Security Affairs

JUNE 24, 2022

Researchers from Google’s Threat Analysis Group (TAG) revealed that the Italian surveillance firm RCS Labs was helped by some Internet service providers (ISPs) in Italy and Kazakhstan to infect Android and iOS users with their spyware. CVE-2020-9907 internally referred to as AveCesare. SecurityAffairs – hacking, RCS Labs).

Surveillance 137

Surveillance Mobile Spyware Telecommunications 137

Security Affairs

SEPTEMBER 16, 2024

The IT giant fears that the disclosures of its threat intelligence related to commercial spyware operations could aid NSO and other surveillance firms. ” The officials requested an Israeli court to keep this action secret, even from parties involved in Meta’s ongoing WhatsApp hacking lawsuit against NSO. .

Surveillance 121

Surveillance Spyware Risk Hacking 121

Security Affairs

FEBRUARY 6, 2022

One of the Apple iOS zero-day flaws exploited by the NSO group was also used by another surveillance firm named QuaDream. One of the vulnerabilities in Apple iOS that was previously exploited by the spyware developed by the Israeli company NSO Group was also separately used by another surveillance firm named QuaDream. as a zero-day.

Surveillance 98

Surveillance Spyware Government Hacking 98

Security Affairs

APRIL 19, 2020

This post includes the details of the Coronavirus-themed attacks launched from April 12 to April 18, 2020. Consumer reports received since January 2020 revealed that that approximately $12 million were lost due to Coronavirus-related scams, FTC says. Coronavirus-themed attacks April 05 – April 11, 2020. Pierluigi Paganini.

Scams 141

Scams Malware Phishing Surveillance 141

Malwarebytes

MARCH 12, 2021

Hackers were able to gain access to camera feeds from Verkada, a tech company that specializes in video security and physical access control, to demonstrate how prevalent surveillance is, reports say. Swiss hacker and member of the hacking collective “APT-69420 Arson Cats,” Tillie Kottmann, claimed credit for the Verkada hack.

Hacking 124

Hacking Surveillance Computers and Electronics Accountability 124

SecureList

FEBRUARY 26, 2021

The state of stalkerware in 2020 (PDF). Kaspersky’s data shows that the scale of the stalkerware issue has not improved much in 2020 compared to the last year: The number of people affected is still high. In total, 53,870 of our mobile users were affected globally by stalkerware in 2020. Main findings.

Mobile 132

Mobile Surveillance Software Passwords 132

Security Affairs

FEBRUARY 8, 2021

Iran-linked APT group Domestic Kitten, also tracked as APT-C-50, has been conducting widespread surveillance targeting over 1,000 individuals. Both groups have conducted long-running cyber-attacks and intrusive surveillance campaigns, which target both individuals’ mobile devices and personal computers.” Pierluigi Paganini.

Surveillance 116

Surveillance Mobile Malware Cyber Attacks 116

Krebs on Security

MARCH 22, 2021

An ad for RedTorch’s “Cheetah” counter-surveillance tech. ” Frigg promises to include “elements that stems [sic] from major data hacks of known systems like Ashley Madison, LinkedIn, Dropbox, Fling.com, AdultFriendFinder and hundreds more. 2020 version of RedTorch.com. Last month, the U.S.

Surveillance 340

Surveillance Computers and Electronics Internet Internet 340

Security Affairs

APRIL 20, 2022

Synesis Surveillance System – Anonymous claims to have hacked the Synesis and Kipod surveillance systems. According to DDoSecrets, data was gathered in August 2020. One of the most active hacking crew, the Network Battalion 65, also claimed to have hacked another Russian bank, JSC Bank PSCB.

Hacking 140

Hacking Banking Surveillance Engineering 140

Security Affairs

APRIL 26, 2022

An interesting article published by The Intercept reveals the secretive business of a US surveillance firm named Anomaly Six. While Russia was invading Ukraine in February, two unknown surveillance startups, Anomaly Six and Zignal Labs joined forces to provide powerful surveillance services. Motherboard reported that U.S.

Surveillance 98

Surveillance Mobile Government Media 98

Security Affairs

NOVEMBER 18, 2024

Privacy Shield framework in 2020. Privacy Shield in 2020, Meta continued transferring data under a framework that was deemed insufficient to protect European citizens from U.S. government surveillance. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, GDPR )

Data privacy 130

Data privacy Risk Surveillance Government 130

Security Affairs

MAY 1, 2023

Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). The researchers are tracking the spyware since March 2020, starting in 2023, multiple security experts [ 1 , 2 ] started monitoring its activity. .

Surveillance 98

Surveillance Malware Spyware Accountability 98

Security Affairs

MARCH 2, 2024

Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Judge ordered the surveillance firm to hand over the source code for its Pegasus spyware and other products to the social network giant. from April 29, 2018, to May 10, 2020).

