Schneier on Security

JANUARY 4, 2024

It was designed to support both old and new iPhones and included a Pointer Authentication Code (PAC) bypass for exploitation of recent models. The exploit obtains root privileges and proceeds to execute other stages, which load spyware. It uses hardware memory-mapped I/O (MMIO) registers to bypass the Page Protection Layer (PPL).

Spyware 361

Spyware Authentication 361

Krebs on Security

SEPTEMBER 12, 2023

7, researchers at Citizen Lab warned they were seeing active exploitation of a “zero-click,” zero-day flaw to install spyware on iOS devices without any interaction from the victim. Citizen Lab says the bug it discovered was being exploited to install spyware made by the Israeli cyber surveillance company NSO Group.

Spyware 296

Spyware Software Surveillance Authentication 296

Security Affairs

FEBRUARY 15, 2025

However, the circumstance that the Citizen Lab researchers discovered the attack suggests that the threat actor may have used a zero-day exploit to deliver commercial spyware in highly targeted attacks. Such kinds of attacks often rely on zero-day exploits to target journalists, dissidents, and opposition politicians with spyware.

Spyware 108

Spyware DDOS Hacking Authentication 108

Tech Republic Security

DECEMBER 12, 2016

Spyware, brute force attacks, dictionary attacks, and phishing can make circumventing passwords easy. The password simply isn't secure anymore. Here are five tools to add an extra layer of security.

Spyware 141

Spyware Authentication Passwords Phishing 141

Security Affairs

JULY 19, 2022

Researchers spotted previously undocumented spyware, dubbed CloudMensis, that targets the Apple macOS systems. Experts have yet to determine how the victims are initially compromised by this spyware. The post CloudMensis spyware went undetected for many years appeared first on Security Affairs. ” continues the post.

Spyware 98

Spyware Malware Authentication Architecture 98

Security Affairs

JUNE 28, 2019

Many experts linked the Regin malware to the Five Eyes alliance , they found alleged references to the super spyware in a number of presentations leaked by Edward Snowden and according to malware researchers, it has been used in targeted attacks against government agencies in the EU and the Belgian telecoms company Belgacom.

Spyware 108

Spyware Malware Advertising Authentication 108

Malwarebytes

APRIL 28, 2025

Unfortunately, spyware apps with poor reputations and even weaker security practices are all too common. Enable two-factor authentication (2FA). Some forms of two-factor authentication (2FA) can be phished just as easily as a password. However, perhaps one would expect an employee monitoring app to be of a higher standard.

Passwords 85

Passwords Phishing Spyware Password Management 85

Malwarebytes

AUGUST 30, 2023

Anonymous hackers have breached the servers of spyware app “WebDetetive ” , accessing the user database. Spyware apps are installed on a potential victim’s phone without permission and lurk invisibly, collecting data and sending it back to the app operator. Use an antivirus on your phone.

Spyware 98

Spyware Mobile Antivirus Software 98

Malwarebytes

MAY 28, 2024

As you may have read many times before on our blog, some spyware companies have a surprisingly low standard of security. Daigle found that pcTattleTale’s Application Programming Interface (API) allows any attacker to access the most recent screen capture recorded from any device on which the spyware is installed.

Spyware 112

Spyware Software Malware Mobile 112

Security Affairs

NOVEMBER 19, 2024

DEEPPOST is a post-exploitation data exfiltration tool used to send files to a remote system and LIGHTSPY is a modular spyware. Experts noticed that due to this vulnerability, user credentials remain in process memory after a user authenticates to the VPN.

VPN 118

VPN Malware Spyware Passwords 118

SecureList

DECEMBER 16, 2021

It includes stealing VPN connection data, logging keypresses, capturing screenshots and videos of the screen, recording sound with the microphone, stealing clipboard data and operating system event log data (which also makes stealing RDP authentication data possible), and much more.

Spyware 136

Spyware Energy and Utilities Malware VPN 136

Security Affairs

AUGUST 22, 2019

The popular malware researcher Lukas Stefanko from ESET discovered that a malicious spyware, built on the AhMyth open-source espionage tool, was uploaded on Google Play twice over two weeks, bypassing Google security checks. This feature is fake, the user will be always authenticated for every input he will provide. Pierluigi Paganini.

