Security Affairs

FEBRUARY 6, 2024

Google’s TAG revealed that Commercial spyware vendors (CSV) were behind most of the zero-day vulnerabilities discovered in 2023. In 2023, TAG identified 250 days actively exploited in the wild, 20 of which were exploited by Commercial Surveillance Vendors (CSVs). ” reads the report published by Google.

Spyware 139

Spyware Surveillance Government Software 139

Security Affairs

JUNE 7, 2023

June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The June 2023 Android Security Bulletin provides details about the fix for more than fifty vulnerabilities affecting Android devices. In early April, U.S.

Spyware 98

Spyware Surveillance Firmware Hacking 98

Security Affairs

SEPTEMBER 28, 2023

Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-5217, in the Chrome browser. Google on Wednesday released security updates to address a new actively exploited zero-day flaw in the Chrome browser which is tracked as CVE-2023-5217.

Surveillance 138

Surveillance Spyware Passwords Hacking 138

Security Affairs

JANUARY 1, 2024

These are the Top 2023 Security Affairs cybersecurity stories … enjoy it. TWO SPYWARE SENDING DATA OF MORE THAN 1.5M Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Top 2023 Security Affairs cybersecurity stories)

Cybersecurity 140

Cybersecurity Spyware Data breaches Passwords 140

Security Affairs

SEPTEMBER 27, 2023

Google assigned a maximum score to a critical security flaw, tracked as CVE-2023-5129, in the libwebp image library for rendering images in the WebP format. Google assigned a new CVE identifier for a critical vulnerability, tracked as CVE-2023-5129 (CVSS score 10,0), in the libwebp image library for rendering images in the WebP format.

Spyware 139

Spyware Surveillance Software Hacking 139

Security Affairs

AUGUST 30, 2023

ESET reported Signal Plus Messenger to both Google Play and Samsung Galaxy Store on April 27, 2023. Google removed the tainted app on May 23 rd , 2023. The malware distributed by the nation-state actors is Android BadBazaar , which has been previously employed in attacks aimed at Uyghurs and other Turkic ethnic minorities.

Spyware 139

Spyware Accountability Malware Hacking 139

Security Affairs

SEPTEMBER 11, 2023

CISA adds vulnerabilities in Apple devices exploited to install NSO Group’s Pegasus spyware on iPhones to Known Exploited Vulnerabilities Catalog US Cybersecurity and Infrastructure Security Agency (CISA) added the security vulnerabilities chained in the zero-click iMessage exploit BLASTPASS to its Known Exploited Vulnerabilities Catalog.

Spyware 140

Spyware Accountability Hacking Risk 140

SecureList

JANUARY 18, 2023

The threat landscape is constantly updated through new malware and spyware, advanced phishing methods, and new social engineering techniques. Last year, the cybersecurity of corporations and government agencies was more significant than ever before, and will become even more so in 2023. These add up to 144 million annually.

Media 141

Media Social Engineering Ransomware Hacking 141

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Most recent samples of DraginEgg are dated April 2023. ” continues the report.

Spyware 98

Spyware Surveillance Mobile Malware 98

Security Affairs

APRIL 1, 2023

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. Cybersecurity and Infrastructure Security Agency (CISA) has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Spyware 98

Spyware Surveillance Mobile Education 98

Security Affairs

JUNE 16, 2023

An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico.

Backups 98

Backups Spyware Malware Accountability 98

Security Affairs

MARCH 29, 2023

Google’s Threat Analysis Group (TAG) discovered several exploit chains targeting Android, iOS, and Chrome to install commercial spyware. The exploit chains were used to install commercial spyware and malicious apps on targets’ devices. The experts pointed out that both campaigns were limited and highly targeted.