Spyware 144

Spyware Surveillance Architecture Software 144

Security Affairs

JULY 28, 2022

The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) researchers linked a threat group known as Knotweed to an Austrian surveillance firm named DSIRF, known for using multiple Windows and Adobe zero-day exploits. SecurityAffairs – hacking, Subzero malware). ” concludes Microsoft.

Surveillance 100

Surveillance Malware Authentication Accountability 100

Security Affairs

APRIL 13, 2021

The exploit code for a remote code execution vulnerability affecting QNAP network-attached storage (NAS) devices that run the Surveillance Station video management system is available online. “A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. . and 5.1.5.3.2.

Surveillance 134

Surveillance Hacking Information Security Malware 134

Schneier on Security

FEBRUARY 6, 2023

But what if, instead, somebody hacked into the system and just switched the labels for “gun” and “turtle” or swapped “stop” and “45 mi/h”? Like everything else, these systems will be hacked through vulnerabilities in those more conventional parts of the system. This is bulk surveillance and can easily operate on this massive scale.

Encryption 274

Encryption Hacking Software Social Engineering 274

SecureWorld News

AUGUST 27, 2021

Australian Parliament passed the controversial Surveillance Legislation Amendment Bill 2020, also known as the Identify and Disrupt Bill and to a few the “hacking” bill, on August 25. Differing views on the police "hacking" bill. All eyes will be on Australia to see the results of the “hacking” bill’s introduction.

Hacking 98

Hacking Computers and Electronics Surveillance Cybercrime 98

Schneier on Security

NOVEMBER 13, 2018

By developing more advanced security features and building them into these products, hacks can be avoided. California's new SB 327 law , which will take effect in January 2020, requires all "connected devices" to have a "reasonable security feature." It's easier to extend the protection to everyone.

IoT 261

IoT Manufacturing Internet Internet 261

Security Affairs

AUGUST 24, 2021

The iPhones of nine activists, including members of the Bahrain Center for Human Rights , Waad , Al Wefaq , were infected with Pegasus spyware as part of a surveillance operation likely orchestrated by a threat actor tracked as LULU and attributed with high confidence to the government of Bahrain. ” concludes the report.

Spyware 98

Spyware Surveillance Hacking Mobile 98

Thales Cloud Protection & Licensing

JANUARY 14, 2020

Along with innovation and technology proliferation, new challenges that will shape business during 2020. Last year brought a considerable shift in the global privacy legislation landscape and 2020 is going to be just as busy from a data protection standpoint. Unfortunately, privacy compliance is still lagging.

Data privacy 89

Data privacy IoT Data breaches Surveillance 89

Security Affairs

JANUARY 14, 2021

Security experts from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax , against Colombian government institutions and private companies. Malware researchers from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax , against Colombian entities exclusively. Pierluigi Paganini.

Malware 141

Malware Surveillance Phishing Government 141

Security Affairs

JUNE 11, 2021

“Al Jazeera Media Network was subjected to a series of cyber hacking attempts to penetrate some of its platforms and websites this week.” Al-Jazeera added that its service provider was able to detect the attacks and stop the hacking attempts. SecurityAffairs – hacking). ” concludes the press release.

Cyber Attacks 139

Cyber Attacks Media Hacking Spyware 139

Security Affairs

MARCH 21, 2021

Hackers also posted images captured from the hacked surveillance video on Twitter with an #OperationPanopticon hashtag, published images show that they have gained root shell access to the surveillance cameras used by Telsa and Cloudflare. SecurityAffairs – hacking, cybercrime). ” continues the DoJ.

Identity Theft 108

Identity Theft Computers and Electronics Surveillance Hacking 108

Security Affairs

AUGUST 28, 2020

22, 2020, in Los Angeles and had his initial appearance before U.S. According to the complaint and statements made in court, from about July 15, 2020 to about Aug. 22, 2020, Kriuchkov conspired with associates to recruit an employee of a company to introduce malware.”. — Elon Musk (@elonmusk) August 27, 2020.

Malware 145

Malware Surveillance Hacking Spyware 145

Security Affairs

OCTOBER 5, 2023

“The document said the exploit worked for Android versions 9 to 11, which was released in 2020, and that it took advantage of a flaw in the “image rendering library.” In 2020 and 2021, WhatsApp fixed three vulnerabilities — CVE-2020-1890, CVE-2020-1910, and CVE-2021-24041— that all involved how the app processes images.

