Security Affairs

NOVEMBER 11, 2022

Lookout researchers discovered two long-running surveillance campaigns targeting the ethnic minority Uyghurs. Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. List of installed packages. Call logs and geocoded location associated with the call.

Surveillance 98

Surveillance Spyware Malware Mobile 98

SecureList

NOVEMBER 29, 2021

The victim was infected by PowerShell malware and we discovered evidence that the actor had already stolen data from the victim and had been surveilling this victim for several months. After a conversation on social media, the actor sent a spear-phishing email to the potential victim using a stolen email account. Android Chinotto.

Surveillance 144

Surveillance Malware Phishing Encryption 144

Security Affairs

OCTOBER 30, 2019

WhatsApp sued Israeli surveillance firm NSO Group, accusing it of using a flaw in its messaging service to conduct cyberespionage on journalists and activists. WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. link] — Will Cathcart (@wcathcart) October 29, 2019.

Surveillance 75

Surveillance Technology Spyware Mobile 75

Security Affairs

JANUARY 7, 2020

Security experts have found a malicious app in the Google Play that exploits the recently patched CVE-2019-2215 zero-day vulnerability. Earlier October, Google Project Zero researchers Maddie Stone publicly disclosed a zero-day vulnerability , tracked as CVE-2019-2215 , in Android. ” reads a blog post published by Stone.

Surveillance 98

Surveillance Advertising Marketing Encryption 98

Malwarebytes

FEBRUARY 22, 2022

Bosch, known more for its line of refrigerators, ovens, and dishwashers, also develops and sells an entire suite of surveillance cameras. The Intercept also reported that the operating system used on modern Bosch surveillance cameras could potentially be out of date. It shouldn’t. This is not innovation.

Surveillance 100

Surveillance Artificial Intelligence Technology Internet 100

Security Affairs

MARCH 23, 2020

Experts observed multiple botnets exploiting zero-day vulnerabilities in DVRs for surveillance systems manufactured by Taiwan-based LILIN. Botnet operators are exploiting several zero-day vulnerabilities in digital video recorders (DVRs) for surveillance systems manufactured by Taiwan-based LILIN-.

Firmware 139

Firmware Surveillance Manufacturing Advertising 139

Security Boulevard

MARCH 6, 2024

Court orders that were issued in 2019 to Apple and Google demanded that the companies hand over information on accounts identified by push tokens linked to alleged supporters of the Islamic State terrorist group. The post Surveillance through Push Notifications appeared first on Security Boulevard. Ron Wyden (D-Ore.),

Surveillance 59

Surveillance Accountability 59

Krebs on Security

JULY 27, 2020

In 2019, Dun & Bradstreet saw more than a 100 percent increase in business identity theft. That surveillance has helped to paint a detailed picture of how business ID thieves operate, as well as the tricks they use to gain credit in a company’s name. For 2020, the company estimates an overall 258 percent spike in the crime.

Identity Theft 363

Identity Theft Small Business Energy and Utilities Computers and Electronics 363

Security Affairs

JUNE 2, 2019

The popular privacy-focused email service ProtonMail has been accused of offering voluntarily real-time surveillance assistance to law enforcement. The popular privacy-focused email service ProtonMail made the headlines because it has been accused of supporting real-time surveillance carried out by law enforcement. Pierluigi Paganini.

Government 111

Government Surveillance Telecommunications Advertising 111

Security Affairs

OCTOBER 11, 2021

The attacks on the Togolese activists started in December 2019 and lasted two months. Their devices were targeted between December 2019 and January 2020, during a tense political climate ahead of the 2020 Togolese presidential election.” ” reads the post published by Amnesty.

Spyware 103

Spyware Surveillance Accountability Mobile 103

Schneier on Security

MAY 3, 2019

Pervasive surveillance capitalism­ -- as practiced by the Internet companies that are already spying on everyone -- ­matters. Technology now permeates society in a way it didn't just a couple of decades ago, and governments move too slowly to take this into account. So does society's underlying security needs.

Cybersecurity 273

Cybersecurity Technology Government Internet 273

Security Affairs

JANUARY 7, 2024

Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns. “The stolen information is likely to be exploited for surveillance or intelligence gathering on specific groups and or individuals.” Create and enforce a password policy with adequate complexity requirements for specific accounts.

Accountability 141

Accountability Media Telecommunications Government 141

Security Affairs

MARCH 21, 2021

Hackers also posted images captured from the hacked surveillance video on Twitter with an #OperationPanopticon hashtag, published images show that they have gained root shell access to the surveillance cameras used by Telsa and Cloudflare. ” reads the press release published by DoJ.

