Security Affairs

JULY 15, 2021

Experts said that Israeli surveillance firm Candiru, tracked as Sourgum, exploited zero-days to deliver a new Windows spyware. Microsoft and Citizen Lab believe that the secretive Israel-based Israeli surveillance firm Candiru, tracked as Sourgum, used Windows zero-day exploits to deliver a new Windows spyware dubbed DevilsTongue.

Spyware 109

Spyware Surveillance Manufacturing Government 109

Krebs on Security

MARCH 22, 2023

Google says it has suspended the app for the Chinese e-commerce giant Pinduoduo after malware was found in versions of the software. Google said it believes the exploit chain for Samsung devices belonged to a “commercial surveillance vendor,” without elaborating further. That Weibo post has since been deleted.

Malware 272

Malware eCommerce Mobile Media 272

Security Affairs

APRIL 13, 2022

According to a report published by Reuters, an Israeli surveillance software was used to spy on senior officials in the European Commission. 26 email reviewed by Reuters, a senior tech staffer sent a message to colleagues with background about Israeli hacking tools and a request to be on the lookout for additional warnings from Apple.”

Surveillance 87

Surveillance Software Spyware Hacking 87

Security Affairs

JULY 12, 2020

Google announced that starting from August it will update its policies to reject ads proposed by organizations offering surveillance software. The move aims at fighting the advertising of any form of surveillance. SecurityAffairs – hacking, ads). access their messages, phone calls, or tracking their position).

Surveillance 104

Surveillance Spyware Advertising Marketing 104

Security Affairs

JUNE 24, 2022

Researchers from Google’s Threat Analysis Group (TAG) revealed that the Italian surveillance firm RCS Labs was helped by some Internet service providers (ISPs) in Italy and Kazakhstan to infect Android and iOS users with their spyware. SecurityAffairs – hacking, RCS Labs). Follow me on Twitter: @securityaffairs and Facebook.

Surveillance 105

Surveillance Mobile Spyware Telecommunications 105

Krebs on Security

OCTOBER 28, 2020

In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents — including schematics of client bank vaults and surveillance systems. He declined to comment on the particulars of the extortion incident.

Hacking 344

Hacking Ransomware Banking Accountability 344

Security Affairs

APRIL 16, 2023

Microsoft warns of a new Remcos RAT campaign targeting US accounting and tax return preparation firms ahead of Tax Day. Tax Day, Microsoft has observed a new Remcos RAT campaign targeting US accounting and tax return preparation firms. Ahead of the U.S. The phishing attacks began in February 2023, the IT giant reported.

Accountability 85

Accountability Phishing Financial Services Surveillance 85

Security Affairs

APRIL 1, 2023

Five of the issues added by CISA to its catalog are part of the exploits used by surveillance vendors to target mobile devices with their commercial spyware: CVE-2021-30900 – Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability.

Spyware 75

Spyware Surveillance Mobile Education 75

Bleeping Computer

MARCH 24, 2021

Facebook took down accounts used by a Chinese-sponsored hacking group to deploy surveillance malware on devices used by Uyghurs activists, journalists, and dissidents living outside China. [.].

Surveillance 121

Surveillance Accountability Malware Hacking 121

Security Affairs

SEPTEMBER 4, 2022

The author of the remote access trojan (RAT) CodeRAT has leaked the source code of its malware on GitHub. The development team behind the remote access trojan (RAT) CodeRAT has leaked the source code of its malware on GitHub after the. Experts believe that the malware is a surveillance software used by the Iranian government.

Malware 97

Malware Surveillance Government Hacking 97

Security Affairs

APRIL 23, 2024

The measure aims to counter the misuse of surveillance technology targeting journalists, academics, human rights defenders, dissidents, and US Government personnel, as documented in the Country Reports on Human Rights Practices. ” In February, the U.S. The policy underscores the U.S. The Entity List maintained by the U.S.

