Security Boulevard

SEPTEMBER 25, 2023

The post More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator appeared first on Security Boulevard. Apple Scrambled to Fix 3 More CVEs: Egyptian opposition presidential candidate Ahmed Eltantawy targeted “by the government.

Spyware 126

Spyware Government Social Engineering Data privacy 126

Security Affairs

JANUARY 21, 2022

Researchers spotted several spyware campaigns targeting industrial enterprises to steal credentials and conduct financial fraud. Researchers from Kaspersky Lab have uncovered multiple spyware campaigns that target industrial firms to steal email account credentials and carry out fraudulent activities. ” concludes the report.

Spyware 98

Spyware Accountability Social Engineering Phishing 98

Security Boulevard

JUNE 28, 2023

The post Ironic: LetMeSpy Spyware Hackers Were Hacked (by Hackers) appeared first on Security Boulevard. Content warning: Abuse, stalking, controlling behavior, Schadenfreude, irony, doxxing.

Spyware 111

Spyware Hacking Social Engineering Data breaches 111

Security Boulevard

JULY 18, 2024

In the realm of cybercrime, a threat actor by the name of Transparent Tribe is rapidly spreading the CapraRAT spyware by disguising it as popular Android apps. Media reports claim that these attacks are part of a larger social engineering campaign targeting individuals of interest.

Spyware 64

Spyware Social Engineering Cybercrime Engineering 64

Security Boulevard

MAY 3, 2022

The notorious spyware, sold by NSO Group “only to governments,” caused large amounts of data to be exfiltrated. Hacked by NSO Pegasus Spyware (or was it?) The prime minister and the defense minister of Spain were infected with Pegasus. The post Spanish Govt. appeared first on Security Boulevard.

Spyware 105

Spyware Hacking Government Social Engineering 105

Security Boulevard

MARCH 3, 2021

Another reason is that social engineering lures may be expertly crafted by the attacker after they have been monitoring a victim’s activity for some time, resulting in more effective phishing campaigns with serious security implications. Continue reading Trojan Spyware and BEC Attacks at Sucuri Blog.

Spyware 75

Spyware Social Engineering Phishing Engineering 75

Krebs on Security

SEPTEMBER 14, 2021

Also, Apple has issued an emergency update to fix a flaw that’s reportedly been abused to install spyware on iOS products, and Google ‘s got a new version of Chrome that tackles two zero-day flaws. Finally, Adobe has released critical security updates for Acrobat , Reader and a slew of other software.

Spyware 61

Spyware Social Engineering Surveillance Internet 61

Security Boulevard

AUGUST 22, 2022

NSO, notorious producer of the Pegasus nation-state spyware, is struggling. The post NSO Group Fires CEO — and 100 Staff — in Spyware ‘Streamlining’ appeared first on Security Boulevard. So it’s dumped its CEO, Shalev Hulio, and around 100 employees.

Spyware 98

Spyware Social Engineering Engineering Security Awareness 98

WIRED Threat Level

APRIL 21, 2021

The groups used social engineering techniques on Facebook to direct targets to a wide range of malware, including custom tools.

Social Engineering 94

Social Engineering Spyware Engineering Malware 94

The Hacker News

FEBRUARY 2, 2021

Typically spread through social engineering lures, the Windows spyware not only now targets Microsoft's Antimalware Scan Interface (AMSI) in an attempt to defeat endpoint protection software, it also employs a

Social Engineering 108

Social Engineering Spyware Malware Engineering 108

Security Affairs

FEBRUARY 9, 2025

Texas is the first state to ban DeepSeek on government devices Law enforcement seized the domains of HeartSender cybercrime marketplaces WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware Ransomware attack hit Indian multinational Tata Technologies International Press Newsletter Cybercrime FBI, Dutch Police Disrupt Manipulaters (..)

Spyware 60

Spyware Cybercrime Scams Social Engineering 60

Security Affairs

AUGUST 12, 2020

Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. To do this, the spyware creates different threads and timer functions in the main function. ” concludes the report that also includes indicators of compromise (IoCs).

Passwords 144

Passwords Spyware VPN Malware 144

Security Boulevard

JUNE 23, 2023

Vulns unpatched for FOUR years: ‘Triangulation’ spyware said to use backdoor Apple gave to NSA. The post Apple Fixes 0-Days — Russia Says US Used for Spying appeared first on Security Boulevard.

