Security Affairs

FEBRUARY 6, 2022

One of the Apple iOS zero-day flaws exploited by the NSO group was also used by another surveillance firm named QuaDream. One of the vulnerabilities in Apple iOS that was previously exploited by the spyware developed by the Israeli company NSO Group was also separately used by another surveillance firm named QuaDream. as a zero-day.

Surveillance 98

Surveillance Spyware Government Hacking 98

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware 98

Malware Banking Penetration Testing Healthcare 98

Security Affairs

SEPTEMBER 16, 2024

The IT giant fears that the disclosures of its threat intelligence related to commercial spyware operations could aid NSO and other surveillance firms. In November 2021, Apple sued NSO Group and its parent company Q Cyber Technologies in a U.S. ” reads the court filing.

Surveillance 118

Surveillance Spyware Risk Hacking 118

SecureList

NOVEMBER 26, 2021

IT threat evolution Q3 2021. IT threat evolution in Q3 2021. IT threat evolution in Q3 2021. While tracking this threat actor in spring 2021, we discovered a newer version. The malware tries to spread to other hosts on the network by infecting USB drives. Targeted attacks exploiting CVE-2021-40444.

Malware 136

Malware Banking Energy and Utilities Accountability 136

Security Affairs

APRIL 12, 2023

At least five members of civil society worldwide have been targeted with spyware and exploits developed by surveillance firm QuaDream. Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. ” concludes Citizen Lab.

Spyware 98

Spyware Surveillance Malware Government 98

SecureList

JUNE 16, 2021

The malware dropped from the aforementioned document is dubbed ‘MarkiRAT’ and used to record keystrokes, clipboard content, provide file download and upload capabilities as well as the ability to execute arbitrary commands on the victim machine. Background. One of the documents is called “??????? ???????

Surveillance 145

Surveillance Malware Password Management Passwords 145

Security Affairs

APRIL 13, 2022

According to a report published by Reuters, an Israeli surveillance software was used to spy on senior officials in the European Commission. ” Security researchers said that Apple sent the warnings to its users targeted between February and September 2021. ” concludes the report. Pierluigi Paganini.

Surveillance 103

Surveillance Software Spyware Hacking 103

Security Affairs

NOVEMBER 11, 2022

Lookout researchers discovered two long-running surveillance campaigns targeting the ethnic minority Uyghurs. Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. Bazar is a lesser known spelling of Bazaar.” ” reads the report published by Lookout.

Surveillance 98

Surveillance Spyware Malware Mobile 98

Security Affairs

DECEMBER 12, 2024

Lookout researchers linked the BoneSpy and PlainGnome Android surveillance families to the Russian APT group Gamaredon (a.k.a. These are the first known mobile malware families linked to the Russian APT. Threat actors have used BoneSpy since at least 2021, while PlainGnome first appeared in 2024.

Mobile 98

Mobile Malware Surveillance Social Engineering 98

SecureList

MAY 31, 2021

Out of the 18,000 Orion IT customers affected by the malware, it seems that only a handful were of interest to the attackers. For example, before making the first internet connection to its C2s, the Sunburst malware lies dormant for up to two weeks, preventing easy detection of this behaviour in sandboxes.

Malware 140

Malware Adware Encryption Architecture 140

SecureList

APRIL 27, 2021

This is our latest installment, focusing on activities that we observed during Q1 2021. In our initial report on Sunburst , we examined the method used by the malware to communicate with its C2 (command-and-control) server and the protocol used to upgrade victims for further exploitation. The most remarkable findings.

Malware 145

Malware Government Spyware Social Engineering 145

CyberSecurity Insiders

MAY 2, 2022

Spanish Government has released a press statement confirming Pegasus malware on the smart phones of Spanish Prime Minister (PM), Pedro Sanchez and the region’s Defense Minister, Margarita Robles. The United States banned NSO Group, that developed Pegasus surveillance software, last year.

Malware 107

Malware Surveillance Software Government 107

Security Affairs

JULY 19, 2023

government added surveillance technology vendors Cytrox and Intellexa to an economic blocklist for trafficking in cyber exploits. Government warns of the key role that surveillance technology plays in surveillance activities that can lead to repression and other human rights abuses. national security or foreign policy interests.

