Security Boulevard

DECEMBER 12, 2021

State Department employees were hacked with spyware from the infamous NSO Group, and details on a bizarre story about a mother and daughter that face 16 years in prison for […]. The post Life360 Selling Location Data, NSO Group Spyware Hacks Government Employees, Homecoming Queen Contest Hacked appeared first on Security Boulevard.

Spyware 111

Spyware Hacking Government InfoSec 111

Security Affairs

AUGUST 7, 2024

A previously unknown Android Spyware, dubbed LianSpy, has been targeting Russian users since at least 2021. In March 2024, cybersecurity researchers from Kaspersky discovered previously unknown Android spyware dubbed LianSpy. This AES key is then encrypted using a hardcoded public RSA key embedded in the spyware.

Spyware 142

Spyware Malware Encryption Data collection 142

Security Affairs

NOVEMBER 10, 2021

South Korean users have been targeted with a new sophisticated Android spyware, tracked as PhoneSpy, as part of an ongoing campaign. Researchers from Zimperium zLabs uncovered an ongoing campaign aimed at infecting the mobile phones of South Korean users with new sophisticated android spyware dubbed PhoneSpy. Zimperium concludes.

Spyware 145

Spyware Mobile Social Engineering Malware 145

Security Affairs

MARCH 2, 2024

Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Meta won the litigation against the Israeli spyware vendor NSO Group , a U.S. from April 29, 2018, to May 10, 2020). from April 29, 2018, to May 10, 2020).

Spyware 143

Spyware Surveillance Architecture Software 143

Security Affairs

DECEMBER 3, 2021

Apple warns that the mobile devices of at least nine US Department of State employees were compromised with NSO Group ‘s Pegasus spyware. The iPhones of at least nine US state department officials were compromised with the NSO Group’s spyware Pegasus. “Apple Inc iPhones of at least nine U.S. .

Spyware 133

Spyware Surveillance Hacking Software 133

Security Affairs

DECEMBER 16, 2020

Security experts spotted a new malware strain, named Goontact, that allows its operators to spy on both Android and iOS users. Security researchers from Lookout have discovered new spyware, dubbed Goontcat, that could target both Android and iOS users. The spyware is likely used as part of a sextortion campaign.

Spyware 143

Spyware Mobile Surveillance Malware 143

Security Affairs

JANUARY 27, 2025

Usually, such kinds of vulnerabilities are exploited by nation-state actors or commercial surveillance spyware vendors in targeted attacks. Customers are recommended to install the security updates released by the company. In 2024, Apple addressed six zero-day vulnerabilities in its products.

Spyware 119

Spyware Surveillance Media Hacking 119

Security Affairs

OCTOBER 25, 2021

Threat actors infected the iPhone of New York Times journalist Ben Hubbard with NSO Group’s Pegasus spyware between June 2018 to June 2021. The iPhone of New York Times journalist Ben Hubbard was repeatedly infected with NSO Group’s Pegasus spyware. SecurityAffairs – hacking, NSO Group). Pierluigi Paganini.

Spyware 122

Spyware Hacking Backups Accountability 122

Security Affairs

SEPTEMBER 23, 2021

Apple has released security updates to address three zero-day vulnerabilities exploited in attacks in the wild to compromise iPhones and Macs running vulnerable iOS and macOS versions. Apple confirmed that at least one of the flaws was exploited by threat actors to infect the device with the NSO Pegasus spyware. Pierluigi Paganini.

Spyware 145

Spyware Hacking Information Security Malware 145

Security Affairs

OCTOBER 22, 2024

The vulnerability was discovered by the researchers Xingyu Jin from Google Devices & Services Security Research and Clement Lecigene from Google Threat Analysis Group. The fact that Google TAG discovered the flaw suggests that commercial spyware vendors may have used the exploit to target Samsung devices.

Firmware 144

Firmware Mobile Spyware Media 144

Security Affairs

MAY 22, 2024

A researcher discovered a consumer-grade spyware app on the check-in systems of at least three Wyndham hotels across the US. The security researcher Eric Daigle discovered a commercial spyware app, called pcTattletale, on the check-in systems of at least three Wyndham hotels across the US, TechCrunch first reported.

Spyware 136

Spyware Surveillance Software Internet 136

Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Spyware 131

Spyware Government Surveillance Media 131

Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. The post Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware appeared first on Security Affairs. Pierluigi Paganini.