Identity Theft 108

Identity Theft Computers and Electronics Surveillance Hacking 108

Krebs on Security

FEBRUARY 18, 2019

On January 9, 2019, security vendor FireEye released its report , “Global DNS Hijacking Campaign: DNS Record Manipulation at Scale,” which went into far greater technical detail about the “how” of the espionage campaign, but contained few additional details about its victims. That changed on Jan. Contacted on Feb.

DNS 279

DNS Internet Internet Government 279

Security Affairs

SEPTEMBER 11, 2022

The campaigns have been conducted since 2015 and are aimed at conducting information collection and surveillance operations against individuals and organizations of strategic interest to Teheran. ” The surveillance operations conducted by the APT group involved the distribution of Android malware such as VINETHORN and PINEFLOWER.

Surveillance 100

Surveillance Social Engineering Phishing Government 100

Security Affairs

DECEMBER 29, 2019

CVE-2019-19781 Citrix flaw exposes 80,000 companies at risk. A flaw in Twitter App for Android could have been exploited to take over the account. NVIDIA patches CVE-2019-5702 high-severity flaw in GeForce Experience. Thai Officials confirmed the hack of prison surveillance cameras and the video broadcast.

Cyber Attacks 86

Cyber Attacks Surveillance Advertising Ransomware 86

Security Affairs

JULY 21, 2019

SAP Patch Day – July 2019 addresses a critical flaw in Diagnostics Agent. A flaw could have allowed hackers to take over any Instagram account in 10 minutes. Sprint revealed that hackers compromised some customer accounts via Samsung site. CVE-2019-6342 flaw allows hackers to fully compromise Drupal 8.7.4

Small Business 90

Small Business Media Spyware DNS 90

Security Affairs

APRIL 4, 2020

The malware made lateral movements by stealing admin account credentials, and in just eight days after the initial infection, the Fabrikam’s entire network was shut down. The incident also affected the surveillance camera network of the company along with the finance department.

Antivirus 144

Antivirus Malware Phishing Advertising 144

Security Affairs

AUGUST 4, 2019

Jessica Alba ‘s Twitter account hacked, it posted racist and homophobic messages. Over 23 million stolen payment card data traded on the Dark Web in H1 2019. Android devices could be hacked by playing a video due to CVE-2019-2107 flaw. million fine for selling flawed surveillance technology to the US Gov. Cisco to pay $8.6

Data breaches 96

Data breaches eCommerce Hacking Cyber Attacks 96

Security Affairs

DECEMBER 4, 2022

” Privacy advocates are raising the alarm on surveillance activities operated by law enforcement by collecting data from connected systems in modern cars. “New cars are surveillance on wheels, sending sensitive passenger data to carmakers and police.

Surveillance 111

Surveillance Technology Hacking Mobile 111

The Last Watchdog

MARCH 13, 2019

Another tech industry consultancy, IDC, forecasts worldwide IoT spending will hit a record $745 billion in 2019 , some 15.4% Mirai and Reaper are examples of a new generation of IoT botnets comprised of millions of infected home routers and surveillance cams. more than the $646 billion spent in 2018.

Internet 189

Internet Internet IoT Energy and Utilities 189

Duo's Security Blog

JULY 1, 2021

By enforcing local authentication via PIN, we effectively force remote attackers to “walk” to each account they want to hack. While headlines like to broadcast doom and gloom for biometrics, such as the 2019 BlackHat USA demonstration against Face ID , the truth is these biometrics are really quite secure.

Passwords 98

Passwords Surveillance Authentication Risk 98

SecureWorld News

JULY 18, 2022

after its 2019 elections—its first elections since a military coup in 2014—failed to restore parliamentary democracy and returned the coup leaders to power. The current Thai government was not exactly thrilled by this and responded with a wave of arrests and increased surveillance dramatically. Pegasus spyware in Thailand.

Spyware 98

Spyware Surveillance Government Hacking 98

Security Affairs

MAY 26, 2019

Amnesty International filed a lawsuit against Israeli surveillance firm NSO. Linux kernel privilege escalation flaw CVE-2019-11815 affects RDS. PoC Exploits for CVE-2019-0708 wormable Windows flaw released online. billion accounts in Q1 2019. Chronicle experts spotted a Linux variant of the Winnti backdoor.

