Security Affairs

APRIL 8, 2025

In March 2025, WhatsApp addressed a zero-click, zero-day vulnerability exploited to install Paragons Graphite spyware on the devices of targeted individuals. WhatsApp blocked a spyware campaign by Paragon targeting journalists and civil society members after reports of the Citizen Lab group from the University of Toronto.

Spyware 115

Spyware Media Surveillance Hacking 115

Security Affairs

APRIL 23, 2025

A new Android spyware was discovered in a fake Alpine Quest app, reportedly used by Russian soldiers for war zone planning. Doctor Web researchers uncovered a new spyware, tracked as Android.Spy.1292.origin, Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Android spyware)

Spyware 82

Spyware Software Malware Hacking 82

Security Affairs

MARCH 13, 2025

North Korea-linked APT group ScarCruft used a new Android spyware dubbed KoSpy to target Korean and English-speaking users. Lookout researchers attributed the spyware to the ScarCruft group with medium confidence. The spyware uses a unique IT for each victim that is calculated through a hardware fingerprint.

Spyware 78

Spyware Surveillance Encryption Malware 78

Security Boulevard

DECEMBER 12, 2021

State Department employees were hacked with spyware from the infamous NSO Group, and details on a bizarre story about a mother and daughter that face 16 years in prison for […]. The post Life360 Selling Location Data, NSO Group Spyware Hacks Government Employees, Homecoming Queen Contest Hacked appeared first on Security Boulevard.

Spyware 111

Spyware Hacking Government InfoSec 111

Security Affairs

DECEMBER 8, 2024

Now He Wants to Help You Escape, Too Dozens of Countries Hit in Chinese Telecom Hacking Campaign, Top U.S. officials urge Americans to use encrypted apps amid unprecedented cyberattack The Great Pokmon Go Spy Panic Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,newsletter)

Artificial Intelligence 102

Artificial Intelligence Spyware Hacking Ransomware 102

Security Affairs

AUGUST 7, 2024

A previously unknown Android Spyware, dubbed LianSpy, has been targeting Russian users since at least 2021. In March 2024, cybersecurity researchers from Kaspersky discovered previously unknown Android spyware dubbed LianSpy. This AES key is then encrypted using a hardcoded public RSA key embedded in the spyware.

Spyware 142

Spyware Malware Encryption Data collection 142

Security Affairs

NOVEMBER 10, 2021

South Korean users have been targeted with a new sophisticated Android spyware, tracked as PhoneSpy, as part of an ongoing campaign. Researchers from Zimperium zLabs uncovered an ongoing campaign aimed at infecting the mobile phones of South Korean users with new sophisticated android spyware dubbed PhoneSpy. Zimperium concludes.

Spyware 145

Spyware Mobile Social Engineering Malware 145

Security Affairs

MARCH 2, 2024

Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Meta won the litigation against the Israeli spyware vendor NSO Group , a U.S. from April 29, 2018, to May 10, 2020). from April 29, 2018, to May 10, 2020).

Spyware 143

Spyware Surveillance Software Architecture 143

Security Affairs

DECEMBER 3, 2021

Apple warns that the mobile devices of at least nine US Department of State employees were compromised with NSO Group ‘s Pegasus spyware. The iPhones of at least nine US state department officials were compromised with the NSO Group’s spyware Pegasus. “Apple Inc iPhones of at least nine U.S. .

Spyware 133

Spyware Surveillance Hacking Software 133

Security Affairs

DECEMBER 16, 2020

Security experts spotted a new malware strain, named Goontact, that allows its operators to spy on both Android and iOS users. Security researchers from Lookout have discovered new spyware, dubbed Goontcat, that could target both Android and iOS users. The spyware is likely used as part of a sextortion campaign.

Spyware 143

Spyware Mobile Surveillance Malware 143

Security Affairs

JANUARY 27, 2025

Usually, such kinds of vulnerabilities are exploited by nation-state actors or commercial surveillance spyware vendors in targeted attacks. Customers are recommended to install the security updates released by the company. In 2024, Apple addressed six zero-day vulnerabilities in its products.

