Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Spyware 132

Spyware Government Surveillance Media 132

CyberSecurity Insiders

SEPTEMBER 13, 2021

Apple Inc has proudly announced that it has issued a fix to the famous Pegasus Spyware vulnerability existing on iPhones that could lead remote hackers to take control of the device to conduct espionage. The post Apple Inc issues fix to Pegasus Spyware vulnerability in iPhones appeared first on Cybersecurity Insiders.

Spyware 139

Spyware Manufacturing Engineering Malware 139

SecureList

SEPTEMBER 9, 2021

The H1 2021 ICS threat report at a glance. During the first half of 2021 (H1 2021), the percentage of attacked ICS computers was 8% , which was 0.4 Top 15 countries and territories with the largest percentages of ICS computers on which malicious objects were blocked in H1 2021 ( download ). percentage points (p.p.)

Spyware 137

Spyware Media Internet Internet 137

Malwarebytes

JUNE 29, 2022

Google’s Threat Analysis Group (TAG) has revealed a sophisticated spyware activity involving ISPs (internet service providers) aiding in downloading powerful commercial spyware onto users’ mobile devices. The spyware, dubbed Hermit, is reported to have government clients much like Pegasus.

Spyware 113

Spyware Government Social Engineering Mobile 113

SecureList

MARCH 3, 2022

2021 is the second year we have spent living and working in the pandemic. By 2021 everyone got used to pandemic limitations – industrial organization employees and IT security professionals and threat actors. If we compare the numbers from 2020 and 2021, we see that 2021 looks more stable, particularly in H2.

Spyware 131

Spyware Ransomware Cryptocurrency Phishing 131

SecureList

NOVEMBER 30, 2021

Possibly the biggest story of 2021, an investigation by the Guardian and 16 other media organizations, published in July, suggested that over 30,000 human rights activists, journalists and lawyers across the world may have been targeted using Pegasus. Currently, several methods can be used for detection of Pegasus and other mobile malware.

Malware 140

Malware Mobile Spyware Surveillance 140

SecureList

DECEMBER 16, 2021

In June 2021, Kaspersky ICS CERT experts identified malware whose loader has some similarities to the Manuscrypt malware, which is part of the Lazarus APT group’s arsenal. We dubbed the newly-identified malware PseudoManuscrypt. According to our telemetry, at least 7.2%

Spyware 136

Spyware Energy and Utilities Malware VPN 136

Security Affairs

JULY 7, 2024

Today marks the launch of the Security Affairs newsletter, specializing in Malware. Each week, it will feature a collection of the best articles and research on malware. This newsletter complements the weekly one you already receive.

Malware 120

Malware Spyware Cybercrime Ransomware 120

Security Affairs

NOVEMBER 30, 2022

Google’s Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. While tracking the activities of commercial spyware vendors, Threat Analysis Group (TAG) spotted an exploitation framework likely linked Variston IT, a Spanish firm. ” TAG concludes.

Spyware 110

Spyware Surveillance Risk Internet 110

eSecurity Planet

SEPTEMBER 14, 2021

Apple continues to be haunted by spyware developed by an Israeli security firm that hostile governments used to hack into Apple devices to spy on journalists, activists and world leaders (see Apple Security Under Scrutiny Amid Fallout from NSO Spyware Scandal ). operating system was being exploited by the invasive Pegasus spyware.

Spyware 120

Spyware Mobile Engineering Government 120

Security Affairs

SEPTEMBER 22, 2023

Citizen Lab and Google’s TAG revealed that the three recently patched Apple zero-days were used to install Cytrox Predator spyware. citizenlab in coordination with @Google ’s TAG team found that former Egyptian MP Ahmed Eltantawy was targeted with Cytrox’s #Predator #spyware through links sent via SMS and WhatsApp.

Spyware 129

Spyware Surveillance Mobile Hacking 129

Security Affairs

AUGUST 30, 2023

The malware distributed by the nation-state actors is Android BadBazaar , which has been previously employed in attacks aimed at Uyghurs and other Turkic ethnic minorities. Google removed FlyGram from Google Play after January 6, 2021. org) and a Telegram alternative app (flygram[.]org).”

