Security Affairs

JUNE 7, 2023

June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The flaw made headlines because it was exploited by surveillance firms for their spyware. This vulnerability grants the attacker system access. In early April, U.S.

Spyware 98

Spyware Surveillance Firmware Hacking 98

Security Affairs

SEPTEMBER 28, 2021

Experts spotted a new variant of the FinFisher surveillance spyware that is able to hijack and replace the Windows UEFI bootloader to infect Windows machines. Kaspersky experts shared the results of an 8-months investigation into FinSpy spyware at the Security Analyst Summit (SAS) 2021.

Spyware 111

Spyware Surveillance Firmware Malware 111

Security Affairs

MARCH 29, 2023

Google’s Threat Analysis Group (TAG) discovered several exploit chains targeting Android, iOS, and Chrome to install commercial spyware. The exploit chains were used to install commercial spyware and malicious apps on targets’ devices. The experts pointed out that both campaigns were limited and highly targeted.

Spyware 98

Spyware Surveillance Firmware Internet 98

SecureList

MARCH 1, 2021

The word “covid” in various combinations was typically used in the names of packages hiding spyware and banking Trojans, adware or Trojan droppers. The mobile malware Trojan-Ransom.AndroidOS.Agent.aq Last year was notable for both malware and adware, the two very close in terms of capabilities. More on that later.

Mobile 145

Mobile Malware Adware Banking 145

SecureList

MAY 27, 2022

MoonBounce: the dark side of UEFI firmware. Late last year, we became aware of a UEFI firmware-level compromise through logs from our firmware scanner (integrated into Kaspersky products at the start of 2019). On February 23, ESET published a tweet announcing new wiper malware targeting Ukraine. Targeted attacks.

Phishing 134

Phishing Spyware Firmware Malware 134

Security Affairs

OCTOBER 6, 2024

Baseband firmware can be affected by vulnerabilities, making it a significant attack vector. Zero-day brokers and commercial spyware vendors can exploit these vulnerabilities to target mobile users and deploy malware like Predator. .” reads Google’s announcement.

Firmware 132

Firmware Mobile Spyware Software 132

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware 98

Malware Banking Penetration Testing Healthcare 98

Security Boulevard

MARCH 17, 2025

Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Malware campaigns covered generally target/affect the end user.

Surveillance 59

Surveillance Data breaches Spyware Malware 59

Security Affairs

OCTOBER 1, 2023

million newborns and pregnancy care patients Xenomorph malware is back after months of hiatus and expands the list of targets Smishing Triad Stretches Its Tentacles into the United Arab Emirates Crooks stole $200 million worth of assets from Mixin Network A phishing campaign targets Ukrainian military entities with drone manual lures Alert!

Artificial Intelligence 127

Artificial Intelligence Firmware Data breaches Hacking 127

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Data breaches 122

Data breaches Computers and Electronics Spyware Cybercrime 122

eSecurity Planet

FEBRUARY 22, 2022

Most attacks make would-be victims click to install malware or redirect them to a phishing page to steal their credentials. NSO Group’s Pegasus software has been routinely in the headlines in recent years for using zero-click attacks to install its spyware. Spyware and Zero-Days: A Troubling Market.

Spyware 126

Spyware Software Government Social Engineering 126

SecureList

NOVEMBER 30, 2021

In November, Apple announced that it was taking legal action against NSO Group for developing software that targets its users with “malicious malware and spyware” Detecting infection traces from Pegasus and other advanced mobile malware is very tricky, and complicated by the security features of modern OSs such as iOS and Android.

Malware 140

Malware Mobile Spyware Surveillance 140

Security Affairs

JUNE 5, 2022

Anonymous: Operation Russia after 100 days of war GitLab addressed critical account take over via SCIM email change LuoYu APT delivers WinDealer malware via man-on-the-side attacks Clipminer Botnet already allowed operators to make at least $1.7 If you want to also receive for free the newsletter with the international press subscribe here.

Spyware 105

Spyware Firmware Ransomware Scams 105

SiteLock

AUGUST 27, 2021

In the three years since those first IoT botnet attacks, threats to IoT security have increased to include crypto-jacking , denial of service (DDoS) attacks, and various other types of malware and online malfeasance. Most manufacturers of IoT enabled devices update their firmware frequently. Update, Update, Update.

