Security Affairs

JANUARY 9, 2022

The US NCSC and the Department of State published joint guidance on defending against attacks using commercial surveillance tools. In the last years, we have reported several cases of companies selling commercial surveillance tools to governments and other entities that have used them for malicious purposes. Pierluigi Paganini.

Surveillance 145

Surveillance Mobile Spyware Malware 145

Security Affairs

MARCH 20, 2025

The archive contains a fake PDF report and DarkTortilla malware, which acts as a launcher for the Dark Crystal RAT ( DCRat ). The modular architecture of the malware allows to extend its functionalities for multiple malicious purposes, including surveillance, reconnaissance, information theft, DDoS attacks, and arbitrary code execution.

Computers and Electronics 107

Computers and Electronics Telecommunications Malware Surveillance 107

CyberSecurity Insiders

JULY 22, 2021

Chine Foreign Ministry has issued a public statement condemning the distribution and usage of Pegasus Spyware surveillance software by various countries. It has also accused United States & NATO for circulating misinformation that the Chinese intelligence was funding hacking groups to launch cyber attacks on the west.

Surveillance 145

Surveillance Spyware Software Government 145

Security Affairs

MARCH 21, 2025

Russian intelligence agencies could use these exploits for surveillance and espionage purposes. Zero-day prices have risen as the level of security of messaging apps and mobile devices becomes harder to hack. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,zero-day)

Government 144

Government Surveillance Mobile Hacking 144

Security Affairs

DECEMBER 3, 2024

According to rumors, the Polish special services are using surveillance software to spy on government opponents. The news of the hack was reported by the Gazeta Wyborcza daily, and unfortunately, it isn’t the first time that the Pegasus spyware was used in the country.

Spyware 117

Spyware Government Surveillance Hacking 117

Security Affairs

MARCH 10, 2021

A group of hackers claimed to have compromised more than 150,000 surveillance cameras at banks, jails, schools, and prominent companies like Tesla and Equinox. Hackers also posted images captured from the hacked surveillance video on Twitter with an #OperationPanopticon hashtag. SecurityAffairs – hacking, surveillance cameras).

Surveillance 141

Surveillance Hacking Banking Firmware 141

Security Affairs

JULY 12, 2020

Google announced that starting from August it will update its policies to reject ads proposed by organizations offering surveillance software. The move aims at fighting the advertising of any form of surveillance. SecurityAffairs – hacking, ads). access their messages, phone calls, or tracking their position).

Surveillance 141

Surveillance Spyware Advertising Marketing 141

Security Affairs

AUGUST 28, 2022

Leaked documents show the surveillance firm Intellexa offering exploits for iOS and Android devices for $8 Million. Intellexa is an Israeli surveillance firm founded by Israeli entrepreneur Tal Dilian, it offers surveillance and hacking solution to law enforcement and intelligence agencies. Pierluigi Paganini.

Surveillance 141

Surveillance Spyware Mobile Hacking 141

Tech Republic Security

MARCH 18, 2020

The drastic spread of coronavirus across the world has not stopped cybercriminals from exploiting fear to hack into devices.

Surveillance 158

Surveillance Mobile Malware Hacking 158

Security Affairs

MARCH 13, 2025

North Korea-linked threat actor ScarCruft (aka APT37 , Reaper, and Group123) is behind a previously undetected Android surveillance tool namedKoSpythat was used to target Korean and English-speaking users. The researchers state that the threat is a relatively new malware family with early samples going back to March 2022.

Spyware 78

Spyware Surveillance Encryption Malware 78

Security Affairs

OCTOBER 14, 2020

Earlier this month, German authorities have raided the offices of FinFisher, the German surveillance software firm, accused of providing its software to oppressive regimes. SecurityAffairs – hacking, K-Electric). The post German authorities raid the offices of the FinFisher surveillance firm appeared first on Security Affairs.

Surveillance 126

Surveillance Spyware Advertising Software 126

Security Affairs

MAY 1, 2023

Iranian authorities have been spotted using the BouldSpy Android malware to spy on minorities and traffickers. Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). continues the report.

