2017, Information Security and Spyware - Cyber Security Informer

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. reads the analysis published by Amnesty International in October. ” reads the report published by Amnesty International.

Spyware

Spyware Surveillance Mobile Advertising

Mandrake Android spyware found in five apps in Google Play with over 32,000 downloads since 2022

Security Affairs

JULY 30, 2024

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024.

Spyware

Spyware Malware Mobile Marketing

APT C-23 group targets Middle East with an enhanced Android spyware variant

Security Affairs

NOVEMBER 26, 2021

A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e.

Spyware

Spyware Social Engineering Surveillance Engineering

Earth Empusa targets minority group with Android ActionSpy spyware

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices,” reads the report published by Trend Micro.

Spyware

Spyware Advertising Encryption Phishing

CloudMensis spyware went undetected for many years

Security Affairs

JULY 19, 2022

Researchers spotted previously undocumented spyware, dubbed CloudMensis, that targets the Apple macOS systems. Experts have yet to determine how the victims are initially compromised by this spyware. The post CloudMensis spyware went undetected for many years appeared first on Security Affairs. Pierluigi Paganini.

Spyware

Spyware Malware Authentication Architecture

Donot Team targets a Togo prominent activist with Indian-made spyware

Security Affairs

OCTOBER 11, 2021

A Togolese human rights advocate was hit by mobile spyware that has been allegedly developed by an Indian firm called Innefu Labs. Experts believe the attackers used a spyware developed by an Indian company called Innefu Labs. In the past, the Donot Team spyware was found in attacks outside of South Asia. Pierluigi Paganini.

Spyware

Spyware Surveillance Accountability Mobile

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Upon installing the two spyware, they request extensive device permissions.

Spyware

Spyware Surveillance Mobile Malware

Mandrake, a high sophisticated Android spyware used in targeted attacks

Security Affairs

MAY 18, 2020

Security experts discovered a highly sophisticated Android spyware platform, dubbed Mandrake, that remained undetected for four years. Researchers from Bitdefender discovered a high-sophisticated Android spyware platform dubbed Mandrake, it was involved in highly targeted attacks against specific devices. Pierluigi Paganini.

Spyware

Spyware Malware Advertising Banking

XLoader, a $49 spyware that could target both Windows and macOS devices

Security Affairs

JULY 21, 2021

FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents. The malware was pulled from sale in 2017, but it continued to infect systems across the world. Pierluigi Paganini.

Spyware

Spyware Malware Cybercrime Advertising

Updated Android spyware GravityRAT steals WhatsApp Backups

Security Affairs

JUNE 16, 2023

An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico.

Backups

Backups Spyware Malware Accountability

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 1, 2023

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. Cybersecurity and Infrastructure Security Agency (CISA) has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Spyware

Spyware Surveillance Mobile Education

Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement

Security Affairs

DECEMBER 12, 2024

These documents suggest the existence of an iOS conversion of the spyware that has yet to be uncovered. The surveillance tool family has been active since 2017, the experts highlighted that it requires physical access to the target device to initiate operations. ” reads the report published by Lookout.

Surveillance

Surveillance Mobile Spyware Malware

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Security Affairs

APRIL 8, 2020

A new shocking revelation comes from the disputed from NSO Group and Facebook, NSO CEO claims Facebook tried to buy an Apple spying software in 2017. “According to a declaration from NSO CEO Shalev Hulio , two Facebook representatives approached NSO in October 2017 and asked to purchase the right to use certain capabilities of Pegasus.”

Surveillance

Surveillance Spyware Advertising Government

A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

Security Affairs

FEBRUARY 6, 2024

“According to the indictment, between 2011 and July 2017, Aliaksandr Klimenka, 42, allegedly controlled BTC-e, a digital currency exchange, with Alexander Vinnik and others.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, commercial spyware )

Cryptocurrency

Cryptocurrency Spyware Cybercrime Hacking

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. Kaspersky researchers revealed to have found MosaicRegressor components at several dozen entities between 2017 and 2019.