Surveillance 98

Surveillance Spyware Government Technology 98

Threatpost

SEPTEMBER 28, 2021

A 'nearly impossible to analyze' version of the malware sports a bootkit and 'steal-everything' capabilities.

Surveillance 96

Surveillance Malware 96

Security Affairs

MAY 23, 2022

Google’s Threat Analysis Group (TAG) researchers discovered three campaigns, between August and October 2021, targeting Android users with five zero-day vulnerabilities. We assess the exploits were packaged by a single commercial surveillance company, Cytrox, and sold to different govt-backed actors. ” continues the report.

Spyware 144

Spyware Surveillance Government Banking 144

CyberSecurity Insiders

JUNE 28, 2022

However, the researchers traced out victims by March 2021 and confirmed that such attacks were leading to the deployment of ShadowPad backdoors that could lead to information theft and espionage. The post ShadowPad malware on Industrial Control Systems of Asia appeared first on Cybersecurity Insiders.

Malware 111

Malware Telecommunications Surveillance Cyber threats 111

SecureList

NOVEMBER 28, 2024

Chinese-speaking activity In July 2021, we detected a campaign called ExCone targeting government entities in Russia. We also found Cobalt Strike beacons and several traces tying this actor to the ShadowPad malware and UNC2643 activity, which is in turn associated with the HAFNIUM threat actor.

Malware 119

Malware Government Software Spyware 119

Security Affairs

JULY 14, 2021

Below the list of the zero-day issues disclosed by the experts: CVE-2021-1879: Use-After-Free in QuickTimePluginReplacement CVE-2021-21166: Chrome Object Lifecycle Issue in Audio CVE-2021-30551: Chrome Type Confusion in V8 CVE-2021-33742: Internet Explorer out-of-bounds write in MSHTML.

Surveillance 145

Surveillance Government Internet Internet 145

Security Affairs

NOVEMBER 8, 2021

Experts warn of an ongoing hacking campaign that already compromised at least nine organizations worldwide from critical sectors by exploiting CVE-2021-40539. In the middle of September, the FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) warned that nation-state APT groups were actively exploiting the CVE-2021-40539 flaw.

Healthcare 120

Healthcare Password Management Financial Services Surveillance 120

Security Affairs

NOVEMBER 12, 2021

Google revealed that threat actors recently exploited a zero-day vulnerability in macOS to deliver malware to users in Hong Kong. Google TAG researchers discovered that threat actors leveraged a zero-day vulnerability in macOS in a watering hole campaign aimed at delivering malware to users in Hong Kong.

Malware 145

Malware Media Surveillance Encryption 145

Security Affairs

APRIL 1, 2023

Five of the issues added by CISA to its catalog are part of the exploits used by surveillance vendors to target mobile devices with their commercial spyware: CVE-2021-30900 – Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability.

Spyware 98

Spyware Surveillance Mobile Education 98

Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Spyware 130

Spyware Government Surveillance Media 130

Security Affairs

AUGUST 29, 2024

Russia-linked APT29 group was spotted reusing iOS and Chrome exploits previously developed by surveillance firms NSO Group and Intellexa. using exploits previously used by surveillance software vendors NSO Group and Intellexa. using exploits previously used by surveillance software vendors NSO Group and Intellexa.

Surveillance 134

Surveillance Government Hacking Encryption 134

Security Affairs

NOVEMBER 30, 2022

Google’s Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. The vulnerabilities in Google, Microsoft and Mozilla exploited by the company were fixed in 2021 and early 2022. ” TAG concludes.

Spyware 108

Spyware Surveillance Risk Internet 108

SecureWorld News

OCTOBER 21, 2022

A new version of the Android malware "FurBall" has been discovered to be used by the threat actor(s) known as Domestic Kitten in a campaign targeting Iranian citizens in a mobile surveillance operation. Researchers believe the purpose of this could be to set up a larger spearphishing attack conducted via text messages.

Malware 98

Malware Spyware Government Surveillance 98

Security Affairs

SEPTEMBER 28, 2021

Experts spotted a new variant of the FinFisher surveillance spyware that is able to hijack and replace the Windows UEFI bootloader to infect Windows machines. Kaspersky experts shared the results of an 8-months investigation into FinSpy spyware at the Security Analyst Summit (SAS) 2021.