Spyware 103

Spyware Advertising Malware Mobile 103

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 109

Cryptocurrency Hacking Phishing Cyber Attacks 109

Malwarebytes

APRIL 11, 2024

Mercenary spyware is used by governments to target people like journalists, political activists, and similar targets, and involves the use of sophisticated tools like Pegasus. Pegasus is one of the world’s most advanced and invasive spyware tools, known to utilize zero-day vulnerabilities against mobile devices.

Spyware 131

Spyware Government Mobile Password Management 131

Security Affairs

DECEMBER 16, 2021

Tens of thousands of devices worldwide, including many industrial control systems (ICS), have been hit by the PseudoManuscrypt spyware. Kaspersky researchers reported that tens of thousands of devices belonging to industrial and government organizations worldwide have been hit by the PseudoManuscrypt spyware.

Spyware 139

Spyware Energy and Utilities Malware Engineering 139

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware 127

Spyware Data breaches Hacking Ransomware 127

Troy Hunt

SEPTEMBER 7, 2018

This week there's also a few random things ranging from online authenticity (the human kind), changes in Chrome 69 (there's some major visual security indicators gone), yet another spyware breach (just don't.), mSpy got breached - again (seriously folks, never ever install spyware on anyone's device!). per day ??. References.

Spyware 130

Spyware Passwords Authentication Hacking 130

Security Affairs

MARCH 3, 2025

An authenticated local attacker could exploit the flaw to elevate privileges in low-complexity attacks. The forensics analysis conducted by Amnesty found that the Serbian police used the Cellbrite’s exploit to unlock Vedran’s Samsung Galaxy A32 and install an unknown Android application likely linked with NoviSpy spyware.

Hacking 68

Hacking Spyware Technology Surveillance 68

Security Affairs

FEBRUARY 15, 2025

Sorry, It’s Windows Malware Malware Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data Breach Google Tag Manager Skimmer Steals Credit Card Info From Magento Site From South America to Southeast Asia: The Fragile Web of REF7707 Deep Learning-Driven Malware Classification with API Call Sequence Analysis and Concept Drift Handling Hacking (..)

Spyware 70

Spyware Firewall Artificial Intelligence Malware 70

Malwarebytes

APRIL 11, 2022

The spyware is offered on download sites pretending to be installers for freeware and cracked versions of paid software. Several campaigns were found to push out this spyware, but all of them were easily connected by the malicious program embedded in the cracked versions of installers, and freeware.

Media 143

Media Malware Spyware Accountability 143

Security Affairs

AUGUST 7, 2022

affiliate sideloads Cobalt Strike through Windows Defender Gootkit AaaS malware is still active and uses updated tactics Austria investigates DSIRF firm for allegedly developing Subzero spyware ALPHV/BlackCat ransomware gang claims to have stolen data from Creos Luxembourg S.A.

Spyware 142

Spyware Manufacturing Small Business Surveillance 142

Threatpost

MAY 6, 2020

The Dacls RAT has been ported from an existing Linux version.

Spyware 106

Spyware Authentication Malware 106

CyberSecurity Insiders

NOVEMBER 24, 2021

Authentication- Most conferencing platforms offer authentication feature such as One time passcodes as their 1st line of defense. 2FA feature- A secure video conferencing platform will always offer users a 2 factor authentication such as an OTP via email or SMS as an additional verification feature.

Risk 137

Risk Identity Theft Authentication Wireless 137

Security Affairs

MARCH 16, 2025

CISA adds Apple products and Juniper Junos OS flaws to its Known Exploited Vulnerabilities catalog GitLab addressed critical auth bypass flaws in CE and EE North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy Experts warn of a coordinated surge in the exploitation attempts of SSRF vulnerabilities Meta warns of actively exploited (..)

