Security Affairs

SEPTEMBER 22, 2023

Citizen Lab and Google’s TAG revealed that the three recently patched Apple zero-days were used to install Cytrox Predator spyware. Apple this week released emergency security updates to address three new zero-day vulnerabilities (CVE-2023-41993, CVE-2023-41991, CVE-2023-41992) that have been exploited in attacks in the wild.

Spyware 127

Spyware Surveillance Mobile Hacking 127

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware 126

Spyware Data breaches Hacking Ransomware 126

Security Affairs

APRIL 3, 2024

Two issues fixed by the IT giant, tracked as CVE-2024-29745 and CVE-2024-29748, are actively exploited in the wild. “The most severe of these issues is a high security vulnerability in the System component that could lead to local escalation of privilege with no additional execution privileges needed.”

Spyware 134

Spyware Firmware Hacking Information Security 134

Security Affairs

MARCH 5, 2024

Apple released emergency security updates to address two new iOS zero-day vulnerabilities actively exploited in the wild against iPhone users. Apple released emergency security updates to address two iOS zero-day vulnerabilities, respectively tracked as CVE-2024-23225 and CVE-2024-23296, that were exploited in attacks against iPhone devices.

Spyware 140

Spyware Hacking Information Security 140

Security Affairs

JUNE 13, 2024

Google is warning of a security vulnerability impacting its Pixel Firmware that has been actively exploited in the wild as a zero-day. Google warned of an elevation of privilege vulnerability, tracked as CVE-2024-32896, in the Pixel Firmware, which has been exploited in the wild as a zero-day. ” reads the advisory.

Firmware 123

Firmware Spyware Hacking Information Security 123

Security Affairs

AUGUST 6, 2024

Google addressed an actively exploited high-severity vulnerability, tracked as CVE-2024-36971, impacting the Android kernel. Google fixed a high-severity flaw, tracked as CVE-2024-36971, impacting the Android kernel. “There are indications that CVE-2024-36971 may be under limited, targeted exploitation.”

Firmware 130

Firmware Spyware Hacking Technology 130

Security Affairs

DECEMBER 27, 2024

Palo Alto Networks addressed a high-severity flaw, tracked as CVE-2024-3393 (CVSS score: 8.7), in PAN-OS software that could cause a denial-of-service (DoS) condition. reached the end of life (EOL) on November 17, 2024, for this reason, it will not provide a fix for this release. The company noted that PAN-OS 11.0

DNS 112

DNS Firewall Spyware Software 112

Security Affairs

JULY 14, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 126

Malware Spyware Internet Internet 126

Security Affairs

OCTOBER 9, 2024

Google Threat Analysis Group claims that CVE-2024-43047 may be under limited, targeted exploitation, Wang also confirms in-the-wild activity. Regarding the Microsoft flaws added by CISA to the KEV catalog, both issues were addressed by the IT giant in Patch Tuesday security updates for October 2024.

Social Engineering 136

Social Engineering Spyware Engineering Cybersecurity 136

Security Affairs

OCTOBER 22, 2024

Google’s Threat Analysis Group (TAG) warns of a Samsung zero-day vulnerability, tracked as CVE-2024-44068 (CVSS score of 8.1), which is exploited in the wild. Samsung addressed the vulnerability with the release of security updates in October 2024 “A Use-After-Free in the mobile processor leads to privilege escalation.”

Firmware 144

Firmware Mobile Spyware Media 144

Security Affairs

FEBRUARY 25, 2024

Iran Crisis Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign U.S.

Spyware 129

Spyware Cyber Insurance Hacking Advertising 129

Security Affairs

SEPTEMBER 15, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 119

Malware Spyware Banking Ransomware 119

Security Affairs

AUGUST 4, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 139

Malware Spyware Media Phishing 139

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 125

Spyware Surveillance DDOS Identity Theft 125

Security Affairs

NOVEMBER 16, 2024

” NSO Group continued using WhatsApp exploits, including spyware called “Erised,” even after being sued for violating anti-hacking laws. In May 2019, Facebook patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device.

Spyware 117

Spyware Surveillance Malware Hacking 117

Security Affairs

MARCH 6, 2024

” reads the security bulletin published by the company. The issue is likely chained with other flaws in an exploit used by a commercial spyware vendor or a nation-state actor. CISA orders federal agencies to fix this vulnerability by March 26, 2024.

Spyware 137

Spyware Ransomware Cybersecurity Risk 137

Security Affairs

OCTOBER 8, 2024

Qualcomm addressed 20 vulnerabilities in its products, including a potential zero-day issue tracked as CVE-2024-43047 (CVSS score 7.8). I found an issue in collaboration with Amnesty and TAG that we have indication may be used ITW, CVE-2024-43047. The vulnerability stems from a use-after-free bug that could lead to memory corruption.

Mobile 119

Mobile Spyware Manufacturing Hacking 119

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Data breaches 122

Data breaches Computers and Electronics Spyware Cybercrime 122

Security Affairs

FEBRUARY 7, 2024

In September 2023, Citizen Lab and Google’s TAG revealed that the three recently patched Apple zero-days (CVE-2023-41993, CVE-2023-41991, CVE-2023-41992) were used to install Cytrox Predator spyware. CISA orders federal agencies to fix this vulnerability by February 27, 2024.

Spyware 133

Spyware Hacking Cybersecurity Risk 133

BH Consulting

SEPTEMBER 24, 2024

NIS2 in the nick of time The Irish Government has published the Heads of Bill for the NIS2 Directive (the Network and Information Security Directive EU 2022/2555, to give its full name). The National Cyber Security Bill 2024 is the legislative vehicle for transposing NIS2 into Irish law.

