Security Affairs

MARCH 16, 2025

CISA adds Apple products and Juniper Junos OS flaws to its Known Exploited Vulnerabilities catalog GitLab addressed critical auth bypass flaws in CE and EE North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy Experts warn of a coordinated surge in the exploitation attempts of SSRF vulnerabilities Meta warns of actively exploited (..)

Spyware 72

Spyware Cybercrime Ransomware IoT 72

Security Affairs

NOVEMBER 24, 2024

CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)

Cybercrime 71

Cybercrime Artificial Intelligence Hacking VPN 71

CyberSecurity Insiders

MARCH 16, 2023

trillion by 2025, and among the guestimate, half of the amount is expected to be made through phishing targeting mobiles and tablets. And as more individuals are using personal mobile phones for office use, it can also compromise business security via personal devices- especially in the realm of remote work or WFH culture.

Cybercrime 94

Cybercrime Social Engineering Mobile Spyware 94

Tech Republic Security

DECEMBER 22, 2023

ESET's latest report highlights the abuse of the ChatGPT name, the rise of the Lumma Stealer malware and the Android SpinOk SDK spyware.

Threat Reports 200

Threat Reports Spyware Malware Artificial Intelligence 200

Security Affairs

JUNE 2, 2022

The investigation involved law enforcement authorities of Australia, Belgium, Finland, Hungary, Ireland, Spain, Sweden, Switzerland, the Netherlands and the United States, with the coordination of international activity carried out by Europol’s European Cybercrime Centre (EC3). ” reads the announcement published by Europol.

Spyware 102

Spyware Malware Banking Cybercrime 102

Security Affairs

NOVEMBER 11, 2022

Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. The threat actors behind the campaigns used two Android spyware to spy on the victims and steal sensitive information. List of installed packages. Call logs and geocoded location associated with the call.

Surveillance 98

Surveillance Spyware Malware Mobile 98

Security Affairs

FEBRUARY 15, 2025

CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs Hacking Attackers exploit a new zero-day to hijack Fortinet firewalls Security OpenSSL patched high-severity flaw CVE-2024-12797 Progress Software fixed multiple high-severity (..)

Spyware 69

Spyware Firewall Artificial Intelligence Malware 69

Security Affairs

JUNE 16, 2023

An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico.

Backups 98

Backups Spyware Malware Accountability 98

SecureList

FEBRUARY 5, 2025

The malware, which we dubbed “SparkCat”, used an unidentified protocol implemented in Rust, a language untypical of mobile apps, to communicate with the C2. This is the first known case of an app infected with OCR spyware being found in Apple’s official app marketplace.

Malware 141

Malware Encryption Mobile Cryptocurrency 141

Security Affairs

JUNE 1, 2023

Researchers discovered spyware, dubbed SpinOk, hidden in 101 Android apps with over 400 million downloads in Google Play. The malicious module is distributed as a marketing SDK that developers behind the apps embedded in their applications and games, including those available on Google Play.

Spyware 98

Spyware Advertising Malware Marketing 98

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 125

Social Engineering Data breaches Spyware Malware 125

Security Affairs

JANUARY 12, 2020

The spyware is able to steal SMS messages, contact lists and device information along with to sign victims up for premium service subscriptions. The Joker spyware checks for SIM cards associated with one of the above countries. This approach allows the Joker spyware to make it hard static analysis. ” continues the report.

Malware 102

Malware Spyware Advertising Mobile 102

Malwarebytes

FEBRUARY 16, 2021

April’s global shutdown was accompanied by a staggering rise in the use of stalkerware, a short-hand term for the type of mobile monitoring and spyware apps that are sometimes deployed by abusive partners. If 2020 taught us anything, it’s that cybercrime stops for nothing. New adversaries crawled out of the woodwork, too.

