hit by the PseudoManuscrypt spyware. Kaspersky researchers reported that tens of thousands of devices belonging to industrial and government organizations worldwide have been hit by the PseudoManuscrypt spyware.

Spyware 139

Spyware Energy and Utilities Malware Engineering 139

Security Affairs

MARCH 8, 2025

Authorities recovered $31 Million Related to 2021 Uranium Finance cyber heist Serbian student activists phone hacked using Cellebrite zero-day exploit Qilin ransomware gang claimed responsibility for the Lee Enterprises attack Meta fired 20 employees for leaking information, more firings expected International Press Newsletter Cybercrime U.S.

Data breaches 68

Data breaches Hacking Artificial Intelligence Cybercrime 68

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware 98

Malware Banking Penetration Testing Healthcare 98

SecureList

NOVEMBER 23, 2021

For instance, we see a new trend emerging in the criminal ecosystem of spyware-based authentication data theft, with each individual attack being directed at a very small number of targets (from single digits to several dozen). Such attacks are likely to comprise an even larger portion of the threat landscape next year.

Spyware 138

Spyware Phishing Cybercrime Energy and Utilities 138

SecureList

JANUARY 19, 2022

Kaspersky ICS CERT has uncovered a number of spyware campaigns targeting industrial enterprises. The attackers use off-the-shelf spyware, but limit the scope and lifetime of each sample to the bare minimum. The attackers use off-the-shelf spyware, but limit the scope and lifetime of each sample to the bare minimum.

Spyware 105

Spyware Accountability VPN Malware 105

Security Affairs

JUNE 2, 2024

Ticketmaster confirms data breach impacting 560 million customers Critical Apache Log4j2 flaw still threatens global finance Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin ShinyHunters is selling data of 30 million Santander customers Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours LilacSquid APT (..)

Data breaches 124

Data breaches VPN Cloud Migration Malware 124

Security Affairs

APRIL 20, 2025

infrastructure International Press Newsletter Cybercrime Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks Threat actors misuse Node.js

Data breaches 61

Data breaches Malware Phishing Hacking 61

Security Affairs

FEBRUARY 28, 2021

Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com Experts warn of threat actors abusing Google Alerts to deliver unwanted programs FBI warns of the consequences of telephony denial-of-service (TDoS) attacks An attacker was able to siphon audio feeds from multiple Clubhouse rooms Georgetown County has yet to recover from a sophisticated (..)

Spyware 111

Spyware Backups Manufacturing Data breaches 111

SecureWorld News

AUGUST 25, 2022

Israeli spyware company NSO Group has experienced quite a bit of controversy in the last few years. Its spyware product, Pegasus, has been used by various criminals and nation states to target individuals of interest, such as activists, politicians, and business leaders. I don’t see any reason this will be different.".

Spyware 98

Spyware Government Marketing Surveillance 98

Security Affairs

NOVEMBER 28, 2021

If you want to also receive for free the newsletter with the international press subscribe here.

Spyware 100

Spyware Data breaches Cyber Attacks Ransomware 100

Malwarebytes

MAY 16, 2022

2021 saw a massive surge in detections of malware, adware, and Potentially Unwanted Programs (PUPs). Detections of malware on Windows business machines were 143% higher in 2021 than in 2020, and 65% higher on consumer machines. Windows malware detection totals 2019-2021. Mac malware, adware and PUP detection totals 2019-2021.

Malware 97

Malware Adware Cryptocurrency Cybercrime 97

Security Affairs

OCTOBER 2, 2021

“FluBot is an Android spyware that aims to steal financial login and password data from your device. link] — CERT NZ (@CERTNZ) September 30, 2021. Since March 2021, the malicious code was also employed in attacks aimed at several European countries as well as Japan.

Banking 145

Banking Malware Spyware Passwords 145

Security Affairs

MAY 17, 2022

Experts spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data. Trend Micro researchers spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data from infected devices.

Spyware 98

Spyware Cryptocurrency VPN Malware 98

SecureWorld News

JULY 11, 2022

The offer was emailed as a PDF document, and once it was downloaded, spyware infected the company's systems. This traces back to November 2021 when Sky Mavis requested help from the Axie DAO to distribute free transactions due to an immense user load. This was discontinued in December 2021, but the allowlist access was not revoked.

Social Engineering 97

Social Engineering Hacking Cryptocurrency Cybercrime 97

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence 129

Artificial Intelligence Hacking VPN Firewall 129

Security Affairs

JULY 19, 2022

The spyware is able to steal SMS messages, contact lists, and device information and to sign victims up for premium service subscriptions. The Facestealer spyware was first spotted on July 2021 by Dr. Web researchers, the development team behind the threat has frequently changed its code.

Malware 134

Malware Spyware Banking Mobile 134

Security Affairs

NOVEMBER 8, 2021

Update November 8, 2021. The Hive gang has been active since June 2021, it implements a Ransomware-as-a-Service model and employs a wide variety of tactics, techniques, and procedures (TTPs). The Hive ransomware adds the.hive extension to the filename of encrypted files.

Computers and Electronics 134

Computers and Electronics Ransomware Retail Spyware 134

Security Affairs

JUNE 11, 2023

Experts found new MOVEit Transfer SQL Injection flaws The University of Manchester suffered a cyber attack and suspects a data breach Russians charged with hacking Mt.