Spyware 145

Spyware Social Engineering Engineering Mobile 145

SecureList

JANUARY 19, 2022

Kaspersky ICS CERT has uncovered a number of spyware campaigns targeting industrial enterprises. The attackers use off-the-shelf spyware, but limit the scope and lifetime of each sample to the bare minimum. The attackers use off-the-shelf spyware, but limit the scope and lifetime of each sample to the bare minimum.

Spyware 104

Spyware Accountability VPN Malware 104

Joseph Steinberg

JULY 13, 2022

Apple last week announced new security features specifically intended to offer “specialized additional protection to users who may be at risk of highly targeted cyberattacks from private companies developing state-sponsored mercenary spyware.”. Even in Lockdown mode, for example, people can easily install apps that spy on them.

Cybersecurity 258

Cybersecurity Artificial Intelligence Government Social Engineering 258

eSecurity Planet

FEBRUARY 22, 2022

There is no need for social engineering , as the program can implant backdoors directly without forced consent. NSO Group’s Pegasus software has been routinely in the headlines in recent years for using zero-click attacks to install its spyware. Spyware and Zero-Days: A Troubling Market.

Spyware 126

Spyware Software Government Social Engineering 126

Security Affairs

OCTOBER 9, 2024

The researchers haven’t published details about the attacks exploiting the CVE-2024-43047, however, the reporting organizations are known for investigating cyberattacks linked to commercial spyware vendors. Though attacks require social engineering and are likely limited, admins should promptly apply the update to mitigate potential damage.

Social Engineering 136

Social Engineering Spyware Engineering Cybersecurity 136

Security Boulevard

JULY 20, 2021

Yet another zero-day bug in iOS has allowed notorious spyware vendor NSO Group to break into the iPhones of journalists and activists. The post Apple’s Insecure iPhone Lets NSO Hack Journalists (Again) appeared first on Security Boulevard.

Hacking 119

Hacking Spyware Social Engineering Engineering 119

Security Affairs

SEPTEMBER 3, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Social Engineering 125

Social Engineering Data breaches Spyware Malware 125

Security Affairs

APRIL 14, 2024

Crooks manipulate GitHub’s search results to distribute malware BatBadBut flaw allowed an attacker to perform command injection on Windows Roku disclosed a new security breach impacting 576,000 accounts LastPass employee targeted via an audio deepfake call TA547 targets German organizations with Rhadamanthys malware CISA adds D-Link multiple (..)

Data breaches 127

Data breaches Social Engineering Malware Hacking 127

SecureList

DECEMBER 9, 2024

This case underscores the serious risk that social engineering and supply chain attacks pose to open-source projects. In the Triangulation campaign , discovered by Kaspersky last year, attackers compromised the integrity of system software and hardware by exploiting zero-day vulnerabilities to load advanced spyware onto devices.

Internet 106

Internet Internet Risk Social Engineering 106

SecureWorld News

JULY 11, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) issued a warning in April that the group was targeting cryptocurrency and blockchain companies and that it was using social engineering schemes to gain access to the victim's network. The employee who fell for the social engineering scheme no longer works for Sky Mavis.

Social Engineering 96

Social Engineering Hacking Cryptocurrency Cybercrime 96

eSecurity Planet

FEBRUARY 16, 2021

Additional features of botnets include spam, ad and click fraud, and spyware. Cybersecurity vendors like Panda Security suggest the best way to defend against crimeware is using a combination of antivirus, anti-spyware, firewalls, and threat detection technology. Phishing and Social Engineering. Jump ahead: Adware.

Malware 105

Malware Adware Spyware Antivirus 105

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 98

Spyware Hacking Malware Social Engineering 98

CyberSecurity Insiders

MARCH 16, 2023

But after the spread of the Covid-19 pandemic, the focus of hackers has shifted more towards the smart phones with more phishing and social engineering attacks recorded in a 2nd quarter of 2022. All these days, we have seen cyber criminals infiltrating networks and taking down computers.

Cybercrime 94

Cybercrime Social Engineering Mobile Spyware 94

Security Affairs

MARCH 8, 2020

FormBook data-stealing malware was used with cyber espionage purposes, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents. See Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Scams for more information.

