Security Affairs

SEPTEMBER 14, 2023

The iPhone of a prominent Russian journalist, who is at odds with Moscow, was infected with NSO Group’s Pegasus spyware. The iPhone of the Russian journalist Galina Timchenko was compromised with NSO Group’s Pegasus spyware. The threat actors used a zero-click exploit, likely the PWNYOURHOME. ” reported Citizen Lab.

Spyware 134

Spyware Surveillance Media Government 134

Security Affairs

SEPTEMBER 28, 2023

Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-5217, in the Chrome browser. Google on Wednesday released security updates to address a new actively exploited zero-day flaw in the Chrome browser which is tracked as CVE-2023-5217.

Surveillance 135

Surveillance Spyware Passwords Hacking 135

Security Affairs

SEPTEMBER 27, 2023

Google assigned a maximum score to a critical security flaw, tracked as CVE-2023-5129, in the libwebp image library for rendering images in the WebP format. Google assigned a new CVE identifier for a critical vulnerability, tracked as CVE-2023-5129 (CVSS score 10,0), in the libwebp image library for rendering images in the WebP format.

Spyware 135

Spyware Surveillance Software Hacking 135

Security Affairs

JANUARY 1, 2024

These are the Top 2023 Security Affairs cybersecurity stories … enjoy it. TWO SPYWARE SENDING DATA OF MORE THAN 1.5M Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Top 2023 Security Affairs cybersecurity stories)

Cybersecurity 136

Cybersecurity Spyware Data breaches Passwords 136

Security Affairs

AUGUST 30, 2023

ESET reported Signal Plus Messenger to both Google Play and Samsung Galaxy Store on April 27, 2023. Google removed the tainted app on May 23 rd , 2023. The malware distributed by the nation-state actors is Android BadBazaar , which has been previously employed in attacks aimed at Uyghurs and other Turkic ethnic minorities.

Spyware 135

Spyware Accountability Malware Hacking 135

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Most recent samples of DraginEgg are dated April 2023. ” continues the report.

Spyware 98

Spyware Surveillance Mobile Malware 98

Security Affairs

JUNE 16, 2023

An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico.

Backups 98

Backups Spyware Malware Accountability 98

Security Affairs

APRIL 1, 2023

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. Cybersecurity and Infrastructure Security Agency (CISA) has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Spyware 98

Spyware Surveillance Mobile Education 98

Security Affairs

SEPTEMBER 11, 2023

CISA adds vulnerabilities in Apple devices exploited to install NSO Group’s Pegasus spyware on iPhones to Known Exploited Vulnerabilities Catalog US Cybersecurity and Infrastructure Security Agency (CISA) added the security vulnerabilities chained in the zero-click iMessage exploit BLASTPASS to its Known Exploited Vulnerabilities Catalog.

Spyware 136

Spyware Accountability Hacking Risk 136

Security Affairs

MARCH 29, 2023

Google’s Threat Analysis Group (TAG) discovered several exploit chains targeting Android, iOS, and Chrome to install commercial spyware. The exploit chains were used to install commercial spyware and malicious apps on targets’ devices. The experts pointed out that both campaigns were limited and highly targeted.

Spyware 98

Spyware Surveillance Firmware Internet 98

SecureList

JANUARY 18, 2023

The threat landscape is constantly updated through new malware and spyware, advanced phishing methods, and new social engineering techniques. Last year, the cybersecurity of corporations and government agencies was more significant than ever before, and will become even more so in 2023. These add up to 144 million annually.

Media 120

Media Social Engineering Ransomware Hacking 120

Security Affairs

MARCH 6, 2024

The exploitation of this vulnerability could lead to local information disclosure with no additional execution privileges needed. Google addressed the issue in June 2023, the IT giant is aware of “limited, targeted exploitation.” “There are indications that CVE-2023-21237 may be under limited, targeted exploitation.”