Firmware

Firmware Spyware Surveillance Hacking

GravityRAT malware also targets Android and macOS

Security Affairs

OCTOBER 19, 2020

Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. ” reads an analysis published by Cisco Talos that spotted the malware back in 2017 when it was used by an APT group targeting India.

Malware

Malware Computers and Electronics Spyware Advertising

Amnesty International filed a lawsuit against Israeli surveillance firm NSO

Security Affairs

MAY 20, 2019

Amnesty International filed a lawsuit against Israeli surveillance firm NSO and fears its staff may be targeted by the company with its Pegasus spyware. In July, Citizen Lab collected evidence of attacks against 175 targets worldwide carried on with the NSO spyware.

Surveillance

Surveillance Spyware Software Government

Al Jazeera detected and blocked disruptive cyberattacks

Security Affairs

JUNE 11, 2021

The attackers used an exploit chain named Kismet that was part of the arsenal of the controversial Pegasus spyware that is sold by the surveillance firm NSO Group. In June 2017, the Qatari news channel announced that all its systems were under a large-scale cyber attack.

Cyber Attacks

Cyber Attacks Media Hacking Spyware

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs

MARCH 8, 2020

The final payload is the FormBook information-stealing Trojan, a malware that was first spotted by researchers at FireEye in October 2017. FormBook data-stealing malware was used with cyber espionage purposes, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents.

Malware

Malware Scams Social Engineering Phishing

Security Affairs newsletter Round 261

Security Affairs

APRIL 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Advertising Spyware Antivirus

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

JANUARY 28, 2019

Worldwide spending on information security products and services rose to $114 billion in 2018, up from $102 billion in 2017, an increase of 12.4 Google and Apple have invested a lot into securing their respective app stores. Apps from other sources can carry malware or spyware.

Passwords

Passwords Password Management Internet Internet

PhantomLance, a four-year-long cyberespionage spying campaign

Security Affairs

APRIL 28, 2020

The PhantomLance malware implements classic spyware functionalities, it could exfiltrate user data, phone call logs, SMS messages, contacts, and GPS data. Android version, installed apps). . The malicious code is also able to deploy additional malicious payloads. . . Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Advertising Marketing Hacking

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs

JUNE 18, 2020

Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions in Eastern Europe. The attack chain begins with the deployment of a TCP downloader that fetches the next stage payload.

DNS

DNS Advertising Spyware Software

Gulf countries came under hackers’ spotlight in 2018, with more than 130 000 payment cards compromised

Security Affairs

APRIL 8, 2019

According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, the details of 1.8 Hence, the task of preventing information security incidents for critical information infrastructures should be addressed at the legislative level. Map of Middle-Eastern Countries.

Artificial Intelligence

Artificial Intelligence Government Banking Advertising

Experts discovered the first mobile malware families linked to Russia’s Gamaredon

Security Affairs

DECEMBER 12, 2024

The Russia-linked APT Gamaredon used two new Android spyware tools calledBoneSpyandPlainGnome against former Soviet states. net, consistent with Gamaredons techniques since 2017. Lookout researchers linked the BoneSpy and PlainGnome Android surveillance families to the Russian APT group Gamaredon (a.k.a.

Mobile

Mobile Malware Surveillance Social Engineering

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

Security Affairs

MAY 23, 2023

In the latest campaign uncovered by Kaspersky, the APT group, used a modular framework dubbed CloudWizard that supports spyware capabilities, including taking screenshots, microphone recording, harvesting Gmail inboxes, and keylogging. Since 2017, there have been no traces of Groundbait and BugDrop operations.

Malware

Malware Spyware Encryption Hacking

Security Affairs newsletter Round 221 – News of the week

Security Affairs

JULY 7, 2019

ViceLeaker Android spyware targets users in the Middle East. US Cyber Command warns of Iran-linked hackers exploiting CVE-2017-11774 Outlook flaw. Magento fixed security flaws that allow complete site takeover. Israeli blamed Russia for jamming at Israeli Ben Gurion airport. Cyber Defense Magazine – July 2019 has arrived.

