SecureList

NOVEMBER 17, 2021

The Israeli Defense Forces (IDF) have claimed that threat actors have been using catfishing to lure Israeli soldiers into installing spyware. On September 24, the EU issued a statement regarding a disinformation campaign called “Ghostwriter”, ongoing since March 2017, intended to discredit NATO.

Mobile 128

Mobile Surveillance Ransomware Government 128

Security Affairs

OCTOBER 10, 2019

NSO Group ‘s surveillance spyware made the headlines again, this time the malware was used to spy on 2 rights activists in Morocco according Amnesty International. The organization calls on the Israeli ministry of defence to ban the export of the Pegasus surveillance software developed by NSO Group.

Spyware 58

Spyware Surveillance Advertising Malware 58

Security Affairs

MAY 20, 2019

Amnesty International filed a lawsuit against Israeli surveillance firm NSO and fears its staff may be targeted by the company with its Pegasus spyware. The name NSO Group made the headlines last week after the disclosure of the WhatsApp flaw exploited by the company to remotely install its surveillance software.

Surveillance 77

Surveillance Spyware Software Government 77

CyberSecurity Insiders

FEBRUARY 1, 2022

The whistle-blower who is yet to be questioned by the USS Department of Justice admitted on Thursday last week, that NSO had been dreaming of business expansion plans since 2017 and so was in a mindset to achieve its goal in malign ways.

Spyware 105

Spyware Surveillance Mobile Cybersecurity 105

CyberSecurity Insiders

JANUARY 13, 2022

Supporting the above stated discovery is the latest press statement released by security firm Mandiant that suggests that it has been tracking Seedworm aka MuddyWater since May 2017 and it is into activities such as digital espionage, cyber attacks, Ddos and ransomware spread.

Hacking 110

Hacking Spyware DNS Surveillance 110

SecureList

APRIL 27, 2021

In our initial report on Sunburst , we examined the method used by the malware to communicate with its C2 (command-and-control) server and the protocol used to upgrade victims for further exploitation. This campaign made use of a previously unknown malware family we dubbed FourteenHi. webshells and Exaramel implants.

Malware 138

Malware Spyware Government Social Engineering 138

Security Affairs

JANUARY 10, 2021

Despite this, two of their former employees implanted malicious code into their systems that had the ability to capture every keystroke typed on their systems for two years, between 2015 until 2017, but was only reported upon and made public in December 2020. For more information on this breach, see SolarWinds Cyber Attack.

Cyber Attacks 90

Cyber Attacks Government Surveillance Software 90

Security Affairs

JULY 7, 2019

ViceLeaker Android spyware targets users in the Middle East. China installs a surveillance app on tourists phones while crossing in the Xinjiang. US Cyber Command warns of Iran-linked hackers exploiting CVE-2017-11774 Outlook flaw. Cryptomining Campaign involves Golang malware to target Linux servers.

Scams 48

Scams Spyware DNS Advertising 48

SecureList

OCTOBER 26, 2021

Following this, they were tricked into downloading previously unknown malware. The backdoor, dubbed Tomiris, bears a number of similarities to the second-stage malware, Sunshuttle (aka GoldMax), used by DarkHalo last year. ShadowPad is a highly sophisticated, modular cyberattack platform that APT groups have used since 2017.

Malware 140

Malware Government Surveillance Spyware 140

SecureWorld News

NOVEMBER 4, 2021

The infamous Israel-based NSO Group, known for its hacking spyware Pegasus, was placed on the United States Government's Entity List for engaging in malicious cyber activities, along with three other foreign companies, Candiru, Computer Security Initiative Consultancy PTE (COSEINC), and Positive Technologies.

Spyware 77

Spyware Government Malware Mobile 77