Encryption, Information Security and Surveillance

Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement

Security Affairs

DECEMBER 12, 2024

Chinese law enforcement uses the mobile surveillance tool EagleMsgSpy to gather data from Android devices, as detailed by Lookout. Researchers at the Lookout Threat Lab discovered a surveillance tool, dubbed EagleMsgSpy, used by Chinese law enforcement to spy on mobile devices. ” reads the report published by Lookout.

Surveillance

Surveillance Mobile Spyware Malware

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Security Affairs

DECEMBER 16, 2024

Researchers warn of previously undetected surveillance spyware, named NoviSpy, that was found infecting a Serbian journalist’s phone. Then he requested help from Amnesty Internationals Security Lab fearing to be the target of surveillance software like other journalists in Serbia. Development traces back to at least 2018.

Spyware

Spyware Surveillance Technology Mobile

US NCSC and DoS share best practices against surveillance tools

Security Affairs

JANUARY 9, 2022

The US NCSC and the Department of State published joint guidance on defending against attacks using commercial surveillance tools. In the last years, we have reported several cases of companies selling commercial surveillance tools to governments and other entities that have used them for malicious purposes. Pierluigi Paganini.

Surveillance

Surveillance Mobile Spyware Malware

Ross Anderson

Schneier on Security

MARCH 31, 2024

Of course it was before 2008, when we created the Security and Human Behavior workshop. It was well before 2001, when we created the Workshop on Economics and Information Security. I know I was at the Fast Software Encryption workshop in December 1993, another conference he created. Okay, he created both—I helped.)

Surveillance

Surveillance Engineering Encryption Government

FBI training document shows lawful access to multiple encrypted messaging apps

Security Affairs

DECEMBER 1, 2021

Which are the most secure encrypted messaging apps? The Record shared an FBI training document that reveals the surveillance capabilities of the US law enforcement detailing which data can be extracted from encrypted messaging apps. An FBI document shows what data can be obtained from them. Pierluigi Paganini.

Encryption

Encryption Surveillance Hacking Information Security

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Security Affairs

MARCH 21, 2025

. — Operation Zero (@opzero_en) March 20, 2025 A zero-day broker like Operation Zero might be willing to pay millions for Telegram exploits for several reasons, including: Government and Intelligence Demand Telegram is widely used for secure communication, including by journalists, activists, dissidents, and political figures.

Government

Government Surveillance Mobile Hacking

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

Security Affairs

MARCH 13, 2025

North Korea-linked threat actor ScarCruft (aka APT37 , Reaper, and Group123) is behind a previously undetected Android surveillance tool namedKoSpythat was used to target Korean and English-speaking users. The configuration request, sent as an encrypted JSON, controls parameters like C2 ping frequency, plugin URLs, and victim messages.

Spyware

Spyware Surveillance Encryption Malware

Encryption: One Of The Most Powerful Ways To Keep Data Private – But Governments Want To Outlaw It

Joseph Steinberg

OCTOBER 21, 2022

Today, October 21, marks the first ever organized Global Encryption Day, dedicated to spreading awareness of the importance of utilizing encryption to protect sensitive information, both when it is in transit (e.g., online chat messages going over the Internet between you and your significant other) and when it is at rest (e.g.,

Encryption

Encryption Government Artificial Intelligence Surveillance

Snowden Ten Years Later

Schneier on Security

JUNE 6, 2023

In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. Those secrets collectively have a code name—ECI, for exceptionally compartmented information—and almost never appear in the documents. I started doubting my own security procedures.

Surveillance

Surveillance Computers and Electronics Government Encryption

Camera tricks: Privacy concerns raised after massive surveillance cam breach

SC Magazine

MARCH 10, 2021

Pictured: a Dome Series security camera from Verkada. A hacking collective compromised roughly 150,000 internet-connected surveillance cameras from Verkada, Inc., When surveillance leads to spying.

