Security Affairs

NOVEMBER 11, 2022

Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. The threat actors behind the campaigns used two Android spyware to spy on the victims and steal sensitive information. List of installed packages. ” concludes the report. Pierluigi Paganini.

Surveillance 94

Surveillance Spyware Malware Mobile 94

Security Affairs

OCTOBER 11, 2021

A Togolese human rights advocate was hit by mobile spyware that has been allegedly developed by an Indian firm called Innefu Labs. Experts believe the attackers used a spyware developed by an Indian company called Innefu Labs. In the past, the Donot Team spyware was found in attacks outside of South Asia. Pierluigi Paganini.

Spyware 88

Spyware Surveillance Accountability Mobile 88

Security Affairs

JUNE 17, 2022

Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country.

Spyware 82

Spyware Surveillance Telecommunications Mobile 82

Security Affairs

JULY 11, 2019

Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices. Experts at Kaspersky have discovered a new improved variant of the FinFisher spyware used to spy on both iOS and Android users in 20 countries. Pierluigi Paganini.

Spyware 103

Spyware Mobile Advertising Architecture 103

Security Affairs

JUNE 24, 2022

Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. CVE-2019-8605 internally referred to as SockPort2 and publicly known as SockPuppet CVE-2020-3837 internally referred to and publicly known as TimeWaste. Pierluigi Paganini.

Surveillance 114

Surveillance Mobile Spyware Telecommunications 114

Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. The binaries are obfuscated and do some checks to detect if the spyware is running in a Virtual Machine. ” reads the Amnesty’s report.

Spyware 138

Spyware Surveillance Mobile Advertising 138

Security Affairs

APRIL 13, 2022

One of the officials targeted with the infamous spyware there is Didier Reynders, a senior Belgian statesman who has served as the European Justice Commissioner since 2019. ” Security researchers said that Apple sent the warnings to its users targeted between February and September 2021. ” concludes the report.

Surveillance 96

Surveillance Software Spyware Hacking 96

Security Affairs

FEBRUARY 6, 2022

One of the vulnerabilities in Apple iOS that was previously exploited by the spyware developed by the Israeli company NSO Group was also separately used by another surveillance firm named QuaDream. Apple addressed the flaw used by the ForcedEntry exploit in September 2021, rendering both NSO and QuaDream’s spyware ineffective.

Surveillance 97

Surveillance Spyware Government Hacking 97

Security Affairs

OCTOBER 14, 2020

The authorities started the investigation last year after the German blog Netzpolitik and some advocacy groups (Reporters Without Borders, Society for Freedom Rights, and the European Center for Constitutional and Human Rights), filed a complaint with Munich prosecutors in the summer of 2019.

Surveillance 112

Surveillance Spyware Software Advertising 112

Security Affairs

AUGUST 30, 2019

Threat actors used at least five unique iPhone exploit chains that allowed them to remotely jailbreak a device and deliver spyware. Project Zero Team Lead Ben Hawkes revealed that both CVE-2019-7286 and CVE-2019-7287 have been exploited in the wild. — Ben Hawkes (@benhawkes) February 7, 2019. on 7 Feb 2019.

Spyware 92

Spyware Hacking Advertising Encryption 92

Security Affairs

MARCH 7, 2021

In the last years, security experts documented multiple hacking and disinformation campaigns, attributed to Russia-linked APT groups, that targeted Lithuania, Estonia , and Latvia. The head of cyber security Rimtautas Cerniauskas confirmed the discovery of at least three Russian spyware on government computers since 2015.

Spyware 126

Spyware Cyber Attacks Government Hacking 126

Security Affairs

DECEMBER 21, 2020

The attackers used an exploit chain named Kismet that was part of the arsenal of the controversial Pegasus spyware that is sold by the surveillance firm NSO Group. ” The KISMET exploit chain doesn’t work against iOS 14 and above because the new mobile iOS implements additional security protections.

Hacking 130

Hacking Surveillance Spyware Government 130

Security Affairs

APRIL 8, 2020

In October 2019, WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. In May, Facebook has patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device.

