2014, Encryption, Information Security and Spyware

XCSSET Mac spyware spreads via Xcode Projects

Security Affairs

AUGUST 15, 2020

The malware also implements ransomware behavior, it is able to encrypt files and display a ransom note. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Xcode developers are at risk. Pierluigi Paganini.

Spyware

Spyware Malware Advertising Cryptocurrency

Earth Empusa targets minority group with Android ActionSpy spyware

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices,” reads the report published by Trend Micro.

Spyware

Spyware Advertising Encryption Phishing

Experts found Joker Spyware in 24 apps in the Google Play store

Security Affairs

SEPTEMBER 8, 2019

Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” Google has removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” states the analysis. The C&C URL 6.

Spyware

Spyware Advertising Malware Cryptocurrency

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Unknown FinSpy Mac and Linux versions found in Egypt

Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. The binaries are obfuscated and do some checks to detect if the spyware is running in a Virtual Machine. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Surveillance Mobile Advertising

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

Security Affairs

JULY 18, 2019

The researchers attribute the spyware to the Russia-linked and Gamaredon Group. The modules used by EvilGnome are reminiscent of the Windows tools used by the Gamaredon Group, other analogies include the use of SFX, persistence with task scheduler and the deployment of information stealers. Pierluigi Paganini.

Spyware

Spyware Malware Advertising Cyber Attacks

Google removes 17 Joker -infected apps from the Play Store

Security Affairs

SEPTEMBER 27, 2020

The spyware is able to steal SMS messages, contact lists and device information along with to sign victims up for premium service subscriptions. In this case, the stager payload URL encoded in the code itself was encrypted using Advanced Encryption Standard (AES). ” concludes the report. Pierluigi Paganini.

Malware

Malware Advertising Spyware Encryption

Google revealed how watering hole attacks compromised iPhone devices earlier this year

Security Affairs

AUGUST 30, 2019

Threat actors used at least five unique iPhone exploit chains that allowed them to remotely jailbreak a device and deliver spyware. The spyware implant was also able to steal the database files from popular end-to-end encryption apps like Whatsapp, Telegram, and iMessage. credentials, authentication tokens, and certificates).

Spyware

Spyware Hacking Advertising Encryption

UN approves Russia-Cina sponsored resolution on new cybercrime convention

Security Affairs

DECEMBER 30, 2019

Security experts have detected and analyzed some of the tools in its arsenals, such as the popular Pegasus spyware (for iOS) and Chrysaor (for Android). In September 2018, a report published by Citizen Lab revealed that the NSO Pegasus spyware was used against targets across 45 countries worldwide. Pierluigi Paganini.

Cybercrime

Cybercrime Surveillance Spyware Government

PhantomLance, a four-year-long cyberespionage spying campaign

Security Affairs

APRIL 28, 2020

Kaspersky experts found a similar sample on Google Play, it implements high levels of encryption, furthermore, the malicious code was able to download and execute additional malicious payloads that would be suitable to the specific device environment (i.e Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Advertising Spyware Marketing

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs

MARCH 8, 2020

Once the GuLoader malware has downloaded an encrypted file from [link] it will decrypt it and inject the malware into the legitimate Windows wininit.exe process. The final payload is the FormBook information-stealing Trojan, a malware that was first spotted by researchers at FireEye in October 2017. Pierluigi Paganini.

Malware

Malware Scams Social Engineering Phishing

Security Affairs newsletter Round 240

Security Affairs

NOVEMBER 17, 2019

Apple Mail stores parts of encrypted emails in plaintext DB. WhatsApp flaw CVE-2019-11931 could be exploited to install spyware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

DDOS

DDOS Spyware Advertising Ransomware

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs

JUNE 18, 2020

Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions in Eastern Europe. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

DNS

DNS Advertising Spyware Software

A new variant of Asruex Trojan exploits very old Office, Adobe flaws

Security Affairs

AUGUST 23, 2019

Asruex first appeared in the threat landscape 2015, researchers linked it to the spyware used by the DarkHotel APT group. “This Asruex variant compresses and encrypts the original executable file or host file and appends it as its. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Spyware Advertising Encryption

Security Affairs newsletter Round 228

Security Affairs

AUGUST 25, 2019

App tainted with Ahmyst Open-source spyware appeared on Google Play Store twice. million to allow towns to access encrypted data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Texas attackers demand $2.5

Small Business

Small Business Spyware Data breaches Advertising

Anti-Debugging Techniques from a Complex Visual Basic Packer

Security Affairs

JULY 17, 2019

Hash 32951a56e3fcd8f5b006c0b64ec694ddf722eba71e2093f7ee90f57856941f3d Threat Hawkey Spyware Brief Description Hawkey Spyware inside a Visual Basic Packer Ssdeep 12288:GVwYvwrMkE9LfRUXkpW7zGidwY/rwxOp8mH:COrI9zRUJfGCfzw0. Table 1: Information about the PE file inside the ISO image. It is the encrypted final payload.

Spyware

Spyware Malware Passwords Accountability

Stealth Falcon’s undocumented backdoor uses Windows BITS to exfiltrate data

Security Affairs

SEPTEMBER 9, 2019

In 2016, researchers from non-profit organization CitizenLab published a report that describes a campaign of targeted spyware attacks carried by the Stealth Falcon. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Advertising System Administration Spyware

Swedish Government grants police the use of spyware against violent crime suspects

Security Affairs

OCTOBER 24, 2019

The Sweden government is going to authorize the use of spyware on suspects’ devices to spy on their communications and track them. “ The police are given the opportunity to read encrypted communications. From March next year, it will be legal to intercept encrypted calls in mobiles, computers and video calls.”

Spyware

Spyware Government Surveillance Encryption

WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies

Security Affairs

OCTOBER 30, 2019

In May, Facebook has patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device. Today @WhatsApp is taking a stand against the dangerous use of spyware. This abuse must be stopped. ” reads the lawsuit.

Surveillance

Surveillance Technology Spyware Mobile

Security Affairs - Untitled Article

Security Affairs

JUNE 8, 2019

According to the draft law, the country’s intelligence agencies are allowed to, under specific circumstances, to intercept encrypted traffic to and from publishing companies, radio and television broadcasters, and freelance journalists. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Surveillance

Surveillance Media Encryption Spyware

Cyber Security Informer

XCSSET Mac spyware spreads via Xcode Projects

Earth Empusa targets minority group with Android ActionSpy spyware

Webinars

Trending Sources

Experts found Joker Spyware in 24 apps in the Google Play store

Webinars

Unknown FinSpy Mac and Linux versions found in Egypt

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

Google removes 17 Joker -infected apps from the Play Store

Google revealed how watering hole attacks compromised iPhone devices earlier this year

UN approves Russia-Cina sponsored resolution on new cybercrime convention

PhantomLance, a four-year-long cyberespionage spying campaign

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs newsletter Round 240

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

A new variant of Asruex Trojan exploits very old Office, Adobe flaws

Security Affairs newsletter Round 228

Anti-Debugging Techniques from a Complex Visual Basic Packer

Stealth Falcon’s undocumented backdoor uses Windows BITS to exfiltrate data

Swedish Government grants police the use of spyware against violent crime suspects

WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies

Security Affairs - Untitled Article

Stay Connected