Security Affairs

FEBRUARY 10, 2022

I transcribed a recent interview, here some questions and answers about nation-state hacking, spyware, and cyber warfare. Enjoy” How has spyware changed the rules of cyber security in recent years? What will cyber security look like now that those tools are all over the internet? Anyway, it is not the only one.

Spyware 98

Spyware Hacking Ransomware Surveillance 98

Security Affairs

JANUARY 21, 2022

Researchers spotted several spyware campaigns targeting industrial enterprises to steal credentials and conduct financial fraud. Researchers from Kaspersky Lab have uncovered multiple spyware campaigns that target industrial firms to steal email account credentials and carry out fraudulent activities. Pierluigi Paganini.

Spyware 98

Spyware Accountability Social Engineering Phishing 98

Security Affairs

JUNE 23, 2022

The Israeli surveillance firm NSO Group revealed that its Pegasus spyware was used by at least five European countries. The controversial Israeli surveillance vendor NSO Group told the European Union lawmakers that its Pegasus spyware was used by at least five countries in the region. ” concludes the report. Pierluigi Paganini.

Spyware 108

Spyware Surveillance Software Media 108

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Upon installing the two spyware, they request extensive device permissions.

Spyware 98

Spyware Surveillance Mobile Malware 98

Security Affairs

JULY 21, 2021

FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents. The post XLoader, a $49 spyware that could target both Windows and macOS devices appeared first on Security Affairs.

Spyware 111

Spyware Malware Cybercrime Advertising 111

Security Affairs

NOVEMBER 17, 2024

CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices China-linked threat actors compromised multiple telecos and spied on a limited number of U.S.

Cryptocurrency 110

Cryptocurrency Malware Hacking Ransomware 110

Security Affairs

JUNE 2, 2022

The investigation involved law enforcement authorities of Australia, Belgium, Finland, Hungary, Ireland, Spain, Sweden, Switzerland, the Netherlands and the United States, with the coordination of international activity carried out by Europol’s European Cybercrime Centre (EC3). Follow me on Twitter: @securityaffairs and Facebook.

Spyware 101

Spyware Malware Banking Cybercrime 101

Security Affairs

APRIL 16, 2025

It is not a first time that smartphones come with pre-installed malware, earlier 2015, the security firm Bluebox discovered a preinstalled malware , many malicious apps, and a series of security holes on the Xiaomi Mi 4 smartphone.

Malware 126

Malware Manufacturing Mobile Spyware 126

Security Affairs

NOVEMBER 11, 2022

Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. The threat actors behind the campaigns used two Android spyware to spy on the victims and steal sensitive information. List of installed packages. Pierluigi Paganini.

Surveillance 98

Surveillance Spyware Malware Mobile 98

Security Affairs

JUNE 16, 2023

An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico.

Backups 98

Backups Spyware Malware Accountability 98

Security Affairs

NOVEMBER 24, 2024

CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)

Cybercrime 69

Cybercrime Artificial Intelligence Hacking VPN 69

Security Affairs

MARCH 16, 2025

CISA adds Apple products and Juniper Junos OS flaws to its Known Exploited Vulnerabilities catalog GitLab addressed critical auth bypass flaws in CE and EE North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy Experts warn of a coordinated surge in the exploitation attempts of SSRF vulnerabilities Meta warns of actively exploited (..)

Spyware 71

Spyware Cybercrime Ransomware IoT 71

Security Affairs

FEBRUARY 15, 2025

CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs Hacking Attackers exploit a new zero-day to hijack Fortinet firewalls Security OpenSSL patched high-severity flaw CVE-2024-12797 Progress Software fixed multiple high-severity (..)

Spyware 68

Spyware Firewall Artificial Intelligence Malware 68

Security Affairs

APRIL 13, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads BadBazaar: iOS and Android Surveillanceware by Chinas APT15 Used to Target Tibetans and Uyghurs GOFFEE continues to attack (..)

Malware 72

Malware Spyware Government Mobile 72

Security Affairs

FEBRUARY 2, 2025

ESXi Ransomware Attacks: Stealthy Persistence through SSH Tunneling MintsLoader: StealC and BOINC Delivery Cloud Ransomware Developments | The Risks of Customer-Managed Keys New TorNet backdoor seen in widespread campaign Active Exploitation: New Aquabot Variant Phones Home How we kept the Google Play & Android app ecosystems safe in 2024 Solana (..)

Malware 71

Malware Spyware Ransomware Hacking 71

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware 125

Spyware Data breaches Hacking Ransomware 125

Security Affairs

JULY 7, 2024

This newsletter complements the weekly one you already receive. Each week, it will feature a collection of the best articles and research on malware.

Malware 118

Malware Spyware Cybercrime Ransomware 118

Security Affairs

JUNE 1, 2023

Researchers discovered spyware, dubbed SpinOk, hidden in 101 Android apps with over 400 million downloads in Google Play. Upon executing the module, the malware-laced SDK connects to the C2 sending back a large amount of system information about the infected device.