Surveillance 101

Surveillance Spyware Advertising Government 101

Security Affairs

SEPTEMBER 18, 2020

Every third email, meanwhile, contained spyware , which is used by threat actors to steal payment data or other sensitive info to then put it on sale in the darknet or blackmail its owner. Another 17 percent contained downloaders, while backdoors and banking Trojans came third with a 16- and 15-percent shares, respectively.

Phishing 104

Phishing Ransomware Spyware Banking 104

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. Kaspersky researchers revealed to have found MosaicRegressor components at several dozen entities between 2017 and 2019.

Firmware 132

Firmware Spyware Surveillance Hacking 132

Security Affairs

APRIL 8, 2023

The CVE-2023-26083 flaw in the Arm Mali GPU driver is chained with other issues to install commercial spyware, as reported by Google’s Threat Analysis Group (TAG) in a recent report. Mandiant researchers first observed this affiliate targeting Veritas issues in the wild on October 22, 2022.

Backups 86

Backups Spyware Ransomware Education 86

Security Affairs

SEPTEMBER 24, 2023

In 2016, researchers from the non-profit organization CitizenLab published a report that describes a campaign of targeted spyware attacks carried out by the Stealth Falcon. The attacks have been conducted from 2012 until 2106, against Emirati journalists, activists, and dissidents.

Spyware 119

Spyware Malware Architecture Encryption 119

Security Affairs

OCTOBER 19, 2020

Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. The malware researchers found the new Android GravityRAT sample in 2019, on VirusTotal. Crooks also started using digital signatures to make the apps look more legitimate.

Malware 115

Malware Computers and Electronics Spyware Advertising 115

Security Affairs

APRIL 11, 2021

The fight to the Joker malware (aka Bread) begun in September 2019 when security experts at Google removed from the official Play Store 24 apps because they were infected with a new spyware tracked as “ the Joker. ”. Experts from antivirus firm Doctor Web discovered ten apps in AppGallery that were containing the malicious code.

Malware 140

Malware Spyware Mobile Antivirus 140

Security Affairs

JUNE 22, 2023

Recently, Kaspersky researchers dug into Operation Triangulation and discovered more details about the exploit chain employed to deliver the spyware to iOS devices. According to Kaspersky researchers, Operation Triangulation began at least in 2019 and is still ongoing. The message has an attachment containing an exploit.

Spyware 89

Spyware Mobile Hacking Information Security 89

Security Affairs

JULY 16, 2021

The spyware is able to steal SMS messages, contact lists, and device information and to sign victims up for premium service subscriptions. Since 2019 experts found many Joker apps on Google Play store, in September 2019 security experts at Google removed from the store 24 apps.

Malware 139

Malware Mobile Spyware Encryption 139

Security Affairs

DECEMBER 30, 2019

In 2019 we discussed several times about the abuse of surveillance software, in October WhatsApp sued Israeli surveillance firm NSO Group, accusing it of using a flaw in its messaging service to conduct cyberespionage on journalists and activists. “There is no consensus among member states on the need or value of drafting a new treaty.

Cybercrime 63

Cybercrime Surveillance Spyware Government 63

Security Affairs

NOVEMBER 17, 2019

Microsoft Patch Tuesday updates fix CVE-2019-1429 flaw exploited in the wild. CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking. WhatsApp flaw CVE-2019-11931 could be exploited to install spyware. New TSX Speculative Attack allows stealing sensitive data from latest Intel CPUs.

DDOS 50

DDOS Spyware Advertising Ransomware 50

Security Affairs

NOVEMBER 8, 2019

pic.twitter.com/VdiKoqAwkr — Kevin Beaumont (@GossiTheDog) November 2, 2019. The vulnerability , tracked as CVE-2019-0708, impacts the Windows Remote Desktop Services (RDS) and was addressed by Microsoft with May 2019 Patch Tuesday updates. huh, the EternalPot RDP honeypots have all started BSOD'ing recently.