Social Engineering 98

Social Engineering Data breaches Ransomware Cybercrime 98

SecureList

MAY 27, 2022

In the second half of 2021, the most affected countries were France, Japan, India, China, Germany and South Korea. One of the things you can do to protect yourself from advanced mobile spyware is to reboot your device on a daily basis. Territories affected by Roaming Mantis activity ( download ). Other malware.

Phishing 134

Phishing Spyware Firmware Malware 134

Security Affairs

JULY 7, 2024

GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfill.io

Data breaches 121

Data breaches Hacking Banking Spyware 121

Security Affairs

JULY 24, 2022

ransom and sued its insurance firm for refusing to cover this payment Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever Google is going to remove App Permissions List from the Play Store Security Affairs newsletter Round 374 by Pierluigi Paganini APT groups target journalists and media organizations since 2021.

Spyware 108

Spyware Surveillance Malware Insurance 108

SecureWorld News

NOVEMBER 23, 2021

The steps we’re taking today will send a clear message: In a free society, it is unacceptable to weaponize powerful state-sponsored spyware against those who seek to make the world a better place.". November 23, 2021. That behavior by NSO Group, according to Citizen Lab and Apple, includes secret installation of Pegasus Spyware.

Spyware 96

Spyware Surveillance Engineering Software 96

Security Affairs

JUNE 25, 2023

Someone is sending mysterious smartwatches to the US Military personnel CISA orders govt agencies to fix recently disclosed flaws in Apple devices VMware fixed five memory corruption issues in vCenter Server Fortinet fixes critical FortiNAC RCE, install updates asap More than a million GitHub repositories potentially vulnerable to RepoJacking New Mirai (..)

DDOS 98

DDOS Cybercrime Spyware Malware 98

Security Affairs

APRIL 22, 2024

The list also includes criminals, suspected terrorists, intelligence operatives and a European spyware firm. LSEG acquired Refinitiv is 2021. Compromised data vary by individuals and organizations, it includes names, passport numbers, Social Security numbers, online crypto account identifiers and bank account numbers, and more.

Risk 139

Risk Spyware Hacking Accountability 139

Security Affairs

DECEMBER 5, 2021

Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, newsletter). Follow me on Twitter: @securityaffairs and Facebook.

Spyware 106

Spyware Ransomware Hacking VPN 106

Security Affairs

JULY 4, 2023

Neo_Net’s eCrime campaign was reportedly targeting clients of banks globally, with a focus on Spanish and Chilean banks, from June 2021 to April 2023. Furthermore, due to the simplicity of SMS spyware, it can be difficult to detect, as it only requires permission to send and view SMS messages.”

Banking 98

Banking Phishing Social Engineering Authentication 98

SecureList

NOVEMBER 1, 2022

We can confirm a Maui ransomware incident in 2022, but we would expand their “first seen” date from the reported May 2021 to April 15, 2021, and the geolocation of the target to Japan and India. At the beginning of 2021, Kaspersky published a private report about the A41APT campaign. Russian-speaking activity.

Malware 145

Malware Ransomware Spyware Encryption 145

Security Affairs

DECEMBER 3, 2022

Google fixed the ninth actively exploited Chrome zeroday this year A new Linux flaw can be chained with other two bugs to gain full root privileges Attack of drones: airborne cybersecurity nightmare Cuba Ransomware received over $60M in Ransom payments as of August 2022 Android Keyboard Apps with 2 Million downloads can remotely hack your device New (..)

Spyware 98

Spyware Data breaches VPN Hacking 98

Security Affairs

JANUARY 23, 2022

from the Lympo NTF platform.

VPN 111

VPN Ransomware Spyware Hacking 111

Security Affairs

AUGUST 29, 2021

Braun Infusomat pumps could be hacked to alter medication doses CISA publishes malware analysis reports on samples targeting Pulse Secure devices Cisco fixed a critical flaw in Cisco APIC for Nexus 9000 series switches Kaseya fixed two of the three Kaseya Unitrends zero-days found in July Personal Data and docs of Swiss town Rolle available on the (..)

Data breaches 108

Data breaches Spyware Hacking Ransomware 108

Security Affairs

FEBRUARY 13, 2022

Organizations are addressing zero-day vulnerabilities more quickly, says Google CISA, FBI, NSA warn of the increased globalized threat of ransomware Croatian phone carrier A1 Hrvatska discloses data breach FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities (..)

Ransomware 98

Ransomware Spyware Surveillance Hacking 98

The Last Watchdog

JULY 18, 2023

This has projected costs associated with cybercrimes to hit the tens of trillions by 2025, highlighting the vital need for web hosts to implement staunch security. consumers, ages 18 and over, was conducted by Propeller Insights on behalf of HostingAdvice in June of 2021. Gainesville, Fla.,

Hacking 100

Hacking DDOS Small Business Spyware 100

Security Affairs

AUGUST 27, 2021

Hive ransomware has been active since June 2021, it implements a Ransomware-as-a-Service model and employs a wide variety of tactics, techniques, and procedures (TTPs). In order to facilitate file encryption, the ransomware look for processes associated with backups, anti-virus/anti-spyware, and file copying and terminates them.

Ransomware 100

Ransomware Encryption Spyware Backups 100