Mobile 141

Mobile Marketing Spyware Surveillance 141

Security Affairs

DECEMBER 28, 2020

“Parliament of Finland has been subjected to a cyberattack in the fall of 2020. The attack was discovered by parliament technical surveillance. SecurityAffairs – hacking, Finland). The Parliament of Finland confirmed that threat actors had access to email accounts of multiple members of parliament (MPs). .

Accountability 144

Accountability Surveillance Cyber Attacks Hacking 144

Security Affairs

APRIL 14, 2021

WhatsApp addressed two security vulnerabilities in its app for Android that could have been exploited to remotely hack the victim’s device. or greater on the Android platform, as previous versions are vulnerable to the aforementioned bugs and may allow for remote user surveillance. SecurityAffairs – hacking, WhatsApp).

Mobile 112

Mobile Hacking Encryption Surveillance 112

Security Affairs

JANUARY 14, 2022

Hensoldt AG focuses on sensor technologies for protection and surveillance missions in the defence, security and aerospace sectors. billion euros in 2020. SecurityAffairs – hacking, Hensoldt). Ransom demands have been quite high, between $500.000 and $700.000. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware 141

Ransomware Surveillance Mobile Encryption 141

Security Affairs

OCTOBER 11, 2021

Their devices were targeted between December 2019 and January 2020, during a tense political climate ahead of the 2020 Togolese presidential election.” The company denied any involvement in the surveillance campaign attributed to the Donot Team APT. SecurityAffairs – hacking, Donot Team APT). Pierluigi Paganini.

Spyware 102

Spyware Surveillance Accountability Mobile 102

Security Affairs

MARCH 23, 2020

Experts observed multiple botnets exploiting zero-day vulnerabilities in DVRs for surveillance systems manufactured by Taiwan-based LILIN. Botnet operators are exploiting several zero-day vulnerabilities in digital video recorders (DVRs) for surveillance systems manufactured by Taiwan-based LILIN-. SecurityAffairs – hacking, LILIN).

Firmware 139

Firmware Surveillance Manufacturing Advertising 139

Security Affairs

JULY 14, 2021

The vulnerabilities were exploited in three different campaigns analyzed by the researchers, it is interesting to note that three out of four exploits were developed by the same surveillance firm, The fourth exploit ( CVE-2021-1879 ) was likely developed by a Russia-linked APT group. SecurityAffairs – hacking, APT).

Surveillance 145

Surveillance Government Internet Internet 145

Security Affairs

APRIL 12, 2020

hacked, data of 600k users available for sale Updated: Italian email provider Email.it supports the Secure Boot Fake Cisco ‘Critical Update used in phishing campaign to steal WebEx credentials Hackers accessed staff mailboxes at Italian bank Monte dei Paschi SFO discloses data breach following the hack of 2 of its websites.

Hacking 109

Hacking Advertising Surveillance Phishing 109

The Last Watchdog

NOVEMBER 9, 2020

IoT-enabled scams and hacks quickly ramped up to a high level – and can be expected to accelerate through 2021 and beyond. Hacking collectives are very proficient at “exploiting weak authentication schemes to gain persistence inside of a targeted network,” Sherman says. 2020 has been a year of tumultuous, unimaginable developments.

IoT 279

IoT Healthcare Internet Internet 279

Security Affairs

NOVEMBER 24, 2021

Apple has filed suit to ban the Israeli surveillance firm NSO Group and parent company Q Cyber Technologies from using its product and services. federal court for illegally targeting its customers with the surveillance spyware Pegasus. SecurityAffairs – hacking, Pegasus). ” reads the announcement published by Apple.

Spyware 100

Spyware Surveillance Software Hacking 100

Security Affairs

SEPTEMBER 13, 2021

The iPhones of nine activists, including members of the Bahrain Center for Human Rights , Waad , Al Wefaq , were infected with Pegasus spyware as part of a surveillance operation likely orchestrated by a threat actor tracked as LULU and attributed with high confidence to the government of Bahrain. “We SecurityAffairs – hacking, Apple).

Spyware 112

Spyware Surveillance Hacking Mobile 112

Security Affairs

DECEMBER 4, 2022

. “Court documents and government contracting records show the agencies tasked with monitoring the Mexican border have spent record sums on car hacking tools, while talking up the extraordinary amount of valuable evidence that can be reaped from onboard computers.” SecurityAffairs – hacking, infotainment systems).

Surveillance 110

Surveillance Technology Hacking Mobile 110

Security Affairs

FEBRUARY 24, 2021

Vietnam-linked APT32 group targeted Vietnamese human rights defenders (HRDs) between February 2018 and November 2020. “This unlawful surveillance violates the right to privacy and stifles freedom of expression.” SecurityAffairs – hacking, APT32). ” reads the post published by Amnesty International. .

Spyware 130

Spyware Government Surveillance Phishing 130