Surveillance

Surveillance IoT Accountability Passwords

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents — including schematics of client bank vaults and surveillance systems. He declined to comment on the particulars of the extortion incident. ”

Hacking

Hacking Ransomware Banking Accountability

Unknown FinSpy Mac and Linux versions found in Egypt

Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. The mobile version of the surveillance software in the first stage of the infection leverages the exploits to get root access. ” reads the Amnesty’s report.

Spyware

Spyware Surveillance Advertising Mobile

French court indicted Nexa Technologies for complicity in acts of torture

Security Affairs

NOVEMBER 28, 2021

Nexa Technologies was indicted for complicity in acts of torture, the French firm is accused of having sold surveillance equipment to the Egypt. Nexa Technologies offers a range of solutions for homeland security, including surveillance solutions. “In short, Cerebro can suck up any data that is not encrypted.

Technology

Technology Surveillance Software Government

WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies

Security Affairs

OCTOBER 30, 2019

WhatsApp sued Israeli surveillance firm NSO Group, accusing it of using a flaw in its messaging service to conduct cyberespionage on journalists and activists. WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. The lawsuit filed by WhatsApp in U.S.

Surveillance

Surveillance Technology Spyware Mobile

GUEST ESSAY: As cyber risks rise in 2020, as they surely will, don’t overlook physical security

The Last Watchdog

DECEMBER 31, 2019

Related: Good to know about IoT Physical security is often a second thought when it comes to information security. Despite this, physical security must be implemented correctly to prevent attackers from gaining physical access and taking whatever they desire. Access control is the restricting of access to a system.

Cyber Risk

Cyber Risk Risk Firewall Surveillance

Russia-linked APT29 reused iOS and Chrome exploits previously developed by NSO Group and Intellexa

Security Affairs

AUGUST 29, 2024

Russia-linked APT29 group was spotted reusing iOS and Chrome exploits previously developed by surveillance firms NSO Group and Intellexa. using exploits previously used by surveillance software vendors NSO Group and Intellexa. using exploits previously used by surveillance software vendors NSO Group and Intellexa.

Surveillance

Surveillance Government Hacking Encryption

The iPhone of a Russian journalist was infected with the Pegasus spyware

Security Affairs

SEPTEMBER 14, 2023

A joint investigation conducted by Access Now and the Citizen Lab revealed that the journalist, who is at odds with the Russian government, was infected with the surveillance software. However, there is no public evidence that the Russian government is a client of the Israeli surveillance firm NSO Group. ” states Access Now.

Spyware

Spyware Surveillance Media Government

Tor Project responded to claims that law enforcement can de-anonymize Tor users

Security Affairs

SEPTEMBER 20, 2024

German law enforcement agencies have been surveilling Tor network by operating their own servers for months. Research conducted by ARD’s Panorama and STRG_F revealed that data collected during surveillance is processed using statistical methods, effectively breaking Tor’s anonymity. an administrator of the platform.

Surveillance

Surveillance Data collection Media Hacking

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

The Royal group began reconnaissance activity in April 2023, and the analysis of system log data dates the beginning of the surveillance operations on April 7, 2023. Royal was then able to traverse the internal City infrastructure during the surveillance period using legitimate 3rd party remote management tools.”

Ransomware

Ransomware Surveillance Healthcare Accountability

Signal denies claims of an alleged zero-day flaw in its platform

Security Affairs

OCTOBER 16, 2023

Encrypted messaging app Signal denied claims of an alleged zero-day flaw in its platform after a responsible investigation. The popular encrypted messaging app Signal denied claims of an alleged zero-day vulnerability in its platform. “PSA: we have seen the vague viral reports alleging a Signal 0-day vulnerability.

Spyware

Spyware Surveillance Encryption Mobile

Lorenz ransomware gang stolen files from defense contractor Hensoldt

Security Affairs

JANUARY 14, 2022

Like other ransomware gangs, Lorenz operators also implement double-extortion model by stealing data before encrypting it and threatening them if the victim doesn’t pay the ransom. Hensoldt AG focuses on sensor technologies for protection and surveillance missions in the defence, security and aerospace sectors.

