Security Affairs

FEBRUARY 26, 2025

” LightSpy now targets social media platforms like Facebook and Instagram from Android, extracting messages, contacts, and metadata, enhancing surveillance and exploitation potential. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, LightSpy spyware)

Data collection 103

Data collection Spyware Media Surveillance 103

Security Affairs

NOVEMBER 11, 2022

Lookout researchers discovered two long-running surveillance campaigns targeting the ethnic minority Uyghurs. Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. SecurityAffairs – hacking, Uyghurs). List of installed packages. Pierluigi Paganini.

Surveillance 98

Surveillance Spyware Malware Mobile 98

Security Affairs

MAY 1, 2023

Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). However, much of the victim data points to its broader usage, which indicates targeted surveillance efforts towards minorities within Iran.”

Surveillance 98

Surveillance Malware Spyware Accountability 98

Krebs on Security

MARCH 31, 2022

At issue are forged “emergency data requests,” (EDRs) sent through hacked police or government agency email accounts. ” Tuesday’s story showed how fraudulently obtained EDRs were a tool used by members of LAPSUS$ , the data extortion group that recently hacked Microsoft , NVIDIA , Okta and Samsung.

Government 314

Government Accountability Education Media 314

Security Affairs

FEBRUARY 9, 2025

US Justice Department says cybercrime forum allegedly affected 17 million Americans Cybercrime is increasingly complex.

Spyware 60

Spyware Cybercrime Scams Social Engineering 60

SecureWorld News

AUGUST 27, 2021

Australian Parliament passed the controversial Surveillance Legislation Amendment Bill 2020, also known as the Identify and Disrupt Bill and to a few the “hacking” bill, on August 25. Differing views on the police "hacking" bill. All eyes will be on Australia to see the results of the “hacking” bill’s introduction.

Hacking 98

Hacking Computers and Electronics Surveillance Cybercrime 98

Security Affairs

FEBRUARY 10, 2022

I transcribed a recent interview, here some questions and answers about nation-state hacking, spyware, and cyber warfare. Spyware are powerful weapons in the arsenal of governments and cybercrime gangs. Pegasus is probably the most popular surveillance software on the market, it has been developed by the Israeli NSO Group.

Spyware 98

Spyware Hacking Ransomware Surveillance 98

Krebs on Security

SEPTEMBER 30, 2024

A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, the government alleges. had some personal problems and checked himself into rehab.

Cryptocurrency 311

Cryptocurrency Government Internet Internet 311

Malwarebytes

DECEMBER 7, 2021

Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets. Sadly, any setback to the Chinese hacking group or others will likely be temporary as the hackers will find and build new infrastructure to use in forthcoming attacks. An overview of Chinese hacking groups and their aliases.

Hacking 120

Hacking Malware Surveillance Data collection 120

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 124

Social Engineering Data breaches Spyware Malware 124

Security Affairs

MARCH 21, 2021

Hackers also posted images captured from the hacked surveillance video on Twitter with an #OperationPanopticon hashtag, published images show that they have gained root shell access to the surveillance cameras used by Telsa and Cloudflare. SecurityAffairs – hacking, cybercrime). ” continues the DoJ.

Identity Theft 106

Identity Theft Computers and Electronics Surveillance Hacking 106

Krebs on Security

MARCH 29, 2022

The reality that teenagers are now impersonating law enforcement agencies to subpoena privileged data on their targets at whim is evident in the dramatic backstory behind LAPSUS$ , the data extortion group that recently hacked into some of the world’s most valuable technology companies , including Microsoft , Okta , NVIDIA and Vodafone.

Accountability 293

Accountability Government Hacking Social Engineering 293

Krebs on Security

NOVEMBER 15, 2022

Wanted Ukrainian cybercrime suspect Vyacheslav “Tank” Penchukov (right) was arrested in Geneva, Switzerland. Ultimately, Penchukov’s political connections helped him evade prosecution by Ukrainian cybercrime investigators for many years. This was enough to positively identify Tank as Penchukov, Warner said.