Malware 145

Malware Scams Social Engineering Phishing 145

Malwarebytes

JANUARY 25, 2024

Reconnaissance and social engineering are specific fields where AI can be deployed. Currently only state sponsored groups, professional spyware vendors, and the large criminal operations have access to, and know how to use advanced AI tools to increase the effectivity of their attacks.

Ransomware 98

Ransomware Government Social Engineering Spyware 98

Security Affairs

JUNE 11, 2023

Gox exchange and operating BTC-e Japanese Pharmaceutical giant Eisai hit by a ransomware attack Clop ransomware gang was testing MOVEit Transfer bug since 2021 Stealth Soldier backdoor used is targeted espionage attacks in Libya Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue Experts detail a new Kimsuky (..)

Social Engineering 98

Social Engineering Data breaches Ransomware Cybercrime 98

SecureList

NOVEMBER 28, 2024

Epeius is a commercial spyware tool developed by an Italian company that claims to provide intelligence solutions to law enforcement agencies and governments. Unlike previous campaigns, we did not observe the Golang SFX droppers this time. Such actions, in turn, make the infection harder to detect and complicate post-compromise investigation.

Malware 116

Malware Government Software Spyware 116

Hot for Security

JUNE 15, 2021

Given the portability and myriad of functionalities, mobile devices are highly susceptible to cyber threats, including malware, spyware and phishing attempts that may compromise that precious piece of tech we keep in our pocket and any information stored on it. Threat actors know that users often behave recklessly with their smart devices.

Mobile 137

Mobile Banking Phishing Social Engineering 137

Security Affairs

DECEMBER 12, 2024

The Russia-linked APT Gamaredon used two new Android spyware tools calledBoneSpyandPlainGnome against former Soviet states. Lookout researchers linked the BoneSpy and PlainGnome Android surveillance families to the Russian APT group Gamaredon (a.k.a. Armageddon , Primitive Bear, and ACTINIUM).

Mobile 98

Mobile Malware Surveillance Social Engineering 98

Hacker's King

MAY 20, 2023

However, if hackers gain access to these tokens through social engineering, phishing attacks, or other means, they can bypass 2FA by directly entering the codes, granting them unauthorized access. Social Engineering: Guarding Against Manipulation Social engineering remains a potent tool in hackers’ arsenal.

Authentication 52

Authentication Social Engineering Spyware Engineering 52

Security Affairs

NOVEMBER 25, 2020

Business Email Compromise (BEC) is a type of email phishing attack that relies on social engineering. Group-IB researchers note that the cybercriminals behind these BEC operations rely exclusively on a variety of publicly available Spyware and Remote Access Trojans (RATs), such as AgentTesla , Loky, AzoRult , Pony, NetWire , etc.

Cybercrime 138

Cybercrime Phishing Social Engineering Spyware 138

SecureList

JANUARY 18, 2023

The threat landscape is constantly updated through new malware and spyware, advanced phishing methods, and new social engineering techniques. In addition, the likelihood of the data being used for phishing and social engineering increases. . Kaspersky detects an average of 400,000 malicious files every day.

Media 140

Media Social Engineering Ransomware Hacking 140

SecureList

MAY 27, 2022

The attackers study their victims carefully and use the information they find to frame social engineering attacks. One of the things you can do to protect yourself from advanced mobile spyware is to reboot your device on a daily basis. When opened, this document eventually downloads a backdoor. Other malware.

Phishing 134

Phishing Spyware Firmware Malware 134

The Last Watchdog

FEBRUARY 28, 2021

Cybercriminals often leverage social engineering tactics like phishing and spear-phishing to propagate sophisticated malware. It is not unusual to have your system or network infected with malware, such as spyware, that often lingers secretly with no apparent symptoms. Don’t worry though. Common types. Ransomware.

Cyber threats 113

Cyber threats Computers and Electronics Adware Spyware 113

Security Affairs

JULY 4, 2023

The threat actor employed various techniques to circumvent the Multi-Factor Authentication (MFA), including social engineering to trick victims into installing a purported security application for their bank account on their Android devices. The malicious apps are used to capture SMSs containing authorization codes.

Banking 98

Banking Phishing Social Engineering Authentication 98