Spyware 98

Spyware Surveillance Firmware Internet 98

Security Affairs

FEBRUARY 7, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added a Google Chromium V8 Type Confusion bug, tracked as CVE-2023-4762 , to its Known Exploited Vulnerabilities (KEV) catalog. The experts reported that the exploit chain of the above flaws was delivered in two ways, one of them was exploiting CVE-2023-4762.

Spyware 140

Spyware Hacking Cybersecurity Risk 140

Security Affairs

MARCH 6, 2024

The exploitation of this vulnerability could lead to local information disclosure with no additional execution privileges needed. Google addressed the issue in June 2023, the IT giant is aware of “limited, targeted exploitation.” “There are indications that CVE-2023-21237 may be under limited, targeted exploitation.”

Spyware 142

Spyware Ransomware Cybersecurity Risk 142

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware 135

Spyware Data breaches Hacking Ransomware 135

Security Affairs

SEPTEMBER 13, 2023

Mozilla rolled out security updates to address a critical zero-day vulnerability, tracked as CVE-2023-4863 , in Firefox and Thunderbird that has been actively exploited in the wild. The vulnerability CVE-2023-4863 was addressed with the release of Firefox 117.0.1, Firefox ESR 115.2.1, Firefox ESR 102.15.1, Thunderbird 102.15.1,

Spyware 141

Spyware Architecture Engineering Hacking 141

Security Affairs

DECEMBER 28, 2023

In June, Kaspersky announced that after a six-month-long investigation, they completed the collection of all the components of the attack chain and the analysis of the spyware implant, tracked as TriangleDB. The spyware is directly deployed in memory, but if the victim reboots the device the malware doesn’t persist.

Spyware 143

Spyware Firmware Mobile Malware 143

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence 136

Artificial Intelligence VPN Hacking Firewall 136

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 133

Spyware Surveillance DDOS Identity Theft 133

Security Affairs

FEBRUARY 6, 2024

The police arrested Klimenka in Latvia on December 21, 2023, he was extradited to the U.S. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, commercial spyware ) and is currently being held in custody.

Cryptocurrency 136

Cryptocurrency Spyware Cybercrime Hacking 136

Security Affairs

OCTOBER 16, 2023

— Signal (@signalapp) October 16, 2023 The company also added that it has checked with the U.S. We take reports to security@signal.org very seriously, and invite those with real info to share it there. Government to determine if they were aware of a zero-day exploit for their platform.

Spyware 129

Spyware Surveillance Encryption Mobile 129

Security Affairs

JULY 19, 2023

. “The proliferation and misuse of such commercial surveillance tools, including commercial spyware, pose distinct and growing security risks to the United States, facilitate repression, and enable human rights abuses. The surveillance firms were NSO Group and Candiru from Israel, Computer Security Initiative Consultancy PTE.

Surveillance 98

Surveillance Spyware Government Technology 98

Security Affairs

DECEMBER 2, 2023

Researchers devised an attack technique to extract ChatGPT training data Fortune-telling website WeMystic exposes 13M+ user records Expert warns of Turtle macOS ransomware US govt sanctioned North Korea-linked APT Kimsuky Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022 Apple addressed 2 new (..)

Ransomware 133

Ransomware Hacking Spyware Cybercrime 133

Security Affairs

OCTOBER 5, 2023

In mid-September, researchers from the Citizen Lab and Google’s Threat Analysis Group (TAG) revealed that the three Apple zero-days (CVE-2023-41993, CVE-2023-41991, CVE-2023-41992) addressed in the same period were used as part of an exploit to install Cytrox Predator spyware.

Mobile 143

Mobile Marketing Spyware Surveillance 143

Security Affairs

SEPTEMBER 3, 2023

Hacks QakBot, Quietly Removes Botnet Infections Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs Why is.US Being Used to Phish So Many of Us?

Social Engineering 133

Social Engineering Spyware Data breaches Surveillance 133

Security Affairs

JULY 8, 2023

.” reads the security bulletin. CVE-2023-26083 CVE-2021-29256 CVE-2023-2136 The CVE-2023-26083 is an Arm Mali GPU kernel driver information disclosure vulnerability that the US CISA added to its Known Exploited Vulnerabilities catalog in April 2023.