Spyware 139

Spyware Ransomware Cybersecurity Risk 139

Security Affairs

FEBRUARY 7, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added a Google Chromium V8 Type Confusion bug, tracked as CVE-2023-4762 , to its Known Exploited Vulnerabilities (KEV) catalog. The experts reported that the exploit chain of the above flaws was delivered in two ways, one of them was exploiting CVE-2023-4762.

Spyware 136

Spyware Hacking Cybersecurity Risk 136

Security Affairs

SEPTEMBER 13, 2023

Mozilla rolled out security updates to address a critical zero-day vulnerability, tracked as CVE-2023-4863 , in Firefox and Thunderbird that has been actively exploited in the wild. The vulnerability CVE-2023-4863 was addressed with the release of Firefox 117.0.1, Firefox ESR 115.2.1, Firefox ESR 102.15.1, Thunderbird 102.15.1,

Spyware 138

Spyware Architecture Engineering Hacking 138

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware 130

Spyware Data breaches Hacking Ransomware 130

Security Affairs

JULY 19, 2023

. “The proliferation and misuse of such commercial surveillance tools, including commercial spyware, pose distinct and growing security risks to the United States, facilitate repression, and enable human rights abuses. The surveillance firms were NSO Group and Candiru from Israel, Computer Security Initiative Consultancy PTE.

Surveillance 98

Surveillance Spyware Government Technology 98

Security Affairs

JULY 8, 2023

.” reads the security bulletin. CVE-2023-26083 CVE-2021-29256 CVE-2023-2136 The CVE-2023-26083 is an Arm Mali GPU kernel driver information disclosure vulnerability that the US CISA added to its Known Exploited Vulnerabilities catalog in April 2023.

Spyware 98

Spyware Hacking Mobile Information Security 98

Security Affairs

DECEMBER 28, 2023

In June, Kaspersky announced that after a six-month-long investigation, they completed the collection of all the components of the attack chain and the analysis of the spyware implant, tracked as TriangleDB. The spyware is directly deployed in memory, but if the victim reboots the device the malware doesn’t persist.

Spyware 141

Spyware Firmware Mobile Malware 141

Security Affairs

OCTOBER 16, 2023

— Signal (@signalapp) October 16, 2023 The company also added that it has checked with the U.S. We take reports to security@signal.org very seriously, and invite those with real info to share it there. Government to determine if they were aware of a zero-day exploit for their platform.

Spyware 124

Spyware Surveillance Encryption Mobile 124

Security Affairs

MAY 1, 2023

Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). The researchers are tracking the spyware since March 2020, starting in 2023, multiple security experts [ 1 , 2 ] started monitoring its activity.

Surveillance 98

Surveillance Malware Spyware Education 98

Security Affairs

DECEMBER 2, 2023

Researchers devised an attack technique to extract ChatGPT training data Fortune-telling website WeMystic exposes 13M+ user records Expert warns of Turtle macOS ransomware US govt sanctioned North Korea-linked APT Kimsuky Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022 Apple addressed 2 new (..)

Ransomware 128

Ransomware Hacking Spyware Cybercrime 128

Security Affairs

OCTOBER 5, 2023

In mid-September, researchers from the Citizen Lab and Google’s Threat Analysis Group (TAG) revealed that the three Apple zero-days (CVE-2023-41993, CVE-2023-41991, CVE-2023-41992) addressed in the same period were used as part of an exploit to install Cytrox Predator spyware.

Mobile 142

Mobile Marketing Spyware Surveillance 142

Security Affairs

APRIL 18, 2023

A new report from Citizen Lab states that the Israeli surveillance firm NSO Group used at least three zero-click zero-day exploits to deliver its Pegasus spyware. “These indicator overlaps allow us to attribute the 2022 zero-click chains to NSO Group’s Pegasus spyware with high confidence. ” reads the report. and 14.4.2,

Surveillance 98

Surveillance Spyware Education Risk 98

Security Affairs

FEBRUARY 22, 2023

Apple updated its advisories by adding three new vulnerabilities, tracked as CVE-2023-23520, CVE-2023-23530 and CVE-2023-23531, that affect iOS, iPadOS , and macOS. An attacker can trigger the CVE-2023-23530 flaw to execute arbitrary code out of its sandbox or with certain elevated privileges. ” reads the advisory.

