eSecurity Planet

FEBRUARY 22, 2022

Most attacks make would-be victims click to install malware or redirect them to a phishing page to steal their credentials. It can even access the chip’s firmware to gain root access on the device, a significant privilege escalation. Zero-click attacks remove this hurdle.

Spyware 125

Spyware Software Government Social Engineering 125

SecureWorld News

AUGUST 8, 2022

Remcos, short for Remote Control and Surveillance, was leveraged by malicious cyber actors conducting mass phishing campaigns during the COVID-19 pandemic to steal personal data and credentials. Remcos Remcos is marketed as a legitimate software tool for remote management and penetration testing. Enforce MFA. Maintain offline (i.e.,

Malware 98

Malware Banking Penetration Testing Healthcare 98

Security Boulevard

FEBRUARY 10, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Mullvad Mullvad VPN client is now available for Windows ARM desktops.

Spyware 52

Spyware Surveillance Government Data breaches 52

Security Boulevard

JANUARY 27, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Malware campaigns covered generally target/affect the end user.

Surveillance 52

Surveillance Data breaches Malware Backups 52

SecureList

SEPTEMBER 21, 2023

This server then redirects all users who connect to the router to a website that uploaded malicious APK files to Android devices and displayed phishing pages on iOS devices. For example, despite their primary function not being related to video surveillance, most smart pet feeders on the market can capture real-time audio and video footage.

IoT 137

IoT DDOS Passwords Malware 137

eSecurity Planet

JULY 8, 2024

To protect your network devices from potential risks, apply patches on a regular basis and keep their firmware up to date. July 3, 2024 Threat Actors Exploit MSHTML Flaw to Deploy MerkSpy Surveillance Tool Type of vulnerability: Remote code execution. Update your routers to the most recent versions ( 5.6.15, 6.1.9-lts,

Risk 62

Risk Authentication Firmware Surveillance 62

SecureList

NOVEMBER 26, 2021

The attackers obtain initial access to a system by sending a spear-phishing email to the victim containing a Dropbox download link. Apart from Trojanized installers, we also observed infections involving use of a UEFI (Unified Extensible Firmware Interface) and MBR (Master Boot Record) bootkit. FinSpy: analysis of current capabilities.

Malware 134

Malware Banking Energy and Utilities Accountability 134

SecureList

NOVEMBER 14, 2023

In May, Ars Technica reported that BootGuard private keys had been stolen following a ransomware attack on Micro-Star International (MSI) in March this year (firmware on PCs with Intel chips and BootGuard enabled will only run if it is digitally signed using the appropriate keys).

Hacking 141

Hacking Energy and Utilities Media Malware 141

ForAllSecure

OCTOBER 5, 2021

It was for 1000s of compromised, Internet of Things, enabled devices, such as surveillance cameras, residential gateways, internet connected printers, and even in home baby monitors these devices themselves are often thought of as not having much in the way of resources, and really they don't have many computing resources. Probably not.

IoT 52

IoT DDOS Malware Internet 52

SecureList

APRIL 27, 2022

We found overlaps in the infrastructure used by a tunneling tool used by the actor and several possible phishing websites set up within the above time frame. The attack targets victims with spear-phishing emails containing malicious OOXML files. Other interesting discoveries.

Malware 145

Malware Firmware Government Phishing 145

eSecurity Planet

OCTOBER 21, 2022

The method of infection can vary from attack to attack and can include social engineering strategies, such as phishing and email spoofing , or a fraudulent website masquerading as legitimate, among others. Firmware rootkits are also known as “hardware rootkits.”.

Malware 75

Malware Adware Spyware Antivirus 75

Security Affairs

DECEMBER 22, 2024

CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog ConnectOnCall data breach impacted over 900,000 individuals Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware Multiple flaws in Volkswagen Group’s infotainment unit allow for vehicle compromise (..)

Data breaches 60

Data breaches Cybercrime Spyware Firmware 60