Spyware 134

Spyware Accountability Malware Hacking 134

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware 98

Malware Banking Penetration Testing Healthcare 98

Security Affairs

JANUARY 28, 2022

Finland Ministry for Foreign Affairs revealed that devices of Finnish diplomats have been infected with NSO Group’s Pegasus spyware. Finland’s Ministry for Foreign Affairs revealed that the devices of some Finnish diplomats have been compromised with the infamous NSO Group’s Pegasus spyware. Pierluigi Paganini.

Spyware 98

Spyware Surveillance Mobile Risk 98

Security Affairs

APRIL 11, 2024

Apple is warning iPhone users in over 90 countries of targeted mercenary spyware attacks, Reuters agency reported. Apple is alerting iPhone users in 92 countries about mercenary spyware attacks, reported Reuters. Reuters only mentioned India as one of the countries where users were targeted by the attacks.

Spyware 133

Spyware Mobile Hacking Government 133

SecureList

JUNE 21, 2023

Over the years, there have been multiple cases when iOS devices were infected with targeted spyware such as Pegasus, Predator, Reign and others. Due to this granularity, discovering one exploit in the chain often does not result in retrieving the rest of the chain and obtaining the final spyware payload.

Spyware 145

Spyware Encryption Passwords Backups 145

Security Affairs

APRIL 11, 2021

More than 500,000 Huawei users have been infected with the Joker malware after downloading apps from the company’s official Android store. More than 500,000 Huawei users were infected with the Joker malware after they have downloaded tainted apps from the company’s official Android store. ” reads the post published by Dr. Web.

Malware 145

Malware Spyware Mobile Antivirus 145

Security Affairs

MAY 29, 2023

Cisco Talos and the Citizen Lab researchers have published a technical analysis of the powerful Android spyware Predator. Security researchers at Cisco Talos and the Citizen Lab have shared technical details about a commercial Android spyware named Predator that is sold by the surveillance firm Intellexa (formerly known as Cytrox).

Spyware 98

Spyware Surveillance Media Malware 98

Security Affairs

JULY 21, 2021

Check Point Research (CPR) experts have spotted a cheap malware, dubbed XLoader variant, which was upgraded to target both Windows and macOS PCs. XLoader is a very cheap malware strain that is based on the popular Formbook Windows malware. Thus, a “Malware-as-a-Service” scheme is used. ” continues the report.

Spyware 114

Spyware Malware Cybercrime Advertising 114

The Hacker News

APRIL 10, 2024

An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, with malware distributed via dedicated websites and Google Play Store. It's tracking the group behind the operation under the

Spyware 139

Spyware Malware Cybersecurity 139

Schneier on Security

SEPTEMBER 14, 2023

Google removed it from Play in 2021. The FlyGram malware was also shared in a Uyghur Telegram group, further aligning it to previous targeting by the BadBazaar malware family. It was also available in the Samsung app store and on signalplus[.]org, org, a dedicated website mimicking the official Signal.org.

Malware 342

Malware Accountability Hacking Spyware 342

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Upon installing the two spyware, they request extensive device permissions.

Spyware 98

Spyware Surveillance Mobile Malware 98

SecureList

NOVEMBER 26, 2021

IT threat evolution Q3 2021. IT threat evolution in Q3 2021. IT threat evolution in Q3 2021. According to Kaspersky Security Network, in Q3 2021: 9,599,519 malware, adware and riskware attacks on mobile devices were prevented. Number of detected malicious installation packages, Q3 2020 — Q3 2021 ( download ).

Mobile 134

Mobile Adware Banking Malware 134

SecureWorld News

JUNE 27, 2022

The commercial spyware industry is alive and thriving, according to a report released last week by Google's Threat Analysis Group (TAG). The report specifically details an Italian vendor, RCS Labs, and its "Hermit" surveillance malware (aka spyware) used on mobile phones. RELATED: Spyware Pariah: NSO Group Placed on U.S.

Spyware 96

Spyware Surveillance Mobile Government 96

Security Affairs

AUGUST 24, 2021

Citizen Lab uncovered a new zero-click iMessage exploit that was used to deploy the NSO Group’s Pegasus spyware on devices belonging to Bahraini activists. Researchers from Citizen Lab spotted a zero-click iMessage exploit that was used to deploy NSO Group’s Pegasus spyware on Bahraini activists’ devices.

