Security Affairs

MARCH 3, 2023

The phone of an opposition-linked Polish mayor was infected with the powerful Pegasus spyware, local media reported. Reuters reported that the phone of an opposition-linked Polish mayor was infected with the Pegasus spyware. According to rumors, the Polish special services are using surveillance software to spy on government opponents.

Spyware 98

Spyware Surveillance Hacking Government 98

Security Affairs

AUGUST 30, 2023

The campaigns observed by the researchers are likely active since July 2020 and since July 2022, respectively. The domain was registered on February 15 th , 2022, and provides a link to download the malicious Signal Plus Messenger application either from Google Play or directly from the website” continues the report.

Spyware 133

Spyware Accountability Malware Hacking 133

Security Affairs

JUNE 17, 2022

Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country. According to Lookout, the Hermit spyware was likely developed by Italian surveillance vendor RCS Lab S.p.A SecurityAffairs – hacking, Hermit spyware).

Spyware 105

Spyware Surveillance Telecommunications Mobile 105

Security Affairs

MARCH 29, 2023

Google’s Threat Analysis Group (TAG) discovered several exploit chains targeting Android, iOS, and Chrome to install commercial spyware. The exploit chains were used to install commercial spyware and malicious apps on targets’ devices. CVE-2022-38181 , a privilege escalation bug fixed by ARM in August 2022.

Spyware 98

Spyware Surveillance Firmware Internet 98

Security Affairs

APRIL 12, 2023

At least five members of civil society worldwide have been targeted with spyware and exploits developed by surveillance firm QuaDream. Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. and 14.4.2,

Spyware 98

Spyware Surveillance Malware Government 98

Security Affairs

JUNE 7, 2023

June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The June 2023 Android Security Bulletin provides details about the fix for more than fifty vulnerabilities affecting Android devices. In early April, U.S.

Spyware 98

Spyware Surveillance Firmware Hacking 98

Security Affairs

APRIL 19, 2022

Researchers from Citizen Lab have published a report detailing the use of a new zero-click iMessage exploit, dubbed HOMAGE, to install the NSO Group Pegasus spyware on iPhones belonging to Catalan politicians, journalists, academics, and activists. ” concludes the report. To nominate, please visit:? Pierluigi Paganini.

Spyware 107

Spyware Surveillance Government Software 107

Security Affairs

MAY 29, 2023

Cisco Talos and the Citizen Lab researchers have published a technical analysis of the powerful Android spyware Predator. Security researchers at Cisco Talos and the Citizen Lab have shared technical details about a commercial Android spyware named Predator that is sold by the surveillance firm Intellexa (formerly known as Cytrox).

Spyware 98

Spyware Surveillance Media Malware 98

Security Affairs

APRIL 1, 2023

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. Cybersecurity and Infrastructure Security Agency (CISA) has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Spyware 98

Spyware Surveillance Mobile Education 98

Security Affairs

APRIL 17, 2023

The Israeli surveillance firm QuaDream is allegedly shutting down its operations after Citizen Lab and Microsoft uncovered their spyware. Last week Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. and 14.4.2,

Surveillance 98

Surveillance Spyware Education Media 98

SecureList

NOVEMBER 23, 2021

For instance, we see a new trend emerging in the criminal ecosystem of spyware-based authentication data theft, with each individual attack being directed at a very small number of targets (from single digits to several dozen). And for some companies, the consequences of a security compromise in 2021 will catch up with them only in 2022.

Spyware 137

Spyware Phishing Cybercrime Energy and Utilities 137

Security Affairs

NOVEMBER 11, 2022

Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. The threat actors behind the campaigns used two Android spyware to spy on the victims and steal sensitive information. List of installed packages. Pierluigi Paganini.

Surveillance 98

Surveillance Spyware Malware Mobile 98

Security Affairs

APRIL 18, 2023

Citizen Lab reported that Israeli surveillance firm NSO Group used at least three iOS zero-click exploits in 2022. A new report from Citizen Lab states that the Israeli surveillance firm NSO Group used at least three zero-click zero-day exploits to deliver its Pegasus spyware. ” reads the report. ” reads the report.

Surveillance 98

Surveillance Spyware Education Risk 98

Security Affairs

JUNE 16, 2023

An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico.

Backups 98

Backups Spyware Malware Accountability 98

eSecurity Planet

JUNE 7, 2022

They earned the highest score among providers named "Customer's Choice" in Gartner's 2022 "Voice of the Customer” Security Awareness Computer-Based Training report. Application security, information security, network security, disaster recovery, operational security, etc.

Cybersecurity 127

Cybersecurity Identity Theft Encryption Antivirus 127

Security Affairs

JUNE 2, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. The post An international police operation dismantled FluBot spyware appeared first on Security Affairs.

Spyware 102

Spyware Malware Banking Cybercrime 102

Security Affairs

NOVEMBER 2, 2022

Threat actors are using previously undocumented Android spyware, dubbed SandStrike, to spy on a Persian-speaking religion minority. In Q3 2022, Kaspersky researchers uncovered a previously undocumented Android spyware, dubbed SandStrike, employed in an espionage campaign targeting the Persian-speaking religion minority, Bahá?í.

Spyware 117

Spyware Malware VPN Accountability 117

Security Affairs

MARCH 16, 2025

CISA adds Apple products and Juniper Junos OS flaws to its Known Exploited Vulnerabilities catalog GitLab addressed critical auth bypass flaws in CE and EE North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy Experts warn of a coordinated surge in the exploitation attempts of SSRF vulnerabilities Meta warns of actively exploited (..)

