Education, Spyware and Surveillance - Cyber Security Informer

Israeli surveillance firm QuaDream is shutting down amidst spyware accusations

Security Affairs

APRIL 17, 2023

The Israeli surveillance firm QuaDream is allegedly shutting down its operations after Citizen Lab and Microsoft uncovered their spyware. Last week Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream.

Surveillance

Surveillance Spyware Education Media

QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit

Security Affairs

APRIL 12, 2023

At least five members of civil society worldwide have been targeted with spyware and exploits developed by surveillance firm QuaDream. Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. and 14.4.2,

Spyware

Spyware Surveillance Malware Government

Zero-day vulnerabilities in Chrome and Android exploited by commercial spyware

Malwarebytes

MAY 24, 2022

The Google Threat Analysis Group (TAG) has revealed that of the nine zero-day vulnerabilities affecting Chrome, Android, Apple and Microsoft that it reported in 2021, five were in use by a single commercial surveillance company. An educated guess, but wrong in this case. Government spyware. Did I hear someone say Pegasus ?

Spyware

Spyware Surveillance Government Marketing

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 1, 2023

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. The exploits were used to install commercial spyware and malicious apps on targets’ devices. The experts pointed out that both campaigns were limited and highly targeted.

Spyware

Spyware Surveillance Mobile Education

Iranian govt uses BouldSpy Android malware for internal surveillance operations

Security Affairs

MAY 1, 2023

Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). However, much of the victim data points to its broader usage, which indicates targeted surveillance efforts towards minorities within Iran.”

Surveillance

Surveillance Malware Spyware Accountability

Zero-day exploit used to hack iPhones of Al Jazeera employees

Security Affairs

DECEMBER 21, 2020

The attackers used an exploit chain named Kismet that was part of the arsenal of the controversial Pegasus spyware that is sold by the surveillance firm NSO Group. Citizen Lab has already published several reports unmasking operations that involved the use of the NSO’s surveillance software. ” Pierluigi Paganini.

Hacking

Hacking Surveillance Spyware Government

Security Affairs newsletter Round 510 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 9, 2025

Texas is the first state to ban DeepSeek on government devices Law enforcement seized the domains of HeartSender cybercrime marketplaces WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware Ransomware attack hit Indian multinational Tata Technologies International Press Newsletter Cybercrime FBI, Dutch Police Disrupt Manipulaters (..)

Spyware

Spyware Cybercrime Scams Social Engineering

PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022

Security Affairs

APRIL 18, 2023

Citizen Lab reported that Israeli surveillance firm NSO Group used at least three iOS zero-click exploits in 2022. A new report from Citizen Lab states that the Israeli surveillance firm NSO Group used at least three zero-click zero-day exploits to deliver its Pegasus spyware. ” reads the report. and 14.4.2,

Surveillance

Surveillance Spyware Education Risk

Google Chrome Patches Sixth Zero-Day of the Year

SecureWorld News

NOVEMBER 30, 2023

Consequences of browser-focused cybercrime Hackers are able to utilize browser vulnerabilities to install malware and spyware on devices, steal login credentials for other services, extract sensitive user data, and maintain persistence inside systems. Educate users and advise them to restart Chrome regularly so that they get updated.

Spyware

Spyware Surveillance Malware Risk

APT trends report Q3 2024

SecureList

NOVEMBER 28, 2024

In this campaign, the actor decided to attack Russian educational institutions instead of government entities as it had previously. Epeius is a commercial spyware tool developed by an Italian company that claims to provide intelligence solutions to law enforcement agencies and governments.

Malware

Malware Government Software Spyware

Security Affairs newsletter Round 353

Security Affairs

FEBRUARY 13, 2022

to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps. US seizes $3.6 Pierluigi Paganini.

Ransomware

Ransomware Spyware Surveillance Hacking

Kamran Spyware Targets Gilgit Baltistan Users Through Hunza News

Hackology

NOVEMBER 11, 2023

The emergence of Kamran spyware, targeting users of a regional news website, has raised concerns among cybersecurity experts. Distributed through a possible watering-hole attack on the Hunza News website , the spyware prompts users to grant permissions, allowing access to sensitive data.

Spyware

Spyware Malware Risk Mobile

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware

Spyware Ransomware Malware Data breaches

Top Methods Use By Hackers to Bypass Two-Factor Authentication

Hacker's King

MAY 20, 2023

Education and awareness campaigns can play a crucial role in mitigating the risk of social engineering attacks. Users should be educated about common social engineering tactics and provided with guidelines on how to identify and report potential attacks. You may also like: Is Every Hacker Is Same?

Authentication

Authentication Social Engineering Spyware Engineering

APT trends report Q1 2021

SecureList

APRIL 27, 2021

During routine monitoring of detections for FinFisher spyware tools, we discovered traces that point to recent FinFly Web deployments. The threat actor relied on VBS-based malware to infect organizations from government, NGO and education sectors. Domestic Kitten is a threat group mainly known for its mobile backdoors.

Malware

Malware Government Spyware Social Engineering

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

The threat actor focuses on information gathering for espionage and hack-and-leak operations, targeting organizations in various industries, such as government, higher education, defense, and political sectors, non-governmental organizations (NGOs), activists, journalists, think-tanks and national laboratories.

Hacking

Hacking Energy and Utilities Media Malware

Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition

Security Affairs

APRIL 2, 2023

LockBit leaks data stolen from the South Korean National Tax Service Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin Cyber Police of Ukraine (..)

Spyware

Spyware Surveillance Artificial Intelligence Data breaches

The Hacker Mind Podcast: Surviving Stalkerware

ForAllSecure

SEPTEMBER 21, 2021

The Federal Trade Commission in the United States, banned an app called SpyPhone, and its CEO Scott Zuckerman, from operating in the surveillance industry. Some of those who bought the spyware were allegedly able to see live locations of the devices, view the targets emails, photos, web browsing history, text messages, video calls, etc.

Technology

Technology Software Surveillance Media

Cyber Security Informer

Israeli surveillance firm QuaDream is shutting down amidst spyware accusations

QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit

Trending Sources

Zero-day vulnerabilities in Chrome and Android exploited by commercial spyware

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Iranian govt uses BouldSpy Android malware for internal surveillance operations

Zero-day exploit used to hack iPhones of Al Jazeera employees

Security Affairs newsletter Round 510 by Pierluigi Paganini – INTERNATIONAL EDITION

PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022

Google Chrome Patches Sixth Zero-Day of the Year

APT trends report Q3 2024

Security Affairs newsletter Round 353

Kamran Spyware Targets Gilgit Baltistan Users Through Hunza News

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

Top Methods Use By Hackers to Bypass Two-Factor Authentication

APT trends report Q1 2021

Advanced threat predictions for 2024

Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition

The Hacker Mind Podcast: Surviving Stalkerware

Stay Connected