Banking 325

Banking Small Business Accountability Malware 325

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 124

Spyware Surveillance DDOS Identity Theft 124

Malwarebytes

DECEMBER 7, 2021

Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets. Sadly, any setback to the Chinese hacking group or others will likely be temporary as the hackers will find and build new infrastructure to use in forthcoming attacks. An overview of Chinese hacking groups and their aliases.

Hacking 96

Hacking Malware Surveillance Data collection 96

Krebs on Security

AUGUST 5, 2019

This story is about how crooks increasingly are abusing third-party financial aggregation services like Mint , Plaid , Yodlee , YNAB and others to surveil and drain consumer accounts online. Crooks are constantly probing bank Web sites for customer accounts protected by weak or recycled passwords.

Banking 275

Banking Passwords Risk Accountability 275

Security Affairs

JULY 31, 2022

. “We’re publishing the details of a new vulnerability (tracked under CVE-2022-30563) affecting the implementation of the Open Network Video Interface Forum (ONVIF) WS-UsernameToken authentication mechanism in some IP cameras developed by Dahua, a very popular manufacturer of IP-based surveillance solutions.” Pierluigi Paganini.

Surveillance 145

Surveillance Authentication Telecommunications Manufacturing 145

Security Affairs

JANUARY 7, 2024

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4

Artificial Intelligence 123

Artificial Intelligence Data breaches Scams Insurance 123

Security Affairs

DECEMBER 24, 2019

According to a report published by the New York Times, the popular app ToTok was used by the UAE government as a surveillance tool. The report said US intelligence officials and a security researcher determined the app was being used by the UAE government for detailed surveillance. SecurityAffairs – ToTok, surveillence).

Government 94

Government Surveillance Advertising Mobile 94

Security Affairs

SEPTEMBER 29, 2024

CISA adds new Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw International law enforcement operation dismantled criminal communication platform Ghost U.S.

Hacking 115

Hacking Ransomware Antivirus Cybercrime 115

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% SecurityAffairs – hacking, newsletter). Pierluigi Paganini.

Spyware 141

Spyware Manufacturing Small Business Surveillance 141

Security Affairs

NOVEMBER 14, 2018

During the first day of the Pwn2Own Tokyo 2018 contest, participants hacked Apple iPhone X, Samsung Galaxy S9 and Xiaomi Mi 6 devices earning more than $225,000. On the second day, the organizers only paid $100,000 for one iPhone and two Xiaomi hacks. Security Affairs – Pwn2Own Tokyo 2018, hacking). Pierluigi Paganini.

Hacking 109

Hacking Advertising Surveillance IoT 109

Security Affairs

SEPTEMBER 14, 2023

A joint investigation conducted by Access Now and the Citizen Lab revealed that the journalist, who is at odds with the Russian government, was infected with the surveillance software. However, there is no public evidence that the Russian government is a client of the Israeli surveillance firm NSO Group. ” states Access Now.

Spyware 130

Spyware Surveillance Media Government 130

Security Affairs

JULY 30, 2023

Now Abyss Locker also targets VMware ESXi servers Russian APT BlueBravo targets diplomatic entities with GraphicalProton backdoor CoinsPaid blames North Korea-linked APT Lazarus for theft of $37M worth of cryptocurrency Monitor Insider Threats but Build Trust First Zimbra fixed actively exploited zero-day CVE-2023-38750 in ZCS DepositFiles exposed (..)

Surveillance 98

Surveillance Cryptocurrency Cyber Attacks Hacking 98

Security Affairs

MARCH 28, 2024

In 2023, the researchers attributed a combined total of 48 out of 58 zero-day vulnerabilities to commercial surveillance vendors (CSVs) and government espionage actors, while 10 zero-day flaws were attributed to financially motivated actors.

Government 138

Government Surveillance Ransomware Cybercrime 138

Security Affairs

DECEMBER 4, 2022

. “Court documents and government contracting records show the agencies tasked with monitoring the Mexican border have spent record sums on car hacking tools, while talking up the extraordinary amount of valuable evidence that can be reaped from onboard computers.” SecurityAffairs – hacking, infotainment systems).

Surveillance 108

Surveillance Technology Mobile Hacking 108

Security Affairs

JULY 23, 2023

Multiple DDoS botnets were observed targeting Zyxel devices CISA warns of attacks against Citrix NetScaler ADC and Gateway Devices Experts believe North Korea behind JumpCloud supply chain attack Nice Suzuki, sport: shame dealer left your data up for grabs Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group ALPHV/BlackCat and (..)