Advertising 87

Advertising Surveillance Ransomware Passwords 87

Security Affairs

SEPTEMBER 3, 2022

users China-linked APT40 used ScanBox Framework in a long-running espionage campaign Russian streaming platform Start discloses a data breach impacting 7.5M users China-linked APT40 used ScanBox Framework in a long-running espionage campaign Russian streaming platform Start discloses a data breach impacting 7.5M

Data breaches 97

Data breaches Malware Surveillance Ransomware 97

Security Affairs

MARCH 10, 2019

pic.twitter.com/OgzUehZ1Bi — Ran L (@ranlocar) March 4, 2019. The unprotected MongoDB install was discovered by security experts Ran Locar and Noam Rotem , the database contained cell phone numbers, App registration data (full name, email, Viber account, gender, etc.),

Passwords 110

Passwords Advertising Surveillance Encryption 110

Malwarebytes

JANUARY 11, 2023

If you recall, WhatsApp filed a lawsuit against NSO in 2019 under the Computer Fraud and Abuse Act for allegedly targeting and installing spyware on roughly 1,400 devices of its global users, including human rights activists, journalists, and government officials. The court didn't explain why it refused to hear the NSO's appeal.

Spyware 98

Spyware Surveillance Government Internet 98

SecureList

FEBRUARY 26, 2021

The Coalition Against Stalkerware warns that stalkerware “may facilitate intimate partner surveillance, harassment, abuse, stalking, and/or violence.” In 2019, we created a special alert that notifies users if stalkerware is installed on their phones.

Mobile 132

Mobile Surveillance Software Technology 132

Security Affairs

NOVEMBER 29, 2019

Group-IB, has analyzed key recent changes to the global cyberthreat landscape in the “Hi-Tech Crime Trends 2019/2020” report. According to Group-IB’s experts, the most frustrating trend of 2019 was the use of cyberweapons in military operations. As for 2019, it has become the year of covert military operations in cyberspace.

Banking 125

Banking Telecommunications Marketing Internet 125

Hot for Security

APRIL 5, 2021

Internet-connected smart devices, like surveillance cams, smart light bulbs, smart locks and doorbells and baby monitors, are notoriously fraught with vulnerabilities, posing grave security risks. Devices with proprietary operating systems account for 34% of what consumers own and 96% of all detected vulnerabilities.

Cybercrime 116

Cybercrime Ransomware Cyber threats Malware 116

Security Affairs

SEPTEMBER 1, 2019

Bad Packets warns of over 14,500 Pulse secure VPN endpoints vulnerable to CVE-2019-11510. Apple released an emergency patch to address CVE-2019-8605 iOS flaw. White hat hacker demonstrated how to hack a million Instagram accounts. Expert found Russias SORM surveillance equipment leaking user data.

eCommerce 75

eCommerce Data breaches Malware Advertising 75

Security Affairs

JULY 19, 2019

prosecutors believe was Martin used an anonymous Twitter account with the name ‘HAL999999999’ to send five cryptic, private messages to two researchers at the Moscow-based security firm,” Politico reports. In March 2019 , the man signed a guilty plea , even if the connection with the Shadow Brokers was ever proven.

Government 111

Government Advertising Surveillance Data breaches 111

The Last Watchdog

OCTOBER 3, 2019

We met at Black Hat 2019. Instead of encrypting the hard drives of individual victims, and demanding payments of a few hundred dollars, a skilled team collaborated to break into an organization’s network; surveil the network layout; and then embed the malware. Sophos Senior Security Advisor John Shier broke it down for me.

Encryption 147

Encryption Malware Ransomware Cyber Attacks 147

Malwarebytes

JANUARY 26, 2022

The deception, they say, happened between 2014 and 2019. The article also mentions that using Google Search on a phone’s browser, something that shouldn’t really rely on a user’s location data, can accurately pinpoint one’s precise latitude and longitude and save it to their Google account.

Accountability 100

Accountability Surveillance Advertising Mobile 100

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status Vicarius Vulnerability management 2022 Private Dragos ICS and OT security 2021 Private Safeguard Cyber Risk management 2021 Private CyberGRX Risk management 2019 Private Signifyd Fraud protection 2018 Private RedOwl Security analytics 2015 Acquired: Forcepoint. Accel Investments. Andreessen Horowitz (a16z).

Cybersecurity 128

Cybersecurity Technology Marketing Healthcare 128

Security Affairs

NOVEMBER 3, 2019

Network Solutions data breach – hacker accessed data of more 22 Million accounts. WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies. CVE-2019-13720 flaw in Chrome exploited in Operation WizardOpium attacks. Thousands of Xiaomi FURRYTAIL pet feeders exposed to hack.

Data breaches 68

Data breaches Cyber Attacks Telecommunications Advertising 68

The Last Watchdog

APRIL 17, 2019

For a full drill down on our most recent conversation, at RSA 2019 , give a listen to the accompanying podcast. Hudson : The Government Accountability Office examined the Equifax breach. Thus, the monitoring, management and protection of machine identities must be ongoing and automated, he argued.

Marketing 133

Marketing Digital transformation CSO Internet 133