Spyware 110

Spyware Surveillance Firmware Malware 110

Security Affairs

FEBRUARY 1, 2021

The attack was discovered by cybersecurity firm ESET on January 25, threat actors delivered malware to a limited number of victims across Asia. The experts reported that threat actors employed at least three different malware families in this supply chain attack. ESET tracked this campaign as Operation NightScout.

Malware 131

Malware Surveillance Mobile Hacking 131

CyberSecurity Insiders

AUGUST 7, 2022

Research carried out by Reversing Labs suggests that a new ransomware is invading government related Linux Systems in South Korea and the malware is mainly targeting industries and pharmaceutical companies. NOTE 2- According to 2021 research conducted by Cisco Talos, each month around 13 new ransomware variants are detected.

Ransomware 118

Ransomware Surveillance Encryption Cryptocurrency 118

Security Affairs

AUGUST 24, 2021

The iPhones of nine activists, including members of the Bahrain Center for Human Rights , Waad , Al Wefaq , were infected with Pegasus spyware as part of a surveillance operation likely orchestrated by a threat actor tracked as LULU and attributed with high confidence to the government of Bahrain. ” concludes the report.

Spyware 98

Spyware Surveillance Hacking Mobile 98

Security Affairs

MAY 29, 2023

Security researchers at Cisco Talos and the Citizen Lab have shared technical details about a commercial Android spyware named Predator that is sold by the surveillance firm Intellexa (formerly known as Cytrox). The attacks aimed at installing the surveillance spyware Predator, developed by the North Macedonian firm Cytrox.

Spyware 98

Spyware Surveillance Media Malware 98

CyberSecurity Insiders

AUGUST 27, 2021

The file encrypting malware group has also released a decryption key for zero cost to help victims clean up their databases. Highly placed sources say that Ragnarok that also involved in double extortion tactics shut its doors because of the constant surveillance of the law enforcement agencies of west.

Ransomware 103

Ransomware Healthcare Encryption Surveillance 103

SecureWorld News

JUNE 27, 2022

Security researchers Benoit Sevens and Clement Lecigne of Google TAG said: "Seven of the nine zero-day vulnerabilities our Threat Analysis Group discovered in 2021 fall into this category: developed by commercial providers and sold to and used by government-backed actors.". RELATED: Spyware Pariah: NSO Group Placed on U.S. Blacklist ].

Spyware 95

Spyware Surveillance Mobile Government 95

Security Affairs

NOVEMBER 24, 2021

Apple has filed suit to ban the Israeli surveillance firm NSO Group and parent company Q Cyber Technologies from using its product and services. federal court for illegally targeting its customers with the surveillance spyware Pegasus. radian) November 23, 2021. ” reads the announcement published by Apple.

Spyware 100

Spyware Surveillance Software Hacking 100

Security Affairs

NOVEMBER 25, 2021

The campaign was first spotted in mid-September 2021 by ShadowChasing. aspx pic.twitter.com/fHsgAshCNc — Shadow Chaser Group (@ShadowChasing1) September 15, 2021. The PowerShortShell stealer is also used for Telegram surveillance and gathering system information from infected systems. docx URL: hxxp://hr.dedyn.io/word.html

Surveillance 110

Surveillance Social Engineering Ransomware Cybercrime 110

Security Affairs

JANUARY 21, 2022

At the end of 2021, researchers discovered a UEFI firmware-level compromise by analyzing logs from its Firmware Scanner. “The purpose of the implant is to facilitate the deployment of user-mode malware that stages execution of further payloads downloaded from the internet;” reads the analysis published by Kaspersky.

Firmware 145

Firmware Malware Spyware Surveillance 145

Security Affairs

JULY 20, 2023

Lookout first detected WyrmSpy as early as 2017, while it first discovered DragonEgg at the start of 2021. Both malware relies on modules that are downloaded after the apps are installed to exfiltrate data from the infected devices. Most recent samples of DraginEgg are dated April 2023. ” reads the report published by Lookout.

Spyware 98

Spyware Surveillance Mobile Malware 98

Security Affairs

NOVEMBER 1, 2021

Experts uncovered a new threat actor, tracked as Balikbayan Foxes, that is impersonating the Philippine government to spread malware. . Both Remcos and NanoCore are used for information gathering, data exfiltration, surveillance, and control of the victims’ computers. . ” reads the analysis published by the experts.

Malware 110

Malware Government Surveillance Phishing 110