Spyware 84

Spyware Surveillance Government Technology 84

Security Affairs

FEBRUARY 6, 2024

government’s commitment to addressing the misuse of surveillance software, which poses a significant threat to society. The United States stands on the side of human rights and fundamental freedoms and will continue to promote accountability for individuals involved in commercial spyware misuse.”

Spyware 85

Spyware Surveillance Government Technology 85

Security Affairs

FEBRUARY 9, 2023

Researchers reported that the top-of-the-line Android mobile devices sold in China are shipped with malware. The experts pointed out that also users that leave the country are exposed to surveillance, through the pre-installed software. The researchers also compared the preinstalled system apps on the Chinese (CN) and Global (e.g.,

Mobile 97

Mobile Malware Surveillance Spyware 97

Security Affairs

DECEMBER 3, 2021

The US officials targeted by the surveillance software were either based in Uganda or focused on matters concerning the African country, revealed Reuters which was not able to determine which was NSO client that orchestrated the attacks. “The intrusions, first reported here, represent the widest known hacks of U.S.

Spyware 97

Spyware Surveillance Hacking Software 97

Security Affairs

JANUARY 7, 2024

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4

Artificial Intelligence 85

Artificial Intelligence Data breaches Scams Insurance 85

Security Affairs

SEPTEMBER 18, 2020

Security researchers discovered Android malware capable of bypassing 2FA that was developed by an Iran-linked group dubbed Rampant Kitten. Security researchers from Check Point discovered an Android malware, developed by an Iran-linked group dubbed Rampant Kitten, that is able to bypass 2FA. SecurityAffairs – hacking, Rampant Kitten).

Malware 101

Malware Phishing Accountability Advertising 101

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% SecurityAffairs – hacking, newsletter).

Spyware 115

Spyware Manufacturing Small Business Surveillance 115

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 86

Spyware Surveillance Identity Theft DDOS 86

Security Affairs

MAY 22, 2024

The company designs and develops digital imaging products for use in mobile phones, laptops, netbooks and webcams, security and surveillance cameras, entertainment, automotive and medical imaging systems. In early January, the Cactus ransomware group claimed to have hacked Coop, one of the largest retail and grocery providers in Sweden.

Data breaches 98

Data breaches Ransomware Manufacturing Encryption 98

Security Affairs

NOVEMBER 26, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. million patients in the U.S. million patients in the U.S.

Data breaches 81

Data breaches Surveillance Cryptocurrency Ransomware 81

Security Affairs

OCTOBER 30, 2019

WhatsApp sued Israeli surveillance firm NSO Group, accusing it of using a flaw in its messaging service to conduct cyberespionage on journalists and activists. WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. ” reads the lawsuit. ” continues the post.

Surveillance 50

Surveillance Technology Spyware Mobile 50

Security Affairs

MARCH 25, 2021

Facebook has closed accounts used by a China-linked APT to distribute malware to spy on Uyghurs activists, journalists, and dissidents living outside China. This group used various cyber-espionage tactics to identify its targets and infect their devices with malware to enable surveillance.” Pierluigi Paganini.

Surveillance 80

Surveillance Social Engineering Malware Spyware 80

Security Affairs

NOVEMBER 24, 2021

Apple has filed suit to ban the Israeli surveillance firm NSO Group and parent company Q Cyber Technologies from using its product and services. federal court for illegally targeting its customers with the surveillance spyware Pegasus. SecurityAffairs – hacking, Pegasus). ” reads the announcement published by Apple.

Spyware 81

Spyware Surveillance Software Hacking 81

Security Affairs

SEPTEMBER 23, 2023

The City of Dallas revealed that the Royal ransomware gang that hit the city system in May used a stolen account. CBS News Texas obtained an image the ransomware note dropped by the malware on the infected systems. “Royal’s initial access utilized the basic service domain service account, connecting to a server.