Malware 130

Malware Scams Spyware Healthcare 130

Security Affairs

MARCH 5, 2020

The MESSAGETAP spyware was reportedly used by WICKED PANDA to monitor short message service (SMS) traffic from telecom networks. MESSAGETAP is able to collect and store SMS data based on selection criteria, including phone numbers, international mobile subscriber identity (IMSI) numbers and keywords. ” reads the report.

Telecommunications 132

Telecommunications Advertising Mobile Government 132

Security Affairs

AUGUST 28, 2022

The offer includes remote, one-click browser-based exploits that allow threat actors to compromise both Android and iOS mobile devices. The leaked documentation demonstrates that the company offers services for remote data extraction from Android and iOS devices. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Surveillance 141

Surveillance Spyware Mobile Hacking 141

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 98

Spyware Hacking Malware Social Engineering 98

Security Affairs

AUGUST 11, 2024

CISA adds Apache OFBiz and Android kernel bugs to its Known Exploited Vulnerabilities catalog Russian cyber spies stole data and emails from UK government systems 0.0.0.0

Spyware 117

Spyware Ransomware Hacking Government 117

Security Affairs

JULY 19, 2022

The spyware is able to steal SMS messages, contact lists, and device information and to sign victims up for premium service subscriptions. The Facestealer spyware was first spotted on July 2021 by Dr. Web researchers, the development team behind the threat has frequently changed its code.

Malware 133

Malware Spyware Banking Mobile 133

SiteLock

AUGUST 27, 2021

The consequences of which are not only born by companies who are the primary targets of cybercrime. The Main Threats to Your Mobile and Domestic Tranquility. But, every advancement towards realizing a 21st century quality of life comes with a wave of security threats, old and new. Your home systems are more vulnerable than you think.

IoT 98

IoT Spyware VPN Passwords 98

CyberSecurity Insiders

JANUARY 23, 2022

According to a research conducted by Avast, grandparents aged between in 55 to 64 are being targeted mainly by those spreading ransomware, tech support scams, spyware and botnets. Whereas, the younger generation was being hit by TikTok scams that mainly spread malware, spyware, adware and data, stealing Trojans to mobiles.

Scams 90

Scams Ransomware Spyware Adware 90

SecureWorld News

NOVEMBER 30, 2023

Consequences of browser-focused cybercrime Hackers are able to utilize browser vulnerabilities to install malware and spyware on devices, steal login credentials for other services, extract sensitive user data, and maintain persistence inside systems.

Spyware 111

Spyware Surveillance Malware Risk 111

Security Affairs

FEBRUARY 28, 2021

If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Spyware 111

Spyware Backups Manufacturing Data breaches 111

Security Affairs

JULY 15, 2023

Government agencies SonicWall urges organizations to fix critical flaws in GMS/Analytics products Citrix fixed a critical flaw in Secure Access Client for Ubuntu Cl0p hacker operating from Russia-Ukraine war front line – exclusive Fortinet fixed a critical flaw in FortiOS and FortiProxy Microsoft mitigated an attack by Chinese threat actor Storm-0558 (..)

Spyware 98

Spyware Hacking Data breaches Mobile 98

Security Affairs

NOVEMBER 10, 2020

The Brazilian cybercrime underground is recognized as the most focuses on the development and commercialization of banking trojans. The Trojan supports common functions similar to other mobile RATs, such us the capability to mask its presence by hiding the icon from the app drawer and abuses Android’s accessibility features.

Banking 109

Banking Mobile Malware Spyware 109

SecureList

MAY 27, 2022

Non-mobile statistics. Mobile statistics. One of the things you can do to protect yourself from advanced mobile spyware is to reboot your device on a daily basis. When they shut down the device, using the power and volume buttons, the spyware displays an image of the iOS shutdown screen, faking the shutdown.

Phishing 134

Phishing Spyware Firmware Malware 134

Security Affairs

APRIL 27, 2024

ThreatFabric researchers uncovered a new mobile malware named Brokewell, which is equipped with sophisticated device takeover features. The malware also supports multiple “ spyware ” functionalities, it can gather device information, call history, geolocation, and record audio.