IoT 98

IoT Spyware VPN Passwords 98

eSecurity Planet

FEBRUARY 26, 2021

The current version of its product implements multiple layers of protection to detect malware before, during and after execution. ESET’s malware engine and ransomware shield are powerful tools for detecting signs of infection. The Unified Extensible Firmware Interface (UEFI) scanner is a valuable tool for protecting firmware.

Antivirus 85

Antivirus Firmware Encryption Spyware 85

Security Boulevard

FEBRUARY 17, 2025

Google's reCAPTCHA is not only useless, it's also basically spyware Techspot This study demonstrates Google's reCAPTCHA v2 and v3 are flawed and don't actually keep out bots. Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw).

Surveillance 52

Surveillance Data breaches VPN Malware 52

SecureList

DECEMBER 27, 2023

The exploit obtains root privileges and proceeds to execute other stages, which load spyware. Because this feature is not used by the firmware, we have no idea how attackers would know how to use it. Device tree files can be extracted from the firmware, and their contents can be viewed with the help of the dt utility.

Firmware 145

Firmware Engineering Spyware Retail 145

Security Affairs

DECEMBER 28, 2023

In June, Kaspersky announced that after a six-month-long investigation, they completed the collection of all the components of the attack chain and the analysis of the spyware implant, tracked as TriangleDB. The spyware is directly deployed in memory, but if the victim reboots the device the malware doesn’t persist.

Spyware 139

Spyware Firmware Mobile Malware 139

SecureList

JUNE 3, 2024

The attackers were able to bypass this hardware-based security protection using another hardware feature of Apple-designed SoCs (System on a Chip): they did this by writing the data, destination address and data hash to unknown hardware registers of the chip that are not used by the firmware.

Banking 116

Banking Malware Computers and Electronics Mobile 116

eSecurity Planet

OCTOBER 18, 2022

These steps are covered in more depth in How to Recover From a Ransomware Attack , so for now, we’ll simply presume the attackers and malware are under control. Ransomware decryptors can potentially load other malware, drop back doors, or add new users to systems as they process the decryption. How Does Ransomware Encryption Work?

Ransomware 145

Ransomware Encryption Insurance Backups 145

Security Affairs

APRIL 24, 2022

Phishing attacks using the topic “Azovstal” targets entities in Ukraine Conti ransomware claims responsibility for the attack on Costa Rica Cyber Insurance and the Changing Global Risk Environment A stored XSS flaw in RainLoop allows stealing users’ emails QNAP firmware updates fix Apache HTTP vulnerabilities in its NAS Pwn2Own Miami hacking contest (..)

Cyber Insurance 100

Cyber Insurance Spyware Firmware Hacking 100

SecureList

NOVEMBER 18, 2022

In July, we reported a rootkit that we found in modified Unified Extensible Firmware Interface (UEFI) firmware, the code that loads and initiates the boot process when the computer is turned on. Rootkits are malware implants that are installed deep in the operating system. Other malware.

Malware 123

Malware Computers and Electronics Adware Cryptocurrency 123

Security Affairs

AUGUST 25, 2019

Intel addresses High-Severity flaws in NUC Firmware and other tools. Malware Analysis Sandboxes could expose sensitive data of your organization. App tainted with Ahmyst Open-source spyware appeared on Google Play Store twice. Capital One hacker suspected to have breached other 30 companies. Texas attackers demand $2.5

Small Business 78

Small Business Data breaches Advertising Spyware 78

Pen Test Partners

JANUARY 14, 2025

This tool allows attackers to leverage the weaknesses in the MediaTek chipsets to perform firmware alterations on the device. This means they can potentially alter the firmware on the device. The presence of smsdamon and smsservice binaries indicates that remnants of this malware are still on the device.

Firmware 75

Firmware Malware Manufacturing Mobile 75

eSecurity Planet

FEBRUARY 26, 2021

The current version of its product implements multiple layers of protection to detect malware before, during and after execution. ESET’s malware engine and ransomware shield are powerful tools for detecting signs of infection. The Unified Extensible Firmware Interface (UEFI) scanner is a valuable tool for protecting firmware.