Penetration Testing 69

Penetration Testing Malware Advertising Spyware 69

Security Affairs

JULY 13, 2019

Adobe Patch Tuesday updates for July 2019 address only 5 minor flaws. Microsoft released Patch Tuesday security updates for July 2019. New FinFisher spyware used to spy on iOS and Android users in 20 countries. CVE-2019-1132 Windows Zero-Day exploited by Buhtrap Group in government attack.

Data breaches 50

Data breaches Spyware Advertising Government 50

Security Affairs

APRIL 28, 2020

In 2019, researchers from Dr. Web discovered a backdoor trojan in Google Play, which appeared different from other threats due to its level of sophistication for this reason Kaspersky investigated it. . “One of the latest samples was published on the official Android market on November 6, 2019.

Malware 108

Malware Advertising Spyware Marketing 108

Security Affairs

SEPTEMBER 15, 2019

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Experts found Joker Spyware in 24 apps in the Google Play store. Adobe September 2019 Patch Tuesday updates fix 2 code execution flaws in Flash Player.

Spyware 54

Spyware Advertising Hacking IoT 54

Security Affairs

OCTOBER 13, 2019

MS October 2019 Patch Tuesday updates address 59 flaws. Users reported problems with patches for CVE-2019-1367 IE zero-day. Amnesty claims that 2 Morocco rights advocates were targeted by NSO Group spyware. SAP October 2019 Security Patch Day fixes 2 critical flaws.

VPN 53

VPN Spyware Data breaches Advertising 53

Security Affairs

JUNE 18, 2020

Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions in Eastern Europe. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

DNS 82

DNS Advertising Spyware Software 82

Security Affairs

FEBRUARY 14, 2021

COMB breach: 3.2B COMB breach: 3.2B

Spyware 94

Spyware Phishing Data breaches Surveillance 94

Security Affairs

JULY 16, 2020

The source code of the Xerxes malware was leaked online around May 2019. The BlackRock malware borrows the code from the Xerxes banking malware, which is a strain of the popular LokiBot Android trojan. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 90

Malware Banking Mobile Spyware 90

Security Boulevard

MAY 3, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, April 2021. The UK Security Service MI5 said 10,000 staff from every UK government department and from important UK industries have been lured by fake LinkedIn profiles.

Ransomware 124

Ransomware Passwords Scams Government 124

Security Affairs

SEPTEMBER 12, 2019

“The main Simjacker attack involves an SMS containing a specific type of spyware-like code being sent to a mobile phone, which then instructs the SIM Card within the phone to ‘take over’ the mobile phone to retrieve and perform sensitive commands.” ” continues the post. ” states the post.

Hacking 109

Hacking Mobile Spyware Manufacturing 109

Security Affairs

JULY 18, 2019

Based on compilation times, infrastructure, and public distribution of samples – we assess the campaign operated from the second half of 2018 into today (July 2019).” ” The new malware samples analyzed in July 2019 appear to have been rebuild by the group in response to public reporting on the group’s activities.

Malware 59

Malware Software Spyware Advertising 59

Security Affairs

OCTOBER 27, 2019

Swedish Government grants police the use of spyware against violent crime suspects. CVE-2019-11043 exposes Web servers using nginx and PHP-FPM to hack. Exploring the CPDoS attack on CDNs: Cache Poisoned Denial of Service. Robots at HIS Group are vulnerable to hack. FBI and DHS CISA issue alerts on e-skimming attacks.

Spyware 42

Spyware Advertising Hacking DDOS 42

Security Affairs

APRIL 25, 2020

Facebook advocates have challenged a plea from spyware maker NSO Group to dismiss the legal dispute over the hacking accusations, arguing it has immunity from prosecution. Now both companies are providing technical details requested by the cyber-security experts. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware 103

Spyware Surveillance Advertising Mobile 103

Security Affairs

AUGUST 1, 2022

An Australian national has been charged for the creation and sale of the Imminent Monitor (IM) spyware, which was also used for criminal purposes. The 24-year-old Australian national Jacob Wayne John Keen has been charged for his alleged role in the development and sale of spyware known as Imminent Monitor (IM). Pierluigi Paganini.

Spyware 106

Spyware Malware Cybercrime Hacking 106