Security Affairs

MARCH 3, 2025

An authenticated local attacker could exploit the flaw to elevate privileges in low-complexity attacks. The forensics analysis conducted by Amnesty found that the Serbian police used the Cellbrite’s exploit to unlock Vedran’s Samsung Galaxy A32 and install an unknown Android application likely linked with NoviSpy spyware.

Hacking 67

Hacking Spyware Technology Surveillance 67

Security Boulevard

MARCH 17, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Kagi Search introduces Privacy Pass authentication AlternativeTo Kagi officially rolls out Privacy Pass support for its Android app. Tuta also shares planned updates "coming soon" to Tuta Mail.

Surveillance 59

Surveillance Data breaches Spyware Malware 59

Security Boulevard

FEBRUARY 17, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Google's reCAPTCHA is not only useless, it's also basically spyware Techspot This study demonstrates Google's reCAPTCHA v2 and v3 are flawed and don't actually keep out bots. Tips for finding old accounts. CVE-2025-21391.

Surveillance 52

Surveillance Data breaches VPN Malware 52

Security Affairs

NOVEMBER 24, 2024

CISA adds Progress Kemp LoadMaster, Palo Alto Networks PAN-OS and Expedition bugs to its Known Exploited Vulnerabilities catalog Great Plains Regional Medical Center ransomware attack impacted 133,000 individuals Recently disclosed VMware vCenter Server bugs are actively exploited in attacks Foreign adversary hacked email communications of the Library (..)

Cybercrime 71

Cybercrime Artificial Intelligence Hacking VPN 71

Security Affairs

SEPTEMBER 3, 2023

LockBit ransomware gang hit the Commission des services electriques de Montréal (CSEM) Social engineering attacks target Okta customers to achieve a highly privileged role Talos wars of customizations of the open-source info stealer SapphireStealer UNRAVELING EternalBlue: inside the WannaCry’s enabler Researchers released a free decryptor for the Key (..)

Social Engineering 125

Social Engineering Data breaches Spyware Malware 125

Security Affairs

SEPTEMBER 1, 2024

Under Meredith Whittaker, It’s Out to Prove Surveillance Capitalism Wrong EU investigating Telegram over user numbers Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Malware 119

Malware Surveillance Firewall Phishing 119

Security Affairs

JUNE 20, 2022

US DoJ announced to have shut down the Russian RSOCKS Botnet MaliBot Android Banking Trojan targets Spain and Italy Chinese DriftingCloud APT exploited Sophos Firewall Zero-Day before it was fixed Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould (..)

Spyware 105

Spyware DNS Ransomware Surveillance 105

Hacker's King

MAY 20, 2023

Two-factor authentication (2FA) has become an essential security measure in the digital age. By impersonating the authenticated user, they can bypass the 2FA process altogether. Call forwarding, Botnets, Spyware: Securing Devices and Networks More sophisticated methods of bypassing 2FA involve compromising the user’s device.

Authentication 52

Authentication Social Engineering Spyware Engineering 52

SecureWorld News

AUGUST 16, 2023

A common example of this is surveillance. We normalize the use of surveilling and tracking young people through "parentware" or spyware (software which allows someone to see what someone else is doing on their device) and apps which enable the tracking of someone's location. Use good passwords.

Surveillance 98

Surveillance Technology Accountability Spyware 98

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 98

Data breaches Malware Mobile Spyware 98

Malwarebytes

OCTOBER 14, 2021

From a technical perspective, spyware—defined as software running on the device that surveils and tracks you—is not much of a thing, because of Apple’s restrictions on what apps can do, plus the fact that you can’t hide an app on iOS. Photos synced up to iCloud can be viewed. You might say, “But wait!

Spyware 125

Spyware Backups Passwords Authentication 125

SecureList

NOVEMBER 14, 2022

The cyber-offense ecosystem still appears to be shaken by the sudden demise of NSO Group; at the same time, these activities indicate to us that we’ve only seen the tip of the iceberg when it comes to commercial-grade mobile surveillance tooling. We believe that research into mail software vulnerabilities is only getting started.

Firmware 128

Firmware Surveillance Mobile Telecommunications 128

Malwarebytes

JULY 2, 2023

Last week on Malwarebytes Labs: A proxyjacking campaign is looking for vulnerable SSH servers New technique can defeat voice authentication "after only six tries" "Free" Evil Dead Rise movie scam lurks in Amazon listings Spyware app LetMeSpy hacked, tracked user data posted online Online safety tips for LGBTQIA+ communities Top contenders in Endpoint (..)

Spyware 94

Spyware Surveillance IoT Scams 94

Security Affairs

DECEMBER 22, 2020

This includes Israeli spyware that could install surveillance software on a target’s phone by simply calling them through WhatsApp. And that’s simply the nature of software – all programs have bugs, some more serious than others. One famous example is WhatsApp, which has had numerous vulnerabilities throughout the years.

Encryption 141

Encryption Spyware Surveillance Software 141

Schneier on Security

MARCH 31, 2025

At the same time, the NSA urgently needs to find and fix any vulnerabilities quickly as it can—and similarly, ensure that commercial smartphones are free of backdoors—access points that allow people other than a smartphone’s user to bypass the usual security authentication methods to access the device’s contents.

Government 347

Government Telecommunications Hacking Spyware 347