Antivirus 58

Antivirus Firmware Encryption Spyware 58

Responsible Cyber

APRIL 8, 2020

As cybercrime has become well-funded and increasingly sophisticated, phishing remains one of the most effective methods used by criminals to introduce malware into businesses. Malware is a blanket term used to describe any software that gets installed on a machine to perform unwanted tasks for the benefit of a third party.

Cybersecurity 98

Cybersecurity DDOS Small Business Phishing 98

Security Boulevard

FEBRUARY 10, 2025

Spyware maker Paragon terminates contract with Italian government: media reports TechCrunch This campaign was included in Week 5 of the Privacy Roundup , where Meta disrupted a campaign on WhatsApp targeting approximately 100 users with Paragon Spyware. Malware campaigns covered generally target/affect the end user.

Spyware 52

Spyware Surveillance Government Data breaches 52

eSecurity Planet

MAY 2, 2024

The vendor reports show that most attackers want credentials, most malware development is in credential-stealing software, and the market for stolen credentials is booming: Cisco: Found 54% of organizations experienced a cybersecurity incident; and of those incidents, 54% involved phishing and 37% involved credentials stuffing.

Cybersecurity 122

Cybersecurity DDOS Penetration Testing Passwords 122

eSecurity Planet

MARCH 22, 2023

Better network security monitors for authorized, but inappropriate activities or unusual behavior that may indicate compromise, malware activity, or insider threat. Endpoint Security: Antivirus , anti-spyware , endpoint detection and response (EDR), and other controls should be deployed to secure the endpoint against compromise.

Firewall 110

Firewall Network Security Penetration Testing Encryption 110

Digital Shadows

NOVEMBER 10, 2022

Threat actors can develop fake mobile apps to install adware, steal PII and financial data, extract cookies and credentials, and download further payloads (such as spyware) from a remote-controlled domain. Stolen credentials can be obtained in a myriad of ways, including social engineering and malware deployment.

Cyber threats 52

Cyber threats Media Social Engineering Mobile 52

eSecurity Planet

OCTOBER 21, 2022

Anyone who has used a computer for any significant length of time has probably at least heard of malware. Malware has been present in the digital space since the 1980s, with early prank malware like the Morris Worm or the (c)Brain. However, malware is not quite as amusing in a modern context. How Does Malware Work?

Malware 75

Malware Adware Spyware Antivirus 75

SecureList

OCTOBER 26, 2021

Following this, they were tricked into downloading previously unknown malware. The backdoor, dubbed Tomiris, bears a number of similarities to the second-stage malware, Sunshuttle (aka GoldMax), used by DarkHalo last year. When victims tried to access their corporate mail, they were redirected to a fake copy of the web interface.

Malware 145

Malware Government Surveillance Spyware 145

Security Affairs

JUNE 23, 2024

US government sanctions twelve Kaspersky Lab executives Experts found a bug in the Linux version of RansomHub ransomware UEFICANHAZBUFFEROVERFLOW flaw in Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC and server models Russia-linked APT Nobelium targets French diplomatic entities US bans sale of Kaspersky products due to risks (..)

Firmware 114

Firmware Data breaches Banking Hacking 114

SecureList

NOVEMBER 14, 2023

The malware posed as ransomware, demanding money from the victims for “decrypting” their data. UNC4841 deployed new malware designed to maintain presence on a small subset of high-priority targets compromised either before the patch was released or shortly afterwards. Verdict: prediction not fulfilled ❌ 7.

Hacking 141

Hacking Energy and Utilities Media Malware 141

SecureList

NOVEMBER 14, 2022

This reveals a likely blind spot for defenders and endpoint vendors: in a number of cases, perhaps even the majority, attackers have no need for 0-days and malware deployment to gain access to the information they need. SIGINT-delivered malware. The first one, in January, was MoonBounce ; the other was CosmicStrand in July 2022.

Firmware 129

Firmware Surveillance Mobile Telecommunications 129

Security Affairs

DECEMBER 22, 2024

CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog ConnectOnCall data breach impacted over 900,000 individuals Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware Multiple flaws in Volkswagen Group’s infotainment unit allow for vehicle compromise (..)

Data breaches 60

Data breaches Cybercrime Spyware Firmware 60