Spyware 119

Spyware Surveillance Media Hacking 119

Security Affairs

OCTOBER 25, 2021

Threat actors infected the iPhone of New York Times journalist Ben Hubbard with NSO Group’s Pegasus spyware between June 2018 to June 2021. The iPhone of New York Times journalist Ben Hubbard was repeatedly infected with NSO Group’s Pegasus spyware. SecurityAffairs – hacking, NSO Group). Pierluigi Paganini.

Spyware 122

Spyware Hacking Backups Accountability 122

Security Affairs

SEPTEMBER 23, 2021

Apple has released security updates to address three zero-day vulnerabilities exploited in attacks in the wild to compromise iPhones and Macs running vulnerable iOS and macOS versions. Apple confirmed that at least one of the flaws was exploited by threat actors to infect the device with the NSO Pegasus spyware. Pierluigi Paganini.

Spyware 145

Spyware Hacking Information Security Malware 145

Security Affairs

MAY 22, 2024

A researcher discovered a consumer-grade spyware app on the check-in systems of at least three Wyndham hotels across the US. The security researcher Eric Daigle discovered a commercial spyware app, called pcTattletale, on the check-in systems of at least three Wyndham hotels across the US, TechCrunch first reported.

Spyware 136

Spyware Surveillance Software Internet 136

Security Affairs

OCTOBER 22, 2024

The vulnerability was discovered by the researchers Xingyu Jin from Google Devices & Services Security Research and Clement Lecigene from Google Threat Analysis Group. The fact that Google TAG discovered the flaw suggests that commercial spyware vendors may have used the exploit to target Samsung devices.

Firmware 144

Firmware Mobile Spyware Media 144

Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Spyware 131

Spyware Government Surveillance Media 131

Security Affairs

MARCH 3, 2025

The forensics analysis conducted by Amnesty found that the Serbian police used the Cellbrite’s exploit to unlock Vedran’s Samsung Galaxy A32 and install an unknown Android application likely linked with NoviSpy spyware. added Donncha Cearbhaill.

Hacking 67

Hacking Spyware Technology Surveillance 67

Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. The post Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware appeared first on Security Affairs. Pierluigi Paganini.

Spyware 144

Spyware Surveillance Mobile Advertising 144

Security Affairs

SEPTEMBER 14, 2023

The iPhone of a prominent Russian journalist, who is at odds with Moscow, was infected with NSO Group’s Pegasus spyware. The iPhone of the Russian journalist Galina Timchenko was compromised with NSO Group’s Pegasus spyware. The threat actors used a zero-click exploit, likely the PWNYOURHOME. ” reported Citizen Lab.

Spyware 131

Spyware Surveillance Media Government 131

Security Affairs

MAY 23, 2022

The attacks aimed at installing the surveillance spyware Predator, developed by the North Macedonian firm Cytrox. ” In December a report published by CitizenLab, when its researchers detailed the use of the Predator Spyware against exiled politician Ayman Nour and the host of a popular news program. To nominate, please visit:?

Spyware 144

Spyware Surveillance Government Banking 144

Security Affairs

FEBRUARY 10, 2022

I transcribed a recent interview, here some questions and answers about nation-state hacking, spyware, and cyber warfare. Enjoy” How has spyware changed the rules of cyber security in recent years? What will cyber security look like now that those tools are all over the internet? Pierluigi Paganini.

Spyware 98

Spyware Hacking Ransomware Surveillance 98

Security Affairs

APRIL 25, 2020

Facebook advocates have challenged a plea from spyware maker NSO Group to dismiss the legal dispute over the hacking accusations, arguing it has immunity from prosecution. Now both companies are providing technical details requested by the cyber-security experts. Pierluigi Paganini. SecurityAffairs – Facebook, NSO Group).

Spyware 133

Spyware Surveillance Advertising Mobile 133

Security Affairs

FEBRUARY 24, 2021

The threat actors used by spyware to take over the target systems, spy on the victims, and exfiltrate data. The link points to files containing spyware that could infect both Mac OS or Windows systems. Kerrdown downloads and installs additional spyware from a server on the victim’s system, then it opens a decoy document. .”

Spyware 129

Spyware Government Surveillance Phishing 129

Security Affairs

SEPTEMBER 7, 2023

Citizen Lab reported that the actively exploited zero-days fixed by Apple are being used in Pegasus spyware attacks Researchers at Citizen Lab reported that the actively exploited zero-day flaws (CVE-2023-41064 and CVE-2023-41061) fixed by Apple are being used to infect devices with NSO Group ’s Pegasus spyware.