Spyware 144

Spyware Surveillance Mobile Advertising 144

Security Affairs

SEPTEMBER 14, 2023

The iPhone of a prominent Russian journalist, who is at odds with Moscow, was infected with NSO Group’s Pegasus spyware. The iPhone of the Russian journalist Galina Timchenko was compromised with NSO Group’s Pegasus spyware. The threat actors used a zero-click exploit, likely the PWNYOURHOME. ” reported Citizen Lab.

Spyware 131

Spyware Surveillance Media Government 131

Security Affairs

MAY 23, 2022

The attacks aimed at installing the surveillance spyware Predator, developed by the North Macedonian firm Cytrox. ” In December a report published by CitizenLab, when its researchers detailed the use of the Predator Spyware against exiled politician Ayman Nour and the host of a popular news program. To nominate, please visit:?

Spyware 144

Spyware Surveillance Government Banking 144

Security Affairs

FEBRUARY 10, 2022

I transcribed a recent interview, here some questions and answers about nation-state hacking, spyware, and cyber warfare. Enjoy” How has spyware changed the rules of cyber security in recent years? What will cyber security look like now that those tools are all over the internet? Pierluigi Paganini.

Spyware 98

Spyware Hacking Ransomware Surveillance 98

Security Affairs

APRIL 25, 2020

Facebook advocates have challenged a plea from spyware maker NSO Group to dismiss the legal dispute over the hacking accusations, arguing it has immunity from prosecution. Now both companies are providing technical details requested by the cyber-security experts. Pierluigi Paganini. SecurityAffairs – Facebook, NSO Group).

Spyware 133

Spyware Surveillance Advertising Mobile 133

Security Affairs

APRIL 11, 2024

Apple is warning iPhone users in over 90 countries of targeted mercenary spyware attacks, Reuters agency reported. Apple is alerting iPhone users in 92 countries about mercenary spyware attacks, reported Reuters. Reuters only mentioned India as one of the countries where users were targeted by the attacks.

Spyware 132

Spyware Mobile Hacking Government 132

Security Affairs

FEBRUARY 24, 2021

The threat actors used by spyware to take over the target systems, spy on the victims, and exfiltrate data. The link points to files containing spyware that could infect both Mac OS or Windows systems. Kerrdown downloads and installs additional spyware from a server on the victim’s system, then it opens a decoy document. .”

Spyware 128

Spyware Government Surveillance Phishing 128

Security Affairs

SEPTEMBER 7, 2023

Citizen Lab reported that the actively exploited zero-days fixed by Apple are being used in Pegasus spyware attacks Researchers at Citizen Lab reported that the actively exploited zero-day flaws (CVE-2023-41064 and CVE-2023-41061) fixed by Apple are being used to infect devices with NSO Group ’s Pegasus spyware.

Spyware 131

Spyware Accountability Hacking Mobile 131

Security Affairs

FEBRUARY 11, 2021

Lookout researchers provided details about two Android spyware families employed by an APT group tracked as Confucius. Researchers at mobile security firm Lookout have provided details about two recently discovered Android spyware families, dubbed Hornbill and SunBird, used by an APT group named Confucius. Pierluigi Paganini.

Spyware 143

Spyware Surveillance Malware Mobile 143

Security Affairs

MAY 30, 2024

Researchers from ThreatFabric discovered a macOS version of the LightSpy spyware that has been active in the wild since at least January 2024. The macOS version of LightSpy supports 10 plugins to exfiltrate private information from devices. However, their potential functionality is known based on panel analysis.”

Spyware 136

Spyware Malware Surveillance Mobile 136

Security Affairs

MARCH 27, 2021

Researchers spotted a sophisticated Android spyware that implements exfiltration capabilities and surveillance features, including recording audio and phone calls. Experts from security firm Zimperium have spotted a new sophisticated Android spyware that masquerades itself as a System Update application. Pierluigi Paganini.

Spyware 117

Spyware Malware Surveillance Mobile 117

Security Affairs

JANUARY 17, 2024

Researchers devised a “lightweight method,” called iShutdown, to determine whether Apple iOS devices have been infected with spyware. Cybersecurity researchers from Kaspersky have identified a “lightweight method,” called iShutdown, to identify the presence of spyware on Apple iOS devices.