Ransomware

Ransomware Surveillance Mobile Encryption

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Security Affairs

MAY 22, 2024

The company designs and develops digital imaging products for use in mobile phones, laptops, netbooks and webcams, security and surveillance cameras, entertainment, automotive and medical imaging systems. OmniVision Technologies Inc. In 2023, the imaging sensors manufacturer was the victim of a Cactus ransomware attack.

Data breaches

Data breaches Ransomware Manufacturing Encryption

Swiss army asks its personnel to use the Threema instant-messaging app

Security Affairs

JANUARY 9, 2022

All communication is end-to-end encrypted, and the app is open source. In future, the army will forbid its relatives from exchanging information with one another via Whats app, signal or telegram and from disseminating official instructions via these channels.”

Computers and Electronics

Computers and Electronics Encryption Surveillance Cybercrime

Swedish Government grants police the use of spyware against violent crime suspects

Security Affairs

OCTOBER 24, 2019

The Sweden government is going to authorize law enforcement agencies into using spyware to spy on suspects’ devices, the malicious code allows agents to read encrypted communications, to track their movements, exfiltrate data and spy on them via built-in microphone and camera. ” reads the official announcement.

Spyware

Spyware Government Surveillance Encryption

Apple sues NSO Group for abusing state-sponsored Pegasus spyware

Security Affairs

NOVEMBER 24, 2021

Apple has filed suit to ban the Israeli surveillance firm NSO Group and parent company Q Cyber Technologies from using its product and services. federal court for illegally targeting its customers with the surveillance spyware Pegasus. Apple has sued NSO Group and its parent company Q Cyber Technologies in a U.S. Pierluigi Paganini.

Spyware

Spyware Surveillance Software Hacking

Kazakhstan wants to intercept all HTTPS Internet traffic of its citizens

Security Affairs

JULY 22, 2019

Bad news for citizens of Kazakhstan, the government is beginning to intercept all the encrypted traffic, and to do it, it is forcing them to install a certificate. The Kazakhstan government is beginning to intercept all the encrypted traffic and to do it is forcing users in the country to install a certificate. ” states Tele2.

Internet

Internet Internet Encryption Government

Experts Explain How to Bypass Recent Improvement of China’s Great Firewall

Security Affairs

JANUARY 31, 2021

Last year, the group published a detailed analysis on how the Chinese government has improved its surveillance system to detect and block the popular circumvention tools Shadowsocks and its variants. Shadowsocks is a free and open-source encryption protocol project, widely used in China to circumvent Internet censorship.

Firewall

Firewall Surveillance Internet Internet

Security Affairs newsletter Round 286

Security Affairs

OCTOBER 18, 2020

VPN

VPN Advertising Surveillance Ransomware

UN approves Russia-Cina sponsored resolution on new cybercrime convention

Security Affairs

DECEMBER 30, 2019

Many governments worldwide persecute their internal oppositions charging them with criminal activities and use strict online surveillance to track them. The surveillance software developed by NSO Group was used by government organizations worldwide to spy on human rights groups , activists, journalists, lawyers, and dissidents.

Cybercrime

Cybercrime Surveillance Spyware Government

macOS Zero-Day exploited in watering hole attacks on users in Hong Kong

Security Affairs

NOVEMBER 12, 2021

” The iOS exploit chain used a framework based on Ironsquirrel to encrypt exploits delivered to the visitor’s browser. . “As is our policy, we quickly reported this 0-day to the vendor (Apple) and a patch was released to protect users from these attacks.”

Malware

Malware Media Surveillance Encryption

Massive DDos attack hit Telegram, company says most of junk traffic is from China

Security Affairs

JUNE 13, 2019

Encrypted messaging service Telegram was hit by a major DDoS attack apparently originated from China, likely linked to the ongoing political unrest in Hong Kong. Telegram was used by protesters in Hong Kong to evade surveillance and coordinate their demonstrations against China that would allow extraditions from the country to the mainland.