Spyware 98

Spyware Advertising Malware Marketing 98

Security Affairs

DECEMBER 16, 2021

Tens of thousands of devices worldwide, including many industrial control systems (ICS), have been hit by the PseudoManuscrypt spyware. Kaspersky researchers reported that tens of thousands of devices belonging to industrial and government organizations worldwide have been hit by the PseudoManuscrypt spyware.

Spyware 137

Spyware Energy and Utilities Malware Engineering 137

Security Affairs

JULY 28, 2024

CISA adds Adobe Commerce and Magento, SolarWinds Serv-U, and VMware vCenter Server bugs to its Known Exploited Vulnerabilities catalog International Press – Newsletter Cybercrime Walsall teenager arrested in joint West Midlands Police and FBI operation Treasury Sanctions Leader and Primary Member of the Cyber Army of Russia Reborn Three arrested for (..)

Spyware 121

Spyware Data breaches Cybercrime Banking 121

Security Affairs

MARCH 8, 2025

Authorities recovered $31 Million Related to 2021 Uranium Finance cyber heist Serbian student activists phone hacked using Cellebrite zero-day exploit Qilin ransomware gang claimed responsibility for the Lee Enterprises attack Meta fired 20 employees for leaking information, more firings expected International Press Newsletter Cybercrime U.S.

Data breaches 66

Data breaches Hacking Artificial Intelligence Cybercrime 66

Security Affairs

JANUARY 5, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 65

Malware Spyware Ransomware Hacking 65

Security Affairs

FEBRUARY 6, 2024

BTC-e was popular in the cybercrime ecosystem, it was an illegal platform because it was not registered as a money services business with the U.S. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, commercial spyware )

Cryptocurrency 127

Cryptocurrency Spyware Cybercrime Hacking 127

SecureList

NOVEMBER 23, 2021

For instance, we see a new trend emerging in the criminal ecosystem of spyware-based authentication data theft, with each individual attack being directed at a very small number of targets (from single digits to several dozen). Reselling of stolen information to fellow cybercriminals, competitors of the victim and other interested parties.

Spyware 137

Spyware Phishing Cybercrime Energy and Utilities 137

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Data breaches 121

Data breaches Computers and Electronics Spyware Cybercrime 121

Security Affairs

FEBRUARY 23, 2025

CISA adds SonicWall SonicOS and Palo Alto PAN-OS flaws to its Known Exploited Vulnerabilities catalog Juniper Networks fixed a critical flaw in Session Smart Routers China-linked APT group Winnti targets Japanese organizations since March 2024 Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers (..)

Malware 65

Malware Scams Encryption Phishing 65

Security Affairs

AUGUST 4, 2024

US sued TikTok and ByteDance for violating children’s privacy laws Russia-linked APT used a car for sale as a phishing lure to target diplomats with HeadLace malware Investors sued CrowdStrike over false claims about its Falcon platform Avtech camera vulnerability actively exploited in the wild, CISA warns Over 20,000 internet-exposed VMware ESXi instances (..)

Spyware 122

Spyware Phishing Malware Ransomware 122

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 123

Spyware Surveillance DDOS Identity Theft 123

Security Affairs

SEPTEMBER 18, 2020

Every third email, meanwhile, contained spyware , which is used by threat actors to steal payment data or other sensitive info to then put it on sale in the darknet or blackmail its owner. Another 17 percent contained downloaders, while backdoors and banking Trojans came third with a 16- and 15-percent shares, respectively.

Phishing 136

Phishing Ransomware Spyware Banking 136

Security Affairs

SEPTEMBER 15, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 118

Malware Spyware Banking Ransomware 118

Security Affairs

NOVEMBER 24, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 61

Malware Spyware Antivirus VPN 61

Security Affairs

JUNE 2, 2024

Ticketmaster confirms data breach impacting 560 million customers Critical Apache Log4j2 flaw still threatens global finance Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin ShinyHunters is selling data of 30 million Santander customers Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours LilacSquid APT (..)

Data breaches 122

Data breaches VPN Cloud Migration Malware 122

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 123

Social Engineering Data breaches Spyware Malware 123

Security Affairs

AUGUST 7, 2022

affiliate sideloads Cobalt Strike through Windows Defender Gootkit AaaS malware is still active and uses updated tactics Austria investigates DSIRF firm for allegedly developing Subzero spyware ALPHV/BlackCat ransomware gang claims to have stolen data from Creos Luxembourg S.A.

Spyware 141

Spyware Manufacturing Small Business Surveillance 141

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 98

Spyware Hacking Malware Social Engineering 98

Security Affairs

APRIL 20, 2025

infrastructure International Press Newsletter Cybercrime Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks Threat actors misuse Node.js

Data breaches 60

Data breaches Malware Phishing Hacking 60

Security Affairs

SEPTEMBER 10, 2023

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital North Korea-linked threat actors target cybersecurity experts with a zero-day Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks Nation-state actors (..)

DDOS 128

DDOS VPN Data breaches Cybercrime 128