Energy and Utilities 69

Energy and Utilities Penetration Testing Banking Spyware 69

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 109

Cryptocurrency Hacking Phishing Cyber Attacks 109

Security Affairs

MARCH 24, 2024

surfaces in the threat landscape Pokemon Company resets some users’ passwords Ukraine cyber police arrested crooks selling 100 million compromised accounts New AcidPour wiper targets Linux x86 devices.

Malware 125

Malware Cybercrime Hacking Cyber threats 125

Security Affairs

JULY 28, 2024

Ukraine’s cyber operation shut down the ATM services of major Russian banks A bug in Chrome Password Manager caused user credentials to disappear BIND updates fix four high-severity DoS bugs in the DNS software suite Terrorist Activity is Accelerating in Cyberspace – Risk Precursor to Summer Olympics and Elections Progress Software fixed (..)

Spyware 122

Spyware Data breaches Cybercrime Banking 122

Security Affairs

AUGUST 21, 2024

The Vermin group attempted to deploy two malicious codes in this campaign, the previously known Spectr spyware, and a new malware family dubbed Firmachagent. In June 2024, Ukraine CERT-UA warned of cyber attacks targeting defense forces with SPECTR malware as part of another cyber espionage campaign dubbed SickSync.

Malware 127

Malware Spyware Phishing Cyber threats 127

Security Affairs

NOVEMBER 19, 2024

DEEPDATA is a modular post-exploitation tool for Windows that allows operators to harvest sensitive information from infected systems. DEEPPOST is a post-exploitation data exfiltration tool used to send files to a remote system and LIGHTSPY is a modular spyware. ” reads the advisory.

VPN 117

VPN Malware Spyware Authentication 117

Security Affairs

JANUARY 21, 2024

Patch it now! million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8 million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8

Artificial Intelligence 128

Artificial Intelligence VPN Hacking Firewall 128

Security Affairs

APRIL 21, 2024

PoC publicly available Linux variant of Cerber ransomware targets Atlassian servers Ivanti fixed two critical flaws in its Avalanche MDM Researchers released exploit code for actively exploited Palo Alto PAN-OS bug Cisco warns of large-scale brute-force attacks against VPN and SSH services PuTTY SSH Client flaw allows of private keys recovery A renewed (..)

Data breaches 131

Data breaches Phishing Ransomware Malware 131

Security Affairs

APRIL 14, 2024

Crooks manipulate GitHub’s search results to distribute malware BatBadBut flaw allowed an attacker to perform command injection on Windows Roku disclosed a new security breach impacting 576,000 accounts LastPass employee targeted via an audio deepfake call TA547 targets German organizations with Rhadamanthys malware CISA adds D-Link multiple (..)

Data breaches 127

Data breaches Social Engineering Malware Hacking 127

Security Affairs

JULY 7, 2024

GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfill.io GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfill.io

Data breaches 120

Data breaches Hacking Banking Spyware 120

Security Affairs

NOVEMBER 20, 2024

Apple released security updates for iOS, iPadOS, macOS, visionOS, and Safari browser to address two actively exploited zero-day flaws. The vulnerability CVE-2024-44309 is a cookie management issue in WebKit that could lead to a cross-site scripting (XSS) attack when processing malicious web content. ” reads the advisory.

Spyware 100

Spyware Hacking Information Security 100

Security Affairs

SEPTEMBER 24, 2024

Israeli cyber units have developed sophisticated spyware and hacking tools that allow their intelligence to track both Lebanese citizens and visitors. ” reported Al Jazeera.

Hacking 133

Hacking Spyware Mobile Media 133

Security Affairs

JULY 14, 2024

CISA adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog Evolve Bank data breach impacted over 7.6 million miles on U.S.

Data breaches 117

Data breaches VPN Malware Banking 117

Security Affairs

JUNE 2, 2024

Ticketmaster confirms data breach impacting 560 million customers Critical Apache Log4j2 flaw still threatens global finance Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin ShinyHunters is selling data of 30 million Santander customers Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours LilacSquid APT (..)

Data breaches 123

Data breaches VPN Cloud Migration Cybercrime 123

Security Affairs

DECEMBER 12, 2024

The Russia-linked APT Gamaredon used two new Android spyware tools calledBoneSpyandPlainGnome against former Soviet states. Threat actors have used BoneSpy since at least 2021, while PlainGnome first appeared in 2024. Armageddon , Primitive Bear, and ACTINIUM). Gamaredon is still using both families at the time of writing.

Mobile 98

Mobile Malware Surveillance Social Engineering 98

Security Affairs

AUGUST 11, 2024

Day: Exploiting Localhost APIs From the Browser BlackHat USA 2024 – Listen-Up: Sonos Over-The-Air Remote Kernel Exploitation and Covert Wiretap ‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections E.U.

Spyware 117

Spyware Ransomware Hacking Government 117

Security Affairs

FEBRUARY 26, 2024

pic.twitter.com/ucfPwk7zi6 — 安坂星海 Azaka VTuber (@AzakaSekai_) February 18, 2024 Azaka noticed that the hacking firm has a DDoS system relying on a bot that can infect Windows, Linux, or generic IoT devices. The standard version is disguised as a Xiaomi battery, whilst the mini version is just a plain PCB that can be inside anything.

Hacking 133

Hacking Government Spyware Marketing 133

Security Affairs

NOVEMBER 22, 2024

The vulnerability CVE-2024-44309 is a cookie management issue in WebKit that could lead to a cross-site scripting (XSS) attack when processing malicious web content. The vulnerability CVE-2024-44308 impacts the JavaScriptCore and could lead to arbitrary code execution when processing malicious web content. reads the advisory.

Spyware 64

Spyware Hacking Cybersecurity Risk 64