2017, Spyware and Surveillance - Cyber Security Informer

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 1, 2023

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. The exploits were used to install commercial spyware and malicious apps on targets’ devices. The threat actors behind the attacks used both zero-day and n-day exploits in their exploits.

Spyware

Spyware Surveillance Mobile Education

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Upon installing the two spyware, they request extensive device permissions.

Spyware

Spyware Surveillance Mobile Malware

Donot Team targets a Togo prominent activist with Indian-made spyware

Security Affairs

OCTOBER 11, 2021

A Togolese human rights advocate was hit by mobile spyware that has been allegedly developed by an Indian firm called Innefu Labs. Experts believe the attackers used a spyware developed by an Indian company called Innefu Labs. In the past, the Donot Team spyware was found in attacks outside of South Asia.

Spyware

Spyware Surveillance Accountability Mobile

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Security Affairs

APRIL 8, 2020

A new shocking revelation comes from the disputed from NSO Group and Facebook, NSO CEO claims Facebook tried to buy an Apple spying software in 2017. In October 2019, WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users.

Surveillance

Surveillance Spyware Advertising Government

NSO Group of Pegasus Spyware wanted to access global signaling network

CyberSecurity Insiders

FEBRUARY 1, 2022

The whistle-blower who is yet to be questioned by the USS Department of Justice admitted on Thursday last week, that NSO had been dreaming of business expansion plans since 2017 and so was in a mindset to achieve its goal in malign ways.

Spyware

Spyware Surveillance Mobile Cybersecurity

APT C-23 group targets Middle East with an enhanced Android spyware variant

Security Affairs

NOVEMBER 26, 2021

A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e.

Spyware

Spyware Social Engineering Surveillance Engineering

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. “Through our investigation we were able to confirm that his phone was targeted and put under surveillance during the same period he was prosecuted.”

Spyware

Spyware Surveillance Mobile Advertising

Amnesty International filed a lawsuit against Israeli surveillance firm NSO

Security Affairs

MAY 20, 2019

Amnesty International filed a lawsuit against Israeli surveillance firm NSO and fears its staff may be targeted by the company with its Pegasus spyware. The name NSO Group made the headlines last week after the disclosure of the WhatsApp flaw exploited by the company to remotely install its surveillance software.

Surveillance

Surveillance Spyware Software Government

Amnesty claims that 2 Morocco rights advocates were targeted by NSO Group spyware

Security Affairs

OCTOBER 10, 2019

NSO Group ‘s surveillance spyware made the headlines again, this time the malware was used to spy on 2 rights activists in Morocco according Amnesty International. The organization calls on the Israeli ministry of defence to ban the export of the Pegasus surveillance software developed by NSO Group.

Spyware

Spyware Surveillance Advertising Malware

US authorities track MuddyWater Hacking Group to Iran

CyberSecurity Insiders

JANUARY 13, 2022

Supporting the above stated discovery is the latest press statement released by security firm Mandiant that suggests that it has been tracking Seedworm aka MuddyWater since May 2017 and it is into activities such as digital espionage, cyber attacks, Ddos and ransomware spread.

Hacking

Hacking Spyware DNS Surveillance

Exodus, a government malware that infected innocent victims

Security Affairs

MARCH 30, 2019

Security researchers have found a new government spyware, tracked as Exodus, that was distributed through the Google Play Store. According to Motherboard, the Android surveillance malware on the Google Play store that was sold to the Italian government by a company that sells surveillance cameras.

Government

Government Malware Spyware Surveillance

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. In 2015, the hacker who breached the systems of the Italian surveillance firm Hacking Team leaked a 400GB package containing hacking tools and exploits codes.

Firmware

Firmware Spyware Surveillance Hacking

Al Jazeera detected and blocked disruptive cyberattacks

Security Affairs

JUNE 11, 2021

The attackers used an exploit chain named Kismet that was part of the arsenal of the controversial Pegasus spyware that is sold by the surveillance firm NSO Group. In June 2017, the Qatari news channel announced that all its systems were under a large-scale cyber attack.

Cyber Attacks

Cyber Attacks Media Spyware Hacking

NSO Group Placed on U.S. Blacklist

SecureWorld News

NOVEMBER 4, 2021

The infamous Israel-based NSO Group, known for its hacking spyware Pegasus, was placed on the United States Government's Entity List for engaging in malicious cyber activities, along with three other foreign companies, Candiru, Computer Security Initiative Consultancy PTE (COSEINC), and Positive Technologies.

Spyware

Spyware Government Malware Mobile

Security Affairs newsletter Round 221 – News of the week

Security Affairs

JULY 7, 2019

ViceLeaker Android spyware targets users in the Middle East. China installs a surveillance app on tourists phones while crossing in the Xinjiang. US Cyber Command warns of Iran-linked hackers exploiting CVE-2017-11774 Outlook flaw. Israeli blamed Russia for jamming at Israeli Ben Gurion airport. Bangladesh Cyber Heist 2.0:

Scams

Scams Spyware DNS Advertising

Advanced threat predictions for 2022

SecureList

NOVEMBER 17, 2021

The Israeli Defense Forces (IDF) have claimed that threat actors have been using catfishing to lure Israeli soldiers into installing spyware. On September 24, the EU issued a statement regarding a disinformation campaign called “Ghostwriter”, ongoing since March 2017, intended to discredit NATO.

Mobile

Mobile Surveillance Ransomware Government

It is time to re-evaluate Cyber-defence solutions

Security Affairs

JANUARY 10, 2021

Despite this, two of their former employees implanted malicious code into their systems that had the ability to capture every keystroke typed on their systems for two years, between 2015 until 2017, but was only reported upon and made public in December 2020. 4securitas.com ).

Cyber Attacks

Cyber Attacks Government Surveillance Software

APT trends report Q3 2021

SecureList

OCTOBER 26, 2021

ShadowPad is a highly sophisticated, modular cyberattack platform that APT groups have used since 2017. On June 3, Check Point published a report about an ongoing surveillance operation targeting a Southeast Asian government, and attributed the malicious activities to a Chinese-speaking threat actor named SharpPanda.

Malware

Malware Government Surveillance Spyware

APT trends report Q1 2021

SecureList

APRIL 27, 2021

Further investigation of the Sunburst backdoor revealed several features that overlap with a previously identified backdoor known as Kazuar , a.NET backdoor first reported in 2017 and tentatively linked to the Turla APT group. webshells and Exaramel implants. Domestic Kitten is a threat group mainly known for its mobile backdoors.

Malware

Malware Spyware Government Social Engineering

Cyber Security Informer

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Webinars

Trending Sources

Donot Team targets a Togo prominent activist with Indian-made spyware

Webinars

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

NSO Group of Pegasus Spyware wanted to access global signaling network

APT C-23 group targets Middle East with an enhanced Android spyware variant

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Amnesty International filed a lawsuit against Israeli surveillance firm NSO

Amnesty claims that 2 Morocco rights advocates were targeted by NSO Group spyware

US authorities track MuddyWater Hacking Group to Iran

Exodus, a government malware that infected innocent victims

Second-ever UEFI rootkit used in North Korea-themed attacks

Al Jazeera detected and blocked disruptive cyberattacks

NSO Group Placed on U.S. Blacklist

Security Affairs newsletter Round 221 – News of the week

Advanced threat predictions for 2022

It is time to re-evaluate Cyber-defence solutions

APT trends report Q3 2021

APT trends report Q1 2021

Stay Connected