Spyware 73

Spyware Cybercrime Ransomware IoT 73

Security Affairs

SEPTEMBER 28, 2021

Trend Micro has addressed a critical authentication bypass vulnerability, tracked as CVE-2021-36745, affecting the ServerProtect solution. Trend Micro has released security patches to address a critical authentication bypass vulnerability, tracked as CVE-2021-36745 , that affects the Trend Micro ServerProtect product.

Authentication 104

Authentication Spyware Hacking Information Security 104

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. Such a scenario would typically require exploiting vulnerabilities in the BIOS update authentication process.

Firmware 145

Firmware Spyware Surveillance Hacking 145

SecureList

JANUARY 19, 2022

Kaspersky ICS CERT has uncovered a number of spyware campaigns targeting industrial enterprises. The attackers use off-the-shelf spyware, but limit the scope and lifetime of each sample to the bare minimum. The attackers use off-the-shelf spyware, but limit the scope and lifetime of each sample to the bare minimum.

Spyware 105

Spyware Accountability VPN Malware 105

Krebs on Security

SEPTEMBER 14, 2022

An authenticated attacker could exploit these vulnerabilities to run a specially crafted trusted solution package and execute arbitrary SQL commands. “Lockdown Mode, on the other hand, is meant for users who potentially face targeted spyware attacks and aggressive state-backed hacking.

Spyware 221

Spyware Cyber threats Security Defenses Cyber Attacks 221

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 98

Spyware Hacking Malware Social Engineering 98

SiteLock

AUGUST 27, 2021

Use best practices like creating a separate password for every account and device, using two-factor authentication, and create strong passwords with a combination of upper-case and lower-case letters, numbers, and symbols. Many routers and devices are installed with a default password that’s easy to probe and penetrate.

IoT 98

IoT Spyware VPN Passwords 98

Security Affairs

APRIL 9, 2020

Spyware turned out to be the most common malware class hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains. Spyware: the most likely COVID-19 payload. Most COVID-19-related phishing emails analyzed had different spyware strains embedded as attachments. Source: CERT-GIB.

Phishing 142

Phishing Malware Spyware DDOS 142

Security Affairs

JULY 19, 2022

The spyware is able to steal SMS messages, contact lists, and device information and to sign victims up for premium service subscriptions. The Facestealer spyware was first spotted on July 2021 by Dr. Web researchers, the development team behind the threat has frequently changed its code.

Malware 134

Malware Spyware Banking Mobile 134

CyberSecurity Insiders

DECEMBER 27, 2021

Note- From the past few days, some media houses are running rampant reports that the pirated movie copies of “Spider Man No Way Home” might be riddled with crypto mining and blister malware.

Malware 124

Malware Adware Security Defenses Spyware 124

SecureList

DECEMBER 9, 2024

XZ backdoor to bypass SSH authentication What happened? User data was stolen from Cisco Duo, a service that provides organizations with multi-factor authentication (MFA) and single sign-on (SSO) network access, as a consequence of a phishing attack targeting an employee of a third-party telephony provider.

Internet 114

Internet Internet Risk Social Engineering 114

Hacker's King

MAY 20, 2023

Two-factor authentication (2FA) has become an essential security measure in the digital age. By impersonating the authenticated user, they can bypass the 2FA process altogether. Call forwarding, Botnets, Spyware: Securing Devices and Networks More sophisticated methods of bypassing 2FA involve compromising the user’s device.

Authentication 52

Authentication Social Engineering Spyware Engineering 52

Security Affairs

APRIL 27, 2024

The attack chain starts with fake application updates for popular software, such as the Chrome browser and the Austrian digital authentication application. The malware also supports multiple “ spyware ” functionalities, it can gather device information, call history, geolocation, and record audio.

Malware 132

Malware Spyware Authentication Mobile 132

Security Affairs

FEBRUARY 23, 2025

tr with a Human and Artificial Analyst Training Approach for Long Short-Term Memory Network Classifier Hacking whoAMI: A cloud image name confusion attack Xerox Versalink C7025 Multifunction Printer: Pass-Back Attack Vulnerabilities (FIXED) How Hackers Manipulate Agentic AI with Prompt Engineering Palo Alto Networks tags new firewall bug as exploited (..)

Malware 66

Malware Scams Encryption Phishing 66