Scams

Scams Advertising Spyware DNS

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

ForAllSecure

AUGUST 14, 2019

The ability to get information from clouds that are normally thought secure, notably Apple's iCloud, is new for Pegasus. Reports suggest that smishing is one possible attack vector for the spyware. Federal Trade Commission announced today that Equifax will pay $575 million in its settlement over the credit bureau's 2017 breach.

Energy and Utilities

Energy and Utilities Penetration Testing Government Software

Australian man charged with creating and selling the Imminent Monitor spyware

Security Affairs

AUGUST 1, 2022

An Australian national has been charged for the creation and sale of the Imminent Monitor (IM) spyware, which was also used for criminal purposes. The 24-year-old Australian national Jacob Wayne John Keen has been charged for his alleged role in the development and sale of spyware known as Imminent Monitor (IM). Pierluigi Paganini.

Spyware

Spyware Malware Hacking Cybercrime

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

ForAllSecure

AUGUST 14, 2019

The ability to get information from clouds that are normally thought secure, notably Apple's iCloud, is new for Pegasus. Reports suggest that smishing is one possible attack vector for the spyware. Federal Trade Commission announced today that Equifax will pay $575 million in its settlement over the credit bureau's 2017 breach.

Energy and Utilities

Energy and Utilities Penetration Testing Government Software

THE CYBERWIRE DAILY PODCAST EP. 389 WITH GUEST SPEAKER DAVID BRUMLEY

ForAllSecure

AUGUST 14, 2019

The ability to get information from clouds that are normally thought secure, notably Apple's iCloud, is new for Pegasus. Reports suggest that smishing is one possible attack vector for the spyware. Federal Trade Commission announced today that Equifax will pay $575 million in its settlement over the credit bureau's 2017 breach.

Energy and Utilities

Energy and Utilities Penetration Testing Government Software

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Last Watchdog

FEBRUARY 28, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Cyber threats

Cyber threats Computers and Electronics Adware Spyware

The Most Common Types of Malware in 2021

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware

Malware Computers and Electronics Adware Spyware

Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 28, 2024

Hackers may have accessed thousands of accounts on the California state welfare platform Brokewell Android malware supports an extensive set of Device Takeover capabilities Experts warn of an ongoing malware campaign targeting WP-Automatic plugin Cryptocurrencies and cybercrime: A critical intermingling Kaiser Permanente data breach may have impacted (..)

Cybercrime

Cybercrime Spyware Data breaches Antivirus

Cyber Security Informer

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Mandrake Android spyware found in five apps in Google Play with over 32,000 downloads since 2022

Trending Sources

APT C-23 group targets Middle East with an enhanced Android spyware variant

Earth Empusa targets minority group with Android ActionSpy spyware

CloudMensis spyware went undetected for many years

Donot Team targets a Togo prominent activist with Indian-made spyware

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Mandrake, a high sophisticated Android spyware used in targeted attacks

XLoader, a $49 spyware that could target both Windows and macOS devices

Updated Android spyware GravityRAT steals WhatsApp Backups

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

Second-ever UEFI rootkit used in North Korea-themed attacks

GravityRAT malware also targets Android and macOS

Amnesty International filed a lawsuit against Israeli surveillance firm NSO

Al Jazeera detected and blocked disruptive cyberattacks

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs newsletter Round 261

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

PhantomLance, a four-year-long cyberespionage spying campaign

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Gulf countries came under hackers’ spotlight in 2018, with more than 130 000 payment cards compromised

Experts discovered the first mobile malware families linked to Russia’s Gamaredon

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

Security Affairs newsletter Round 221 – News of the week

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

Australian man charged with creating and selling the Imminent Monitor spyware

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

THE CYBERWIRE DAILY PODCAST EP. 389 WITH GUEST SPEAKER DAVID BRUMLEY

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Most Common Types of Malware in 2021

Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

Stay Connected