Security Affairs

JULY 24, 2022

ransom and sued its insurance firm for refusing to cover this payment Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever Google is going to remove App Permissions List from the Play Store Security Affairs newsletter Round 374 by Pierluigi Paganini APT groups target journalists and media organizations since 2021.

Spyware 92

Spyware Surveillance Insurance Malware 92

SecureList

NOVEMBER 17, 2021

Let’s start by looking at the predictions we made for 2021. Last year, we foresaw the APT and cybercrime worlds becoming more porous on an operational level. A very interesting campaign orchestrated by APT31 surfaced in 2021. One of the most iconic cyber-events of 2021 was the ransomware attack on Colonial Pipeline.

Mobile 139

Mobile Surveillance Ransomware Government 139

Security Affairs

FEBRUARY 13, 2022

to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps. US seizes $3.6 Pierluigi Paganini.

Spyware 74

Spyware Surveillance Ransomware Hacking 74

SecureWorld News

AUGUST 25, 2022

In 2021, NSO was blacklisted by the United States government as it knowingly provided spyware to foreign governments who used the tool maliciously. Claudio Guarnieri, the head of Amnesty International’s Security Lab, had this to say about NSO's recent changes: "Such changes will not address the ongoing absence of accountability.

Spyware 81

Spyware Government Marketing Surveillance 81

SecureWorld News

NOVEMBER 23, 2021

The opening lines of the lawsuit say it all: "Defendants are notorious hackers—amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse.". November 23, 2021. Cybercrime mercenary group tracked around the world. link] — Ivan Krsti?

Spyware 70

Spyware Surveillance Engineering Software 70

SecureList

FEBRUARY 26, 2021

The Coalition Against Stalkerware warns that stalkerware “may facilitate intimate partner surveillance, harassment, abuse, stalking, and/or violence.” They still need physical access to the phone to jailbreak it, so iPhone users who fear surveillance should always keep an eye on their device. The legal status.

Mobile 94

Mobile Surveillance Software Passwords 94

Krebs on Security

MARCH 29, 2022

It involves compromising email accounts and websites tied to police departments and government agencies, and then sending unauthorized demands for subscriber data while claiming the information being requested can’t wait for a court order because it relates to an urgent matter of life and death. THE LAPSUS$ CONNECTION.

Accountability 275

Accountability Government Hacking Social Engineering 275

eSecurity Planet

DECEMBER 19, 2023

Cybercrime will go to the next level: Cyberattackers will implement improved skills, “shift left” attacks, and shifting strategies to adjust to evolving cyberdefense. AI-Powered Cybercrime Despite the advancements in using AI to improve security, cybercriminals also have access to AI and LLMs.

Cybersecurity 140

Cybersecurity CISO Government Technology 140

SecureList

NOVEMBER 29, 2021

The victim was infected by PowerShell malware and we discovered evidence that the actor had already stolen data from the victim and had been surveilling this victim for several months. Based on said files, we identified additional victims in South Korea and compromised web servers that have been utilized by ScarCruft since early 2021.

Surveillance 131

Surveillance Malware Phishing Encryption 131

SecureList

OCTOBER 26, 2021

This is our latest installment, focusing on activities that we observed during Q3 2021. The first accounts of its activity date back to March last year, in which archives carrying COVID-related decoy file names that contained a malicious executable were described in a tweet by MalwareHunterTeam. The most remarkable findings.

Malware 144

Malware Government Surveillance Spyware 144

SecureList

JANUARY 20, 2022

At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner , which has been integrated into Kaspersky products since the beginning of 2019. In the last year, there have been several public accounts on the ongoing trend of UEFI threats. What happened? ns.glbaitech[.]com) 92.38.178[.]246.

Firmware 145

Firmware Malware Encryption Passwords 145

SecureList

OCTOBER 17, 2023

This strategic shift signals its intent to intensify its surveillance capabilities and expand its range of targets. The stolen cookies can be used later to remotely access victims’ email accounts. These are new variants of the same hacking tools that we first reported in August 2019, and later detailed again in June 2021.

Government 118

Government Malware VPN Manufacturing 118

SecureList

JULY 29, 2021

This is our latest installment, focusing on activities that we observed during Q2 2021. For further surveillance of the victim, the malware operator may also deploy additional tools. Interestingly, the exploit was found in the wild as part of a separate framework, alongside CVE-2021-1732 as well as other previously patched exploits.

Malware 144

Malware Phishing Password Management Social Engineering 144

Krebs on Security

MARCH 22, 2023

In November 2022, researchers at Google’s Project Zero warned about active attacks on Samsung mobile phones which chained together three security vulnerabilities that Samsung patched in March 2021, and which would have allowed an app to add or read any files on the device. That Weibo post has since been deleted.

Malware 271

Malware eCommerce Mobile Media 271

eSecurity Planet

OCTOBER 26, 2021

The Russian-based cybercrime group responsible for the high-profile attack on software maker SolarWinds last year is continuing to take aim at the global supply chain, according to a warning issued by Microsoft this week. See also: Best Third-Party Risk Management (TPRM) Tools of 2021. See also: Top Microsegmentation Tools for 2021.

Government 120

Government Cybercrime Accountability Software 120

eSecurity Planet

OCTOBER 21, 2022

A report from IBM claims that 21% of all cyber attacks the company remediated in 2021 were ransomware, making it the most common type of attack in the report. Once a system is infected, ransomware attacks usually come in 3 stages: Surveillance: The hackers scan their target for more information on the system they are attacking.

Malware 75

Malware Adware Spyware Antivirus 75

SecureList

NOVEMBER 14, 2023

The threat actor used news about the Russo-Ukrainian conflict to trick targets into opening harmful emails that exploited the vulnerabilities (CVE-2020-35730, CVE-2020-12641 and CVE-2021-44026). Although there was a public report of drones used to hack a Wi-Fi network in 2022, there are no accounts of similar events happening in 2023.

Hacking 119

Hacking Energy and Utilities Media Malware 119

Krebs on Security

MARCH 2, 2023

. “Regulations for other industries went through a similar transformation, and we saw a positive result — there’s now an expectation of appropriate due care, and accountability for those who fail to comply. cyber interests.

Cybersecurity 241

Cybersecurity Insurance Cyber Insurance Government 241