Security Affairs

JULY 20, 2023

Lookout first detected WyrmSpy as early as 2017, while it first discovered DragonEgg at the start of 2021. “After it’s installed and launched, WyrmSpy uses known rooting tools to gain escalated privileges to the device and perform surveillance activities specified by commands received from its C2 servers.

Spyware 82

Spyware Surveillance Mobile Malware 82

Security Affairs

MARCH 21, 2021

Hackers also posted images captured from the hacked surveillance video on Twitter with an #OperationPanopticon hashtag, published images show that they have gained root shell access to the surveillance cameras used by Telsa and Cloudflare. SecurityAffairs – hacking, cybercrime). ” concludes the DoJ. Pierluigi Paganini.

Identity Theft 73

Identity Theft Computers and Electronics Surveillance Hacking 73

Security Affairs

APRIL 17, 2022

Gov believes North Korea-linked Lazarus APT is behind Ronin Validator cyber heist The unceasing action of Anonymous against Russia Threat actors target the Ukrainian gov with IcedID malware Threat actors use Zimbra exploits to target organizations in Ukraine Conti Ransomware Gang claims responsibility for the Nordex hack ZingoStealer crimeware released (..)

Wireless 76

Wireless Data breaches Hacking Surveillance 76

Malwarebytes

SEPTEMBER 27, 2021

Uber scam lures victims with alert from a real Uber number Teaching cybersecurity skills to special needs children with Alana Robinson: Lock and Code S02E18.

Phishing 58

Phishing Surveillance Malware Backups 58

Security Affairs

OCTOBER 12, 2021

Operators behind the FreakOut (aka Necro, N3Cr0m0rPh) Python botnet have added a PoC exploit for Visual Tools DVR, a professional digital video recorder used in surveillance video systems. The POC exploit code for this vulnerability is publicly available since July 2021. CVE-2021-2900 – Genexis PLATINUM 4410 2.1 P4410-V2-1.28

DDOS 96

DDOS Surveillance Hacking Internet 96

SecureList

NOVEMBER 17, 2021

Let’s start by looking at the predictions we made for 2021. Last year, we foresaw the APT and cybercrime worlds becoming more porous on an operational level. A very interesting campaign orchestrated by APT31 surfaced in 2021. One of the most iconic cyber-events of 2021 was the ransomware attack on Colonial Pipeline.

Mobile 133

Mobile Surveillance Ransomware Government 133

Security Affairs

APRIL 2, 2022

The Beastmode botnet also includes exploits for the following issues: CVE-2021-45382 targets D-Link products (DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L and DIR-836L) CVE-2021-4045 targets TP-Link Tapo C200 IP camera. CVE-2016-5674 targets NUUO NVRmini2, NVRsolo, Crystal Devices, and NETGEAR ReadyNAS Surveillance products.

DDOS 86

DDOS Firmware Surveillance IoT 86

SecureWorld News

MAY 3, 2022

In a press conference earlier this week, Félix Bolaños, the minister for the presidency, said Sánchez's phone was targeted in May and June 2021, while Robles was also targeted in June 2021. Pegasus spyware remains problematic around the world. Could Spain be spying on its own people?

Spyware 86

Spyware Government Surveillance Mobile 86

Security Affairs

APRIL 16, 2023

Remcos is a legitimate remote monitoring and surveillance software developed by the company BreakingSecurity. In 2021, CISA added Remcos to the list of top malware strains due to its use in mass phishing attacks using COVID-19 pandemic themes targeting businesses and individuals.

Accountability 89

Accountability Phishing Financial Services Surveillance 89

Security Affairs

JULY 24, 2022

ransom and sued its insurance firm for refusing to cover this payment Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever Google is going to remove App Permissions List from the Play Store Security Affairs newsletter Round 374 by Pierluigi Paganini APT groups target journalists and media organizations since 2021.

Spyware 91

Spyware Surveillance Insurance Malware 91

Security Affairs

JULY 31, 2022

and Blackmatter ransomware U.S. increased rewards for info on North Korea-linked threat actors to $10 million Threat actors leverages DLL-SideLoading to spread Qakbot malware Zero Day attacks target online stores using PrestaShop?

Firmware 72

Firmware Surveillance Malware DDOS 72

Security Affairs

JUNE 10, 2022

The attack impacted the municipal police, surveillance cameras and ZTL traffic control systems, the authorities confirmed that the problems can last for days. Municipal Administration announced that demographic services are guaranteed. ” reads a statement issued by the Municipal Administration.

Ransomware 109

Ransomware Data breaches Cyber Attacks Surveillance 109

Security Affairs

AUGUST 29, 2021

EskyFun data leak, over 1 million Android gamers impacted Boffins show PIN bypass attack Mastercard and Maestro contactless payments Phorpiex botnet shuts down and authors put source code for sale Atlassian released security patches to fix a critical flaw in Confluence An RCE in Annke video surveillance product allows hacking the device ChaosDB, a (..)