Surveillance 98

Surveillance Malware Spyware Accountability 98

The Last Watchdog

DECEMBER 16, 2024

Meanwhile, while business logic hacks, supply chain holes, and cyber extortion continue to loom large. Attackers arent hacking in theyre logging in. DeSimone John DeSimone , CEO at Nightwing In 2025, AI will enhance both cybersecurity defenses and adversaries’ attacks, enabling advanced malware, deepfakes, and misinformation.

Cyber threats 264

Cyber threats CISO IoT Phishing 264

Security Affairs

JANUARY 27, 2025

Usually, such kinds of vulnerabilities are exploited by nation-state actors or commercial surveillance spyware vendors in targeted attacks. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,newsletter) In 2024, Apple addressed six zero-day vulnerabilities in its products.

Spyware 119

Spyware Surveillance Media Hacking 119

Security Affairs

SEPTEMBER 3, 2020

According to an anonymous Belarusian security researcher the app was designed for surveillance purposes, it collects info on the device owner and geolocation data, then periodically sends the data back to a remote server. SecurityAffairs – hacking, Belarusian government). ,” reads the message published by Nexta on Telegram.

Surveillance 138

Surveillance Government Advertising Malware 138

Security Affairs

JULY 28, 2022

Microsoft linked a private-sector offensive actor (PSOA) to attacks using multiple zero-day exploits for its Subzero malware. The group targets entities in Europe and Central America with a surveillance tool dubbed Subzero. SecurityAffairs – hacking, Subzero malware). Follow me on Twitter: @securityaffairs and Facebook.

Surveillance 100

Surveillance Malware Authentication Accountability 100

Schneier on Security

MARCH 5, 2020

To do so, they are using a variety of digital communications and surveillance systems. Like much of the medical infrastructure, these systems are highly vulnerable to hacking and interference. Numerous health surveillance systems are monitoring the spread of COVID-19 cases, including the CDC's influenza surveillance network.

Surveillance 279

Surveillance Hacking Government Risk 279

Schneier on Security

JUNE 23, 2021

To evade detection, the malware makes use of the company’s so-called “invisible low stealth technology” and its Android product is advertised as having “low data and battery consumption” to prevent people from suspecting their phone or tablet has been infected.

Manufacturing 297

Manufacturing Spyware Surveillance Marketing 297

Security Affairs

FEBRUARY 26, 2025

The malware also grants attackers access to the devices system, enabling them to retrieve user KeyChain data, device lists, and execute shell commands, potentially gaining full control over the device. . “This is the first reference we are aware of Facebook and Instagram database targeting within LightSpy’s command structure.

Data collection 103

Data collection Spyware Media Surveillance 103

Security Affairs

FEBRUARY 8, 2021

Iran-linked APT group Domestic Kitten, also tracked as APT-C-50, has been conducting widespread surveillance targeting over 1,000 individuals. Both groups have conducted long-running cyber-attacks and intrusive surveillance campaigns, which target both individuals’ mobile devices and personal computers.”

Surveillance 114

Surveillance Mobile Malware Cyber Attacks 114

Security Affairs

SEPTEMBER 16, 2024

The IT giant fears that the disclosures of its threat intelligence related to commercial spyware operations could aid NSO and other surveillance firms. ” The officials requested an Israeli court to keep this action secret, even from parties involved in Meta’s ongoing WhatsApp hacking lawsuit against NSO. .

Surveillance 119

Surveillance Spyware Risk Hacking 119

Security Affairs

JUNE 24, 2022

Researchers from Google’s Threat Analysis Group (TAG) revealed that the Italian surveillance firm RCS Labs was helped by some Internet service providers (ISPs) in Italy and Kazakhstan to infect Android and iOS users with their spyware. SecurityAffairs – hacking, RCS Labs). Follow me on Twitter: @securityaffairs and Facebook.

Surveillance 135

Surveillance Mobile Spyware Telecommunications 135

Security Affairs

FEBRUARY 6, 2022

One of the Apple iOS zero-day flaws exploited by the NSO group was also used by another surveillance firm named QuaDream. One of the vulnerabilities in Apple iOS that was previously exploited by the spyware developed by the Israeli company NSO Group was also separately used by another surveillance firm named QuaDream.