Ransomware 97

Ransomware Surveillance Healthcare Accountability 97

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 90

Data breaches Malware Mobile Spyware 90

Security Affairs

SEPTEMBER 11, 2022

The campaigns have been conducted since 2015 and are aimed at conducting information collection and surveillance operations against individuals and organizations of strategic interest to Teheran. ” The surveillance operations conducted by the APT group involved the distribution of Android malware such as VINETHORN and PINEFLOWER.

Surveillance 91

Surveillance Social Engineering Phishing Government 91

Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Spyware 108

Spyware Government Surveillance Media 108

Security Affairs

JULY 31, 2022

increased rewards for info on North Korea-linked threat actors to $10 million Threat actors leverages DLL-SideLoading to spread Qakbot malware Zero Day attacks target online stores using PrestaShop? million Twitter accounts available for sale. SecurityAffairs – hacking, newsletter). and Blackmatter ransomware U.S.

Firmware 68

Firmware Surveillance Malware DDOS 68

Security Affairs

APRIL 2, 2023

LockBit leaks data stolen from the South Korean National Tax Service Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin Cyber Police of Ukraine (..)

Spyware 80

Spyware Surveillance Artificial Intelligence Data breaches 80

The Last Watchdog

MARCH 20, 2024

Finally, Congress appears to be heeding lessons available to be learned since the hacking John Podesta’s email account – not to mention all of the havoc Russia was able to foment in our 2016 elections, attempting to interfere in 39 states. During this same time frame, investigators at Pixalate , a Palo Alto, Calif.-based

Media 298

Media Identity Theft Government Surveillance 298

Security Affairs

JULY 24, 2022

ransom and sued its insurance firm for refusing to cover this payment Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever Google is going to remove App Permissions List from the Play Store Security Affairs newsletter Round 374 by Pierluigi Paganini APT groups target journalists and media organizations since 2021.

Spyware 86

Spyware Surveillance Insurance Malware 86

Security Affairs

OCTOBER 11, 2021

” Threat actors used WhatsApp messages to spread the malware, the account was associated with an Indian phone number that’s registered in the state of Jammu and Kashmir.Once installed, the spyware would allow attackers to take over the device, controlling camera and microphone, access to sensitive information stored on the devices (i.e.

Spyware 78

Spyware Surveillance Accountability Mobile 78

Security Affairs

NOVEMBER 3, 2021

sanctioned four companies for the development of surveillance malware or the sale of hacking tools used by nation-state actors, including NSO Group. NSO Group and Candiru are being sanctioned for the development and sale of surveillance software used to spy on journalists and activists. Department of Commerce.

Technology 102

Technology Government Surveillance Spyware 102

Security Affairs

DECEMBER 10, 2023

billion personal records compromised by data breaches in past two years — underscoring need for end‑to‑end encryption Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) Will Enable Mass Spying Reddit Says Leaked U.S.-U.K.

Data breaches 83

Data breaches Ransomware Hacking Financial Services 83

Security Affairs

JULY 31, 2022

. “We’re publishing the details of a new vulnerability (tracked under CVE-2022-30563) affecting the implementation of the Open Network Video Interface Forum (ONVIF) WS-UsernameToken authentication mechanism in some IP cameras developed by Dahua, a very popular manufacturer of IP-based surveillance solutions.” Pierluigi Paganini.

Surveillance 142

Surveillance Authentication Telecommunications Manufacturing 142

Security Affairs

SEPTEMBER 3, 2022

Google rolled out emergency fixes to address actively exploited Chrome zero-day Samsung discloses a second data breach this year The Prynt Stealer malware contains a secret backdoor. SecurityAffairs – hacking, newsletter). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Data breaches 63

Data breaches Malware Surveillance Ransomware 63

Security Affairs

MARCH 26, 2023

NCA infiltrates the cybercriminal underground with fake DDoS-for-hire sites Pwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-days CISA announced the Pre-Ransomware Notifications initiative China-linked hackers target telecommunication providers in the Middle East City of Toronto is one of the victims hacked by Clop gang using GoAnywhere (..)

Data breaches 73

Data breaches DDOS Backups Ransomware 73