Spyware 72

Spyware Cybercrime Ransomware IoT 72

Security Affairs

MAY 29, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

InfoSec 136

InfoSec Spyware DDOS Firewall 136

Security Affairs

JULY 19, 2023

. “The proliferation and misuse of such commercial surveillance tools, including commercial spyware, pose distinct and growing security risks to the United States, facilitate repression, and enable human rights abuses. The surveillance firms were NSO Group and Candiru from Israel, Computer Security Initiative Consultancy PTE.

Surveillance 98

Surveillance Spyware Government Technology 98

Security Affairs

APRIL 13, 2022

One of the officials targeted with the infamous spyware there is Didier Reynders, a senior Belgian statesman who has served as the European Justice Commissioner since 2019. ” Security researchers said that Apple sent the warnings to its users targeted between February and September 2021. ” concludes the report.

Surveillance 104

Surveillance Software Spyware Hacking 104

Security Affairs

OCTOBER 5, 2022

The video was posted on January 2022, and according to Kaspersky’s telemetry, the first victims were compromised in March 2022. The experts also discovered that the libraries bundled with the malicious Tor Browser is infected with spyware. ” reads Kaspersky’s analysis. “The file freebl3.dll

Spyware 100

Spyware Accountability Software Passwords 100

Security Affairs

MAY 1, 2023

Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). The researchers are tracking the spyware since March 2020, starting in 2023, multiple security experts [ 1 , 2 ] started monitoring its activity.

Surveillance 98

Surveillance Malware Spyware Accountability 98

Security Affairs

AUGUST 28, 2022

Leaked documents online show the purchase (and documentation of) an $8,000,000 iOS Remote Code Execution 0day exploit pic.twitter.com/lhmc8QdfGv — vx-underground (@vxunderground) August 24, 2022. The leaked documentation demonstrates that the company offers services for remote data extraction from Android and iOS devices.

Surveillance 141

Surveillance Spyware Mobile Hacking 141

Security Affairs

MAY 17, 2022

Experts spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data. Trend Micro researchers spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data from infected devices.

Spyware 98

Spyware Cryptocurrency VPN Malware 98

Security Affairs

AUGUST 4, 2024

US sued TikTok and ByteDance for violating children’s privacy laws Russia-linked APT used a car for sale as a phishing lure to target diplomats with HeadLace malware Investors sued CrowdStrike over false claims about its Falcon platform Avtech camera vulnerability actively exploited in the wild, CISA warns Over 20,000 internet-exposed VMware ESXi instances (..)

Spyware 123

Spyware Phishing Malware Ransomware 123

Security Affairs

JULY 24, 2022

is optimized to automatically bypass censorship A massive cyberattack hit Albania Watch out for the CVE-2022-30136 Windows NFS Remote Code Execution flaw Graff paid a $7.5M is optimized to automatically bypass censorship A massive cyberattack hit Albania Watch out for the CVE-2022-30136 Windows NFS Remote Code Execution flaw Graff paid a $7.5M

Spyware 107

Spyware Surveillance Insurance Malware 107

SecureList

JANUARY 18, 2023

The threat landscape is constantly updated through new malware and spyware, advanced phishing methods, and new social engineering techniques. The trend for personal data leaks grew rapidly in 2022 and will continue into 2023. The number of posts in those blogs grew in 2022, both in open sources and on the dark web.

Media 139

Media Social Engineering Ransomware Hacking 139

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 98

Spyware Hacking Malware Social Engineering 98

Security Affairs

JUNE 20, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Spyware 105

Spyware DNS Ransomware Surveillance 105

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 98

Spyware Ransomware Malware Data breaches 98

Security Affairs

FEBRUARY 13, 2022

US seizes $3.6 to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps.

Spyware 98

Spyware Ransomware Surveillance Hacking 98

Security Affairs

MAY 26, 2022

. “However, ChromeLoader uses PowerShell to inject itself into the browser and add a malicious extension to it, a technique we don’t see very often (and one that often goes undetected by other security tools). Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Malware 142

Malware Spyware Threat Detection Engineering 142

Security Affairs

APRIL 4, 2023

Cybersecurity and Infrastructure Security Agency (CISA) has added a Zimbra flaw, tracked as CVE-2022-27926 , to its Known Exploited Vulnerabilities Catalog. The CVE-2022-27926 flaw affects Zimbra Collaboration version 9.0.0, which is used to host publicly-facing webmail portals. reads the post published by Proofpoint.

Phishing 98

Phishing Government Spyware Passwords 98

Security Affairs

APRIL 8, 2023

Mandiant researchers first observed this affiliate targeting Veritas issues in the wild on October 22, 2022. The CVE-2023-26083 flaw in the Arm Mali GPU driver is chained with other issues to install commercial spyware, as reported by Google’s Threat Analysis Group (TAG) in a recent report.

Backups 98

Backups Spyware Ransomware Education 98

BH Consulting

NOVEMBER 15, 2022

Cybersecurity conferences aren’t usually places where you expect to feel better about the world, but IRISSCON 2022 struck a surprisingly hopeful tone. Mikko Hyppönen, WithSecure chief research officer, looked back at security’s evolution over decades and reached an unexpected conclusion. “I It is not a failure, it is a success.

Social Engineering 59

Social Engineering Insurance Ransomware CISO 59

Security Affairs

DECEMBER 3, 2022

Google fixed the ninth actively exploited Chrome zeroday this year A new Linux flaw can be chained with other two bugs to gain full root privileges Attack of drones: airborne cybersecurity nightmare Cuba Ransomware received over $60M in Ransom payments as of August 2022 Android Keyboard Apps with 2 Million downloads can remotely hack your device New (..)

Spyware 98

Spyware Data breaches VPN Hacking 98