DDOS

DDOS Advertising Surveillance Encryption

Security Affairs newsletter Round 510 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 9, 2025

Malware Malicious packages deepseeek and deepseekai published in Python Package Index Coyote Banking Trojan: A Stealthy Attack via LNK Files Go Supply Chain Attack: Malicious Package Exploits Go Module Proxy Caching for Persistence Rat Race: ValleyRAT Malware Targets Organizations with New Delivery Techniques Semantic Entanglement-Based Ransomware (..)

Spyware

Spyware Cybercrime Scams Social Engineering

China-linked Budworm APT returns to target a US entity

Security Affairs

OCTOBER 13, 2022

The group was involved in cyber espionage campaigns aimed at new generation weapons and in surveillance activities on dissidents and other civilian groups. It is designed to load malicious DLLs and encrypt payloads.” The China-linked APT27 group has been active since 2010, it targeted organizations worldwide, including U.S.

Penetration Testing

Penetration Testing Financial Services Surveillance Manufacturing

Bouncing Golf cyberespionage campaign targets Android users in Middle East

Security Affairs

JUNE 19, 2019

The attackers appear to be focused o n stealing military-related information. The researchers speculate on a possible connection to Domestic Kitten espionage activities, an extensive surveillance operation conducted by Iranian APT actor aimed at specific groups of individuals since 2016.

Mobile

Mobile Malware Advertising Encryption

QNAP warns of a new wave of DeadBolt ransomware attacks against its NAS devices

Security Affairs

MAY 20, 2022

.” Since January, DeadBolt ransomware operators are targeting QNAP NAS devices worldwide , its operators claim the availability of a zero-day exploit that allows them to encrypt the content of the infected systems. Once encrypted the content of the device, the ransomware appends.

Ransomware

Ransomware Internet Internet Firmware

Experts spotted a new advanced Android spyware posing as “System Update”

Security Affairs

MARCH 27, 2021

Researchers spotted a sophisticated Android spyware that implements exfiltration capabilities and surveillance features, including recording audio and phone calls. Experts from security firm Zimperium have spotted a new sophisticated Android spyware that masquerades itself as a System Update application.

Spyware

Spyware Malware Surveillance Mobile

One million cracked Poshmark accounts being sold online

Security Affairs

SEPTEMBER 2, 2019

When the company disclosed the incident on August 1, it revealed that the passwords were hashed using the bcrypt algorithm that is considered secure. “We SORM, surveillance). The post One million cracked Poshmark accounts being sold online appeared first on Security Affairs. declared the company. Pierluigi Paganini.

Accountability

Accountability Data breaches Passwords Advertising

Experts linked ransomware attacks to China-linked APT27

Security Affairs

JANUARY 4, 2021

The group was involved in cyber espionage campaigns aimed at new generation weapons and in surveillance activities on dissidents and other civilian groups. The hackers used the Windows drive encryption tool BitLocker to lock the servers. ” reads the joint report from Profero and Security Joes.

Ransomware

Ransomware Malware Encryption Financial Services

Security Affairs newsletter Round 370 by Pierluigi Paganini

Security Affairs

JUNE 20, 2022

US DoJ announced to have shut down the Russian RSOCKS Botnet MaliBot Android Banking Trojan targets Spain and Italy Chinese DriftingCloud APT exploited Sophos Firewall Zero-Day before it was fixed Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould (..)

Spyware

Spyware DNS Ransomware Surveillance

Crypto AG was spied for US, German intelligence agencies for decades

Security Affairs

FEBRUARY 12, 2020

Swiss authorities are investigating into allegations the company Crypto AG, a Switzerland-based maker of encryption devices, was a front company for the CIA and German intelligence. ” reported the Associated Press. The events under discussion date back to 1945 and are difficult to reconstruct and interpret in the present-day context,”.

Advertising

Advertising Government Media Surveillance

Do not use Tails OS until a flaw in the bundled Tor Browser will be fixed

Security Affairs

MAY 26, 2022

Tails is a security and privacy-oriented Linux distribution, it is a portable operating system that protects against surveillance and censorship. .” reads the advisory published by project maintainers. ” reads the advisory. ” reads the alert published by project maintainers.