Spyware 98

Spyware Hacking Mobile Information Security 98

Security Affairs

OCTOBER 1, 2023

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One FBI warns of dual ransomware attacks Progress Software fixed two critical severity flaws in WS_FTP Server Child abuse site taken down, organized child exploitation crime suspected – exclusive A still unpatched zero-day RCE impacts more than 3.5M

Artificial Intelligence 135

Artificial Intelligence Firmware Data breaches Hacking 135

Security Affairs

MAY 1, 2023

Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). The researchers are tracking the spyware since March 2020, starting in 2023, multiple security experts [ 1 , 2 ] started monitoring its activity.

Surveillance 98

Surveillance Malware Spyware Accountability 98

Security Affairs

APRIL 18, 2023

A new report from Citizen Lab states that the Israeli surveillance firm NSO Group used at least three zero-click zero-day exploits to deliver its Pegasus spyware. “These indicator overlaps allow us to attribute the 2022 zero-click chains to NSO Group’s Pegasus spyware with high confidence. ” reads the report. and 14.4.2,

Surveillance 98

Surveillance Spyware Education Risk 98

Security Affairs

SEPTEMBER 10, 2023

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital North Korea-linked threat actors target cybersecurity experts with a zero-day Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks Nation-state actors (..)

DDOS 137

DDOS VPN Data breaches Cybercrime 137

Security Affairs

FEBRUARY 22, 2023

Apple updated its advisories by adding three new vulnerabilities, tracked as CVE-2023-23520, CVE-2023-23530 and CVE-2023-23531, that affect iOS, iPadOS , and macOS. An attacker can trigger the CVE-2023-23530 flaw to execute arbitrary code out of its sandbox or with certain elevated privileges. ” reads the advisory.

Surveillance 98

Surveillance Spyware Hacking Software 98

Security Affairs

JUNE 22, 2023

The IT giant addressed the zero-day vulnerabilities, tracked as CVE-2023-32434 and CVE-2023-32435 , exploited as part of the recently disclosed Operation Triangulation. Recently, Kaspersky researchers dug into Operation Triangulation and discovered more details about the exploit chain employed to deliver the spyware to iOS devices.

Spyware 98

Spyware Mobile Hacking Information Security 98

Security Affairs

MARCH 24, 2024

Government’s Antitrust Case Against Apple Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Ramadan )

Malware 133

Malware Cybercrime Hacking Cyber threats 133

Security Affairs

APRIL 8, 2023

The CVE-2023-26083 flaw in the Arm Mali GPU driver is chained with other issues to install commercial spyware, as reported by Google’s Threat Analysis Group (TAG) in a recent report. CISA orders federal agencies to fix this flaw by April 28, 2023.

Backups 98

Backups Spyware Ransomware Education 98

Security Affairs

JULY 15, 2023

Government agencies SonicWall urges organizations to fix critical flaws in GMS/Analytics products Citrix fixed a critical flaw in Secure Access Client for Ubuntu Cl0p hacker operating from Russia-Ukraine war front line – exclusive Fortinet fixed a critical flaw in FortiOS and FortiProxy Microsoft mitigated an attack by Chinese threat actor Storm-0558 (..)

Spyware 98

Spyware Hacking Data breaches Mobile 98

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 98

Spyware Ransomware Malware Data breaches 98

Security Affairs

JUNE 11, 2023

Gox exchange and operating BTC-e Japanese Pharmaceutical giant Eisai hit by a ransomware attack Clop ransomware gang was testing MOVEit Transfer bug since 2021 Stealth Soldier backdoor used is targeted espionage attacks in Libya Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue Experts detail a new Kimsuky (..)

Social Engineering 98

Social Engineering Data breaches Ransomware Cybercrime 98