Spyware 131

Spyware Accountability Hacking Mobile 131

Security Affairs

NOVEMBER 8, 2021

A Hungarian government official confirmed that his government has bought and used the controversial NSO Group’s Pegasus spyware. In July, a large-scale investigation, dubbed Pegasus Project , into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pierluigi Paganini.

Spyware 117

Spyware Surveillance Media Government 117

Security Affairs

FEBRUARY 11, 2021

Lookout researchers provided details about two Android spyware families employed by an APT group tracked as Confucius. Researchers at mobile security firm Lookout have provided details about two recently discovered Android spyware families, dubbed Hornbill and SunBird, used by an APT group named Confucius. Pierluigi Paganini.

Spyware 143

Spyware Surveillance Malware Mobile 143

Security Affairs

MAY 30, 2024

Researchers from ThreatFabric discovered a macOS version of the LightSpy spyware that has been active in the wild since at least January 2024. The macOS version of LightSpy supports 10 plugins to exfiltrate private information from devices. However, their potential functionality is known based on panel analysis.”

Spyware 136

Spyware Malware Surveillance Mobile 136

Security Affairs

MARCH 27, 2021

Researchers spotted a sophisticated Android spyware that implements exfiltration capabilities and surveillance features, including recording audio and phone calls. Experts from security firm Zimperium have spotted a new sophisticated Android spyware that masquerades itself as a System Update application. Pierluigi Paganini.

Spyware 117

Spyware Malware Surveillance Mobile 117

Security Affairs

JANUARY 17, 2024

Researchers devised a “lightweight method,” called iShutdown, to determine whether Apple iOS devices have been infected with spyware. Cybersecurity researchers from Kaspersky have identified a “lightweight method,” called iShutdown, to identify the presence of spyware on Apple iOS devices.

Spyware 140

Spyware Mobile Malware Surveillance 140

Security Affairs

NOVEMBER 3, 2023

Kaspersky researchers are warning of multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. Kaspersky researchers discovered multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. mods are modifications or alterations made to an application, often by third-party developers or users.

Spyware 135

Spyware Malware Mobile Advertising 135

Security Affairs

SEPTEMBER 22, 2023

Citizen Lab and Google’s TAG revealed that the three recently patched Apple zero-days were used to install Cytrox Predator spyware. Apple this week released emergency security updates to address three new zero-day vulnerabilities (CVE-2023-41993, CVE-2023-41991, CVE-2023-41992) that have been exploited in attacks in the wild.

Spyware 127

Spyware Surveillance Mobile Hacking 127

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 109

Cryptocurrency Hacking Phishing Cyber Attacks 109

Security Affairs

DECEMBER 27, 2024

To mitigate the issue, customers can set Log Severity to “none” for all DNS Security categories in each Anti-Spyware profile via the DNS Policies settings in Panorama or unmanaged firewalls. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,PAN-OS)

DNS 112

DNS Firewall Spyware Software 112

Security Affairs

JULY 30, 2024

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024.

Spyware 126

Spyware Malware Mobile Marketing 126

Security Affairs

APRIL 11, 2024

Apple is warning iPhone users in over 90 countries of targeted mercenary spyware attacks, Reuters agency reported. Apple is alerting iPhone users in 92 countries about mercenary spyware attacks, reported Reuters. Reuters only mentioned India as one of the countries where users were targeted by the attacks.

Spyware 132

Spyware Mobile Hacking Government 132

Security Affairs

MARCH 3, 2023

The phone of an opposition-linked Polish mayor was infected with the powerful Pegasus spyware, local media reported. Reuters reported that the phone of an opposition-linked Polish mayor was infected with the Pegasus spyware. According to rumors, the Polish special services are using surveillance software to spy on government opponents.

Spyware 98

Spyware Surveillance Hacking Government 98

Security Affairs

FEBRUARY 6, 2024

Google’s TAG revealed that Commercial spyware vendors (CSV) were behind most of the zero-day vulnerabilities discovered in 2023. ” The report includes the names of CSVs of any size and information about their commercial spyware. Google hopes this report will serve as a call to action. ” concludes Google.

Spyware 133

Spyware Surveillance Government Software 133