Spyware 98

Spyware Surveillance Hacking Mobile 98

Security Affairs

APRIL 12, 2023

At least five members of civil society worldwide have been targeted with spyware and exploits developed by surveillance firm QuaDream. Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. and 14.4.2,

Spyware 98

Spyware Surveillance Malware Government 98

SecureList

NOVEMBER 28, 2024

Chinese-speaking activity In July 2021, we detected a campaign called ExCone targeting government entities in Russia. We also found Cobalt Strike beacons and several traces tying this actor to the ShadowPad malware and UNC2643 activity, which is in turn associated with the HAFNIUM threat actor.

Malware 119

Malware Government Software Spyware 119

Security Affairs

JANUARY 21, 2022

Researchers spotted several spyware campaigns targeting industrial enterprises to steal credentials and conduct financial fraud. Researchers from Kaspersky Lab have uncovered multiple spyware campaigns that target industrial firms to steal email account credentials and carry out fraudulent activities. ” concludes the report.

Spyware 98

Spyware Accountability Social Engineering Phishing 98

Security Affairs

MARCH 3, 2023

The phone of an opposition-linked Polish mayor was infected with the powerful Pegasus spyware, local media reported. Reuters reported that the phone of an opposition-linked Polish mayor was infected with the Pegasus spyware. According to rumors, the Polish special services are using surveillance software to spy on government opponents.

Spyware 98

Spyware Surveillance Hacking Government 98

Malwarebytes

MAY 28, 2024

As you may have read many times before on our blog, some spyware companies have a surprisingly low standard of security. In 2021, we reported that “employee and child-monitoring” software vendor pcTattleTale hadn’t been very careful about securing the screenshots it sneakily took from its victims’ phones. Ignore Always.

Spyware 110

Spyware Software Malware Mobile 110

Security Affairs

JUNE 2, 2022

An international law enforcement operation involving 11 countries resulted in the takedown of the FluBot Android malware. An international law enforcement operation involving 11 countries led to the takedown of the infamous FluBot Android malware. ” reads the announcement published by Europol.

Spyware 102

Spyware Malware Banking Cybercrime 102

Security Affairs

JULY 19, 2022

Google blocked dozens of malicious apps from the official Play Store that were spreading Joker, Facestealer, and Coper malware families. Google has removed dozens of malicious apps from the official Play Store that were distributing Joker, Facestealer, and Coper malware families. ” reads the analysis published by Zscaler.

Malware 135

Malware Spyware Banking Mobile 135

Security Affairs

JULY 16, 2021

The Joker malware is back, experts spotted multiple malicious apps on the official Google Play store that were able to evade scanners. The spyware is able to steal SMS messages, contact lists, and device information and to sign victims up for premium service subscriptions. ” states a post published by the experts.

Malware 145

Malware Mobile Spyware Encryption 145

SecureList

APRIL 27, 2021

This is our latest installment, focusing on activities that we observed during Q1 2021. In our initial report on Sunburst , we examined the method used by the malware to communicate with its C2 (command-and-control) server and the protocol used to upgrade victims for further exploitation. The most remarkable findings.

Malware 145

Malware Government Spyware Social Engineering 145

Security Affairs

NOVEMBER 24, 2021

federal court for illegally targeting its customers with the surveillance spyware Pegasus. The complaint provides new information on how NSO Group infected victims’ devices with its Pegasus spyware. radian) November 23, 2021. Apple has sued NSO Group and its parent company Q Cyber Technologies in a U.S. link] — Ivan Krsti?

Spyware 100

Spyware Surveillance Software Hacking 100

CSO Magazine

MARCH 28, 2022

After a pandemic lull in 2020, malware aimed at individuals and organizations surged in 2021, according to a report released last week by cybersecurity software maker Malwarebytes. increase, and 1,106 detections of spyware apps, a 4.2% To read this article in full, please click here

Malware 87

Malware Spyware Software Cybersecurity 87

SecureList

MAY 3, 2021

In Q1 2021, new banking scams appeared alongside ones that are more traditional. In actual fact, scanning the code resulted in a data leak, money theft or device infection, if it contained a link to a web page with malware. In Q1 2021, scammers imitating bank emails began to focus on compensation. Quarterly highlights.

Phishing 137

Phishing Banking Accountability Computers and Electronics 137