DDOS 98

DDOS Hacking Spyware Surveillance 98

Security Affairs

JANUARY 14, 2022

Hensoldt AG focuses on sensor technologies for protection and surveillance missions in the defence, security and aerospace sectors. SecurityAffairs – hacking, Hensoldt). Ransom demands have been quite high, between $500.000 and $700.000. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Ransomware 139

Ransomware Surveillance Mobile Encryption 139

Security Affairs

NOVEMBER 25, 2021

The PowerShortShell stealer is also used for Telegram surveillance and gathering system information from infected systems. “The adversary might be tied to Iran’s Islamic regime since the Telegram surveillance usage is typical of Iran’s threat actors like Infy, Ferocious Kitten, and Rampant Kitten. fn= hxxp://hr.dedyn.io/upload2.aspx

Surveillance 110

Surveillance Social Engineering Ransomware Cybercrime 110

Security Affairs

SEPTEMBER 23, 2023

The Royal group began reconnaissance activity in April 2023, and the analysis of system log data dates the beginning of the surveillance operations on April 7, 2023. Royal was then able to traverse the internal City infrastructure during the surveillance period using legitimate 3rd party remote management tools.”

Ransomware 133

Ransomware Surveillance Healthcare Accountability 133

Security Affairs

SEPTEMBER 3, 2022

SecurityAffairs – hacking, newsletter). users China-linked APT40 used ScanBox Framework in a long-running espionage campaign Russian streaming platform Start discloses a data breach impacting 7.5M Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Data breaches 97

Data breaches Malware Ransomware Surveillance 97

Security Affairs

MAY 9, 2022

Researchers warn of a remote access trojan called DCRat (aka DarkCrystal RAT) that is available for sale on Russian cybercrime forums. Cybersecurity researchers from BlackBerry are warning of a remote access trojan called DCRat (aka DarkCrystal RAT) that is available for sale on Russian cybercrime forums. To nominate, please visit:?

Cybercrime 100

Cybercrime Malware Surveillance DDOS 100

Security Affairs

JULY 15, 2023

Government agencies SonicWall urges organizations to fix critical flaws in GMS/Analytics products Citrix fixed a critical flaw in Secure Access Client for Ubuntu Cl0p hacker operating from Russia-Ukraine war front line – exclusive Fortinet fixed a critical flaw in FortiOS and FortiProxy Microsoft mitigated an attack by Chinese threat actor Storm-0558 (..)

Spyware 98

Spyware Hacking Data breaches Mobile 98

Security Affairs

JANUARY 16, 2022

US NCSC and DoS share best practices against surveillance tools Swiss army asks its personnel to use the Threema instant-messaging app Russian submarines threatening undersea cables, UK defence chief warns. SecurityAffairs – hacking, newsletter). Threat actors stole $18.7M Follow me on Twitter: @securityaffairs and Facebook.

Ransomware 109

Ransomware Surveillance Malware Hacking 109

Security Affairs

OCTOBER 18, 2018

to more than 6,000 customers, he also helped them to hack computers worldwide. Security Affairs – Luminosity RAT, cybercrime ). In September 2016, the UK law enforcement arrested Colton Grubbs, the man admitted to designing, marketing, and selling LuminosityLink. Grubbs offered for sale the malware for $39.99 Pierluigi Paganini.

Computers and Electronics 96

Computers and Electronics Cybercrime Advertising Marketing 96

Security Affairs

DECEMBER 15, 2024

CISA adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog German agency BSI sinkholed a botnet of 30,000 devices infected with BadBox U.S.

Firewall 63

Firewall Spyware Surveillance Cybercrime 63

Security Affairs

JULY 20, 2023

The experts noticed the use of an IP address that was part of the hacking infrastructure used by APT41 between May 2014 and August 2020. “After it’s installed and launched, WyrmSpy uses known rooting tools to gain escalated privileges to the device and perform surveillance activities specified by commands received from its C2 servers.

Spyware 98

Spyware Surveillance Mobile Malware 98