Security Affairs

JULY 7, 2019

ViceLeaker Android spyware targets users in the Middle East. China installs a surveillance app on tourists phones while crossing in the Xinjiang. Godlua backdoor, the first malware that abuses the DNS over HTTPS (DoH). Israeli blamed Russia for jamming at Israeli Ben Gurion airport. LooCipher: The New Infernal Ransomware.

Scams 71

Scams Advertising Spyware DNS 71

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 98

Data breaches Malware Mobile Spyware 98

SecureList

JUNE 3, 2024

This RAT allows an attacker to surveil and harvest sensitive data from a target computer. However, some of the things the malware authors came up with, such as placing their Python script inside a domain TXT record on the DNS server, were ingenious.

Banking 119

Banking Malware Computers and Electronics Mobile 119

SecureList

APRIL 27, 2021

During routine monitoring of detections for FinFisher spyware tools, we discovered traces that point to recent FinFly Web deployments. Although Lyceum still prefers taking advantage of DNS tunneling, it appears to have replaced the previously documented.NET payload with a new C++ backdoor and a PowerShell script that serve the same purpose.

Malware 145

Malware Government Spyware Social Engineering 145

Security Affairs

SEPTEMBER 18, 2018

A new report published by Citizen Lab revealed that the NSO Pegasus spyware was used against targets across 45 countries worldwide. A new investigation of the Citizen Lab revealed that the powerful Pegasus mobile spyware was used against targets across 45 countries around the world over the last two years. COUNTRY NEXUS. 2012-2014.

Spyware 108

Spyware Mobile Surveillance DNS 108

CyberSecurity Insiders

JANUARY 13, 2022

Supporting the above stated discovery is the latest press statement released by security firm Mandiant that suggests that it has been tracking Seedworm aka MuddyWater since May 2017 and it is into activities such as digital espionage, cyber attacks, Ddos and ransomware spread.

Hacking 110

Hacking Spyware DNS Surveillance 110

SecureList

OCTOBER 26, 2021

In June, more than six months after DarkHalo had gone dark, we observed the DNS hijacking of multiple government zones of a CIS member state that allowed the attacker to redirect traffic from government mail servers to computers under their control – probably achieved by obtaining credentials to the control panel of the victims’ registrar.

Malware 145

Malware Government Surveillance Spyware 145