Surveillance

Surveillance Passwords Hacking Encryption

Breaking Down User Activity Monitoring Tools: Security and HR Perspectives

SecureWorld News

JANUARY 4, 2024

When and why companies implement UAM solutions UAM tools are often employed when a company's HR or information security departments identify specific issues that cannot be resolved by other means. For these workers, being monitored by information security tools can feel intrusive and is often viewed negatively.

Data collection

Data collection Surveillance Artificial Intelligence Risk

WhatsApp flaws could have allowed hackers to remotely hack mobile devices

Security Affairs

APRIL 14, 2021

. “With the TLS secrets at hand, we will demonstrate how a man-in-the-middle (MitM) attack can lead to the compromise of WhatsApp communications, to remote code execution on the victim device and to the extraction of Noise [ 05 ] protocol keys used for end-to-end encryption in user communications.” CENSUS has tracked the TLS 1.2

Mobile

Mobile Hacking Encryption Surveillance

Security Affairs newsletter Round 246

Security Affairs

DECEMBER 29, 2019

Ryuk Ransomware evolution avoid encrypting Linux folders. Thai Officials confirmed the hack of prison surveillance cameras and the video broadcast. Experts warn of 5 new flaws in Google Chrome dubbed Magellan 2.0. More than 100 Chinese nationals arrested in Nepal over suspected cyber scam. Top cybersecurity Predictions for 2020.

Cyber Attacks

Cyber Attacks Advertising Surveillance Ransomware

Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Trending Sources

US NCSC and DoS share best practices against surveillance tools

Ross Anderson

FBI training document shows lawful access to multiple encrypted messaging apps

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

Encryption: One Of The Most Powerful Ways To Keep Data Private – But Governments Want To Outlaw It

Snowden Ten Years Later

Camera tricks: Privacy concerns raised after massive surveillance cam breach

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Unknown FinSpy Mac and Linux versions found in Egypt

French court indicted Nexa Technologies for complicity in acts of torture

WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies

GUEST ESSAY: As cyber risks rise in 2020, as they surely will, don’t overlook physical security

Russia-linked APT29 reused iOS and Chrome exploits previously developed by NSO Group and Intellexa

The iPhone of a Russian journalist was infected with the Pegasus spyware

Tor Project responded to claims that law enforcement can de-anonymize Tor users

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Signal denies claims of an alleged zero-day flaw in its platform

Lorenz ransomware gang stolen files from defense contractor Hensoldt

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Swiss army asks its personnel to use the Threema instant-messaging app

Swedish Government grants police the use of spyware against violent crime suspects

Apple sues NSO Group for abusing state-sponsored Pegasus spyware

Kazakhstan wants to intercept all HTTPS Internet traffic of its citizens

Experts Explain How to Bypass Recent Improvement of China’s Great Firewall

Security Affairs newsletter Round 286

UN approves Russia-Cina sponsored resolution on new cybercrime convention

macOS Zero-Day exploited in watering hole attacks on users in Hong Kong

Massive DDos attack hit Telegram, company says most of junk traffic is from China

Security Affairs newsletter Round 510 by Pierluigi Paganini – INTERNATIONAL EDITION

China-linked Budworm APT returns to target a US entity

Bouncing Golf cyberespionage campaign targets Android users in Middle East

QNAP warns of a new wave of DeadBolt ransomware attacks against its NAS devices

Experts spotted a new advanced Android spyware posing as “System Update”

One million cracked Poshmark accounts being sold online

Experts linked ransomware attacks to China-linked APT27

Security Affairs newsletter Round 370 by Pierluigi Paganini

Crypto AG was spied for US, German intelligence agencies for decades

Do not use Tails OS until a flaw in the bundled Tor Browser will be fixed

Breaking Down User Activity Monitoring Tools: Security and HR Perspectives

WhatsApp flaws could have allowed hackers to remotely hack mobile devices

Security Affairs newsletter Round 246

Stay Connected