Spyware 140

Spyware Mobile Malware Surveillance 140

Security Affairs

NOVEMBER 3, 2023

Kaspersky researchers are warning of multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. Kaspersky researchers discovered multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. mods are modifications or alterations made to an application, often by third-party developers or users.

Spyware 135

Spyware Malware Mobile Advertising 135

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 109

Cryptocurrency Hacking Phishing Cyber Attacks 109

Security Affairs

SEPTEMBER 22, 2023

Citizen Lab and Google’s TAG revealed that the three recently patched Apple zero-days were used to install Cytrox Predator spyware. Apple this week released emergency security updates to address three new zero-day vulnerabilities (CVE-2023-41993, CVE-2023-41991, CVE-2023-41992) that have been exploited in attacks in the wild.

Spyware 127

Spyware Surveillance Mobile Hacking 127

Security Affairs

DECEMBER 27, 2024

To mitigate the issue, customers can set Log Severity to “none” for all DNS Security categories in each Anti-Spyware profile via the DNS Policies settings in Panorama or unmanaged firewalls. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,PAN-OS)

DNS 112

DNS Firewall Spyware Software 112

Security Affairs

APRIL 16, 2024

Researchers warn of a renewed cyber espionage campaign targeting users in South Asia with the Apple iOS spyware LightSpy Blackberry researchers discovered a renewed cyber espionage campaign targeting South Asia with an Apple iOS spyware called LightSpy. This report also includes a list of IoCs for this threat.

Spyware 132

Spyware Mobile Malware Encryption 132

Security Affairs

MARCH 3, 2023

The phone of an opposition-linked Polish mayor was infected with the powerful Pegasus spyware, local media reported. Reuters reported that the phone of an opposition-linked Polish mayor was infected with the Pegasus spyware. According to rumors, the Polish special services are using surveillance software to spy on government opponents.

Spyware 98

Spyware Surveillance Hacking Government 98

Security Affairs

FEBRUARY 6, 2024

Google’s TAG revealed that Commercial spyware vendors (CSV) were behind most of the zero-day vulnerabilities discovered in 2023. ” The report includes the names of CSVs of any size and information about their commercial spyware. Google hopes this report will serve as a call to action. ” concludes Google.

Spyware 133

Spyware Surveillance Government Software 133

Security Affairs

NOVEMBER 26, 2021

A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e.

Spyware 119

Spyware Social Engineering Surveillance Engineering 119

Security Affairs

FEBRUARY 15, 2025

However, the circumstance that the Citizen Lab researchers discovered the attack suggests that the threat actor may have used a zero-day exploit to deliver commercial spyware in highly targeted attacks. Such kinds of attacks often rely on zero-day exploits to target journalists, dissidents, and opposition politicians with spyware.

Spyware 107

Spyware DDOS Hacking Authentication 107

Security Affairs

AUGUST 15, 2020

SecurityAffairs – hacking, XCSSET). The post XCSSET Mac spyware spreads via Xcode Projects appeared first on Security Affairs. . ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Spyware 143

Spyware Malware Advertising Cryptocurrency 143

Security Affairs

JANUARY 28, 2022

Finland Ministry for Foreign Affairs revealed that devices of Finnish diplomats have been infected with NSO Group’s Pegasus spyware. Finland’s Ministry for Foreign Affairs revealed that the devices of some Finnish diplomats have been compromised with the infamous NSO Group’s Pegasus spyware. Pierluigi Paganini.

Spyware 98

Spyware Surveillance Mobile Risk 98

Security Affairs

AUGUST 24, 2021

Citizen Lab uncovered a new zero-click iMessage exploit that was used to deploy the NSO Group’s Pegasus spyware on devices belonging to Bahraini activists. Researchers from Citizen Lab spotted a zero-click iMessage exploit that was used to deploy NSO Group’s Pegasus spyware on Bahraini activists’ devices.

Spyware 98

Spyware Surveillance Hacking Mobile 98

Security Affairs

MAY 14, 2019

Facebook fixed a critical zero-day flaw in WhatsApp that has been exploited to remotely install spyware on phones by calling the targeted device. Facebook has recently patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device.

Spyware 111

Spyware Surveillance Mobile Advertising 111