Surveillance 98

Surveillance Spyware Government Hacking 98

Security Affairs

DECEMBER 21, 2020

Tens of Al Jazeera employees were targeted in a cyber espionage campaign leveraging a zero-click iOS zero-day vulnerability to hack their iPhones. Researchers from Citizen Lab reported that at least 36 Al Jazeera employees were targeted in a cyber espionage campaign leveraging a zero-click iOS zero-day vulnerability to hack their iPhones.

Hacking 142

Hacking Surveillance Spyware Government 142

Heimadal Security

APRIL 14, 2022

This RAT can be used for a variety of reasons, including surveillance and penetration testing, and has even been employed in hacking campaigns in […]. The post RemcosRAT Malware Is Targeting African Banks appeared first on Heimdal Security Blog.

Banking 120

Banking Penetration Testing Malware Surveillance 120

Security Affairs

APRIL 12, 2023

At least five members of civil society worldwide have been targeted with spyware and exploits developed by surveillance firm QuaDream. Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. ” concludes Citizen Lab.

Spyware 98

Spyware Surveillance Malware Government 98

Security Affairs

APRIL 13, 2022

According to a report published by Reuters, an Israeli surveillance software was used to spy on senior officials in the European Commission. 26 email reviewed by Reuters, a senior tech staffer sent a message to colleagues with background about Israeli hacking tools and a request to be on the lookout for additional warnings from Apple.”

Surveillance 104

Surveillance Software Spyware Hacking 104

Security Affairs

JUNE 17, 2022

Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country.

Spyware 105

Spyware Surveillance Telecommunications Mobile 105

Security Affairs

NOVEMBER 11, 2022

Lookout researchers discovered two long-running surveillance campaigns targeting the ethnic minority Uyghurs. Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. Bazar is a lesser known spelling of Bazaar.” ” reads the report published by Lookout.

Surveillance 98

Surveillance Spyware Malware Mobile 98

Security Affairs

JANUARY 14, 2021

Security experts from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax , against Colombian government institutions and private companies. Malware researchers from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax , against Colombian entities exclusively. Pierluigi Paganini.

Malware 140

Malware Surveillance Phishing Government 140

Security Affairs

MARCH 30, 2019

The malware was tracked as Exodus, after the name of the command and control servers the malicious apps connected to. The malware was undetected for months, and unfortunately, this isn’t the first time that malicious codes are hosted on the Google Play store without being detected. ” continues the report.

Government 111

Government Malware Spyware Surveillance 111

Security Affairs

APRIL 9, 2019

In the last weeks, a new Android surveillance malware dubbed Exodus made the headlines, now expert found the iOS version of the government spyware. Security experts at LookOut have discovered an iOS version of the dreaded surveillance Android app Exodus that was initially found on the official Google Play Store. to eSurv S.R.L.

Surveillance 102

Surveillance Spyware Phishing Malware 102

Threatpost

SEPTEMBER 21, 2020

A new Android malware strain has been uncovered, part of the Rampant Kitten threat group's widespread surveillance campaign that targets Telegram credentials and more.

Malware 120

Malware Passwords Surveillance Authentication 120

Security Affairs

JUNE 3, 2024

Russia-linked APT28 used the HeadLace malware and credential-harvesting web pages in attacks against networks across Europe. In December 2023, researchers from Proofpoint and IBM detailed a new wave of APT spear-phishing attacks relying on multiple lure content to deliver Headlace malware.

Malware 141

Malware Phishing Surveillance Internet 141

Security Affairs

DECEMBER 30, 2019

The United Arab Emirates denied reports that the popular mobile app ToTok was used as part of a government massive surveillance program. According to a report recently published by the New York Times , the popular app ToTok was used by the UAE government as a surveillance tool. SecurityAffairs – ToTok, surveillance).

Surveillance 95

Surveillance Government Telecommunications Advertising 95

Security Affairs

MAY 10, 2020

Attackers confirmed that attackers compromised the IT network of the company and deployed some of its machines with malware that was used to exfiltrate data from the infected devices. “Stadler internal surveillance services found out that the company’s IT network has been attacked by malware which has most likely led to a data leak.

Manufacturing 142

Manufacturing Malware Data breaches Backups 142

Security Affairs

APRIL 17, 2023

The Israeli surveillance firm QuaDream is allegedly shutting down its operations after Citizen Lab and Microsoft uncovered their spyware. Last week Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. and 14.4.2,

Surveillance 98

Surveillance Spyware Education Media 98