Malware 132

Malware Spyware Authentication Mobile 132

Security Affairs

JANUARY 30, 2022

QNAP force-installs update against the recent wave of DeadBolt ransomware infections US FCC bans China Unicom Americas telecom over national security risks NCSC warns UK entities of potential destructive cyberattacks from Russia Finnish diplomats’ devices infected with Pegasus spyware Zerodium offers $400,000 for Microsoft Outlook RCE zero-day exploits (..)

Ransomware 98

Ransomware Data breaches Spyware Cybercrime 98

Security Affairs

JULY 4, 2023

“The phishing pages were meticulously set up using Neo_Net’s panels, PRIV8, and implemented multiple defense measures, including blocking requests from non-mobile user agents and concealing the pages from bots and network scanners. ” concludes the report that also provides indicators of compromise (IoCs) for this campaign.

Banking 98

Banking Phishing Social Engineering Authentication 98

SecureList

NOVEMBER 22, 2022

These are attractive aspects that cybercrime groups will be unable to resist. And not only cybercrime groups, but also state-sponsored groups who have already started targeting this industry. Mobile banking Trojans on the rise. Security remains the biggest problem for users who want to make regular mobile payments.

Cryptocurrency 106

Cryptocurrency Mobile Ransomware Banking 106

SecureList

NOVEMBER 17, 2021

Last year, we foresaw the APT and cybercrime worlds becoming more porous on an operational level. The Israeli Defense Forces (IDF) have claimed that threat actors have been using catfishing to lure Israeli soldiers into installing spyware. Mobile devices exposed to wide attacks. More supply chain attacks.

Mobile 145

Mobile Surveillance Ransomware Government 145

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 98

Data breaches Malware Mobile Spyware 98

Security Boulevard

JANUARY 25, 2022

Folks, Who wants to dive deep into some of my latest commercially available research and stay on the top of their OSINT/cybercrime research and threat intelligence gathering game that also includes their team and organization? Dancho Danchev’s “Intell on the Criminal Underground – Who’s Who in Cybercrime for ” Presentation – [PDF].

Cybercrime 96

Cybercrime Hacking Scams Ransomware 96

Security Affairs

SEPTEMBER 23, 2018

NSO mobile Pegasus Spyware used in operations in 45 countries. Magecart cybercrime group stole customers credit cards from Newegg electronics retailer. Cracked Windows installations are serially infected with EternalBlue exploit code. New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms.

Computers and Electronics 84

Computers and Electronics Cryptocurrency Data breaches Advertising 84

Security Affairs

MAY 17, 2022

Experts spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data. Trend Micro researchers spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data from infected devices.

Spyware 98

Spyware Cryptocurrency VPN Malware 98

Security Affairs

DECEMBER 15, 2024

CISA adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog German agency BSI sinkholed a botnet of 30,000 devices infected with BadBox U.S.

Firewall 64

Firewall Spyware Surveillance Cybercrime 64

Security Affairs

AUGUST 29, 2021

Braun Infusomat pumps could be hacked to alter medication doses CISA publishes malware analysis reports on samples targeting Pulse Secure devices Cisco fixed a critical flaw in Cisco APIC for Nexus 9000 series switches Kaseya fixed two of the three Kaseya Unitrends zero-days found in July Personal Data and docs of Swiss town Rolle available on the (..)

Data breaches 107

Data breaches Spyware Hacking Ransomware 107

Security Affairs

MARCH 4, 2023

stolen credit/debit cards Pegasus spyware used to spy on a Polish mayor Hundreds of thousands of websites hacked as part of redirection campaign MQsTTang, a new backdoor used by Mustang Panda APT against European entities Trusted Platform Module (TPM) 2.0 FiXS, a new ATM malware that is targeting Mexican banks BidenCash leaks 2.1M

Data breaches 98

Data breaches Ransomware Spyware Hacking 98