Surveillance 98

Surveillance Spyware Hacking Software 98

Security Affairs

JUNE 22, 2023

The IT giant addressed the zero-day vulnerabilities, tracked as CVE-2023-32434 and CVE-2023-32435 , exploited as part of the recently disclosed Operation Triangulation. Recently, Kaspersky researchers dug into Operation Triangulation and discovered more details about the exploit chain employed to deliver the spyware to iOS devices.

Spyware 98

Spyware Mobile Hacking Information Security 98

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 128

Spyware Surveillance DDOS Identity Theft 128

Security Affairs

FEBRUARY 6, 2024

The police arrested Klimenka in Latvia on December 21, 2023, he was extradited to the U.S. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, commercial spyware ) and is currently being held in custody.

Cryptocurrency 132

Cryptocurrency Spyware Cybercrime Hacking 132

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence 132

Artificial Intelligence VPN Hacking Firewall 132

Security Affairs

JULY 15, 2023

Government agencies SonicWall urges organizations to fix critical flaws in GMS/Analytics products Citrix fixed a critical flaw in Secure Access Client for Ubuntu Cl0p hacker operating from Russia-Ukraine war front line – exclusive Fortinet fixed a critical flaw in FortiOS and FortiProxy Microsoft mitigated an attack by Chinese threat actor Storm-0558 (..)

Spyware 98

Spyware Hacking Data breaches Mobile 98

Security Affairs

JUNE 19, 2023

The researchers analyzed a total of four samples that were uploaded to VirusTotal, with the earliest sample that was uploaded by an anonymous actor to the platform on April 18, 2023. The remaining ones have been uploaded by the victim. For this reason, experts believe that the discovered files are part of a more sophisticated attack.

Spyware 98

Spyware Architecture Malware Hacking 98

Security Affairs

OCTOBER 1, 2023

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One FBI warns of dual ransomware attacks Progress Software fixed two critical severity flaws in WS_FTP Server Child abuse site taken down, organized child exploitation crime suspected – exclusive A still unpatched zero-day RCE impacts more than 3.5M

Artificial Intelligence 130

Artificial Intelligence Firmware Data breaches Hacking 130

Security Affairs

JUNE 11, 2023

Gox exchange and operating BTC-e Japanese Pharmaceutical giant Eisai hit by a ransomware attack Clop ransomware gang was testing MOVEit Transfer bug since 2021 Stealth Soldier backdoor used is targeted espionage attacks in Libya Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue Experts detail a new Kimsuky (..)

Social Engineering 98

Social Engineering Data breaches Ransomware Cybercrime 98

Security Affairs

SEPTEMBER 3, 2023

Hacks QakBot, Quietly Removes Botnet Infections Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs Why is.US Being Used to Phish So Many of Us?

Social Engineering 128

Social Engineering Spyware Data breaches Surveillance 128

Security Affairs

APRIL 8, 2023

The CVE-2023-26083 flaw in the Arm Mali GPU driver is chained with other issues to install commercial spyware, as reported by Google’s Threat Analysis Group (TAG) in a recent report. CISA orders federal agencies to fix this flaw by April 28, 2023.

Backups 98

Backups Spyware Ransomware Education 98

Security Affairs

JUNE 17, 2023

Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure A database containing data of +8.9 Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure A database containing data of +8.9

Data breaches 98

Data breaches DDOS Backups Firewall 98

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 98

Spyware Ransomware Malware Data breaches 98

Security Affairs

JUNE 25, 2023

Someone is sending mysterious smartwatches to the US Military personnel CISA orders govt agencies to fix recently disclosed flaws in Apple devices VMware fixed five memory corruption issues in vCenter Server Fortinet fixes critical FortiNAC RCE, install updates asap More than a million GitHub repositories potentially vulnerable to RepoJacking New Mirai (..)

DDOS 98

DDOS Cybercrime Spyware Malware 98