Spyware 103

Spyware Data breaches Surveillance Hacking 103

The Last Watchdog

AUGUST 27, 2018

By Gartner’s estimate there will be about 25 billion IoT devices in service by 2021. They realize that each IoT device, whether it be a home router, surveillance camera, office machine, medical device, or what have you, is a fully functioning computing nodule – one that’s likely off anyone’s radar, just waiting to be exploited.

DDOS 255

DDOS IoT Digital transformation Internet 255

Security Affairs

FEBRUARY 13, 2022

to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps. US seizes $3.6 Pierluigi Paganini.

Spyware 73

Spyware Surveillance Ransomware Hacking 73

SecureWorld News

AUGUST 25, 2022

In 2021, NSO was blacklisted by the United States government as it knowingly provided spyware to foreign governments who used the tool maliciously. Its spyware product, Pegasus, has been used by various criminals and nation states to target individuals of interest, such as activists, politicians, and business leaders.

Spyware 86

Spyware Government Marketing Surveillance 86

SecureWorld News

NOVEMBER 23, 2021

The opening lines of the lawsuit say it all: "Defendants are notorious hackers—amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse.". November 23, 2021. Cybercrime mercenary group tracked around the world. link] — Ivan Krsti?

Spyware 74

Spyware Surveillance Engineering Software 74

SecureList

FEBRUARY 26, 2021

The Coalition Against Stalkerware warns that stalkerware “may facilitate intimate partner surveillance, harassment, abuse, stalking, and/or violence.” They still need physical access to the phone to jailbreak it, so iPhone users who fear surveillance should always keep an eye on their device.

Mobile 84

Mobile Surveillance Software Passwords 84

SecureList

APRIL 27, 2021

This is our latest installment, focusing on activities that we observed during Q1 2021. In parallel, Volexity also reported the same Exchange zero-days being in use in early 2021. The group’s operations were exposed in 2018, showing that it was conducting surveillance attacks against individuals in the Middle East.

Malware 141

Malware Spyware Government Social Engineering 141

Krebs on Security

MARCH 29, 2022

” On April 5, 2021, Everlynn posted a new sales thread to the cybercrime forum cracked[.]to But KT said each time Everlynn gets released from police custody, they go right back to committing the same cybercrimes. The phony message sent in November 2021 via the FBI’s email system.

Accountability 274

Accountability Government Hacking Social Engineering 274

SecureList

APRIL 27, 2022

We also identified two samples developed in December 2021 containing test strings and preceding revisions of the ransom note observed in Microsoft’s shared samples. One of the identified samples was compiled on December 28, 2021, suggesting that this destructive campaign had been planned for months. … ?????? ??????!!!

Malware 134

Malware Firmware Government Phishing 134

Security Affairs

JANUARY 9, 2022

” Recently media shared an FBI training document that reveals the surveillance capabilities of the US law enforcement detailing which data can be extracted from encrypted messaging apps. The above document, dated to January 7, 2021, was obtained through a FOIA request filed by the US nonprofit organization Property of the People.

Computers and Electronics 105

Computers and Electronics Encryption Surveillance Cybercrime 105

SecureWorld News

JULY 20, 2023

Commerce Department's Bureau of Industry and Security (BIS) has taken significant action to address the escalating concern surrounding the misuse of surveillance technology by foreign entities. government's growing concern about the role of surveillance technology in enabling campaigns of repression and human rights abuses.

Spyware 82

Spyware Surveillance Government Technology 82

eSecurity Planet

DECEMBER 19, 2023

Cybercrime will go to the next level: Cyberattackers will implement improved skills, “shift left” attacks, and shifting strategies to adjust to evolving cyberdefense. AI-Powered Cybercrime Despite the advancements in using AI to improve security, cybercriminals also have access to AI and LLMs.

Cybersecurity 140

Cybersecurity CISO Government Technology 140

SecureList

NOVEMBER 29, 2021

The victim was infected by PowerShell malware and we discovered evidence that the actor had already stolen data from the victim and had been surveilling this victim for several months. Based on said files, we identified additional victims in South Korea and compromised web servers that have been utilized by ScarCruft since early 2021.

Surveillance 121

Surveillance Malware Phishing Encryption 121

SecureList

OCTOBER 26, 2021

This is our latest installment, focusing on activities that we observed during Q3 2021. This activity seems to have continued and stretched into 2021, when we spotted a set of recent attacks using the same techniques and malware to gain a foothold in diplomatic organizations based in Central Asia. The most remarkable findings.

Malware 142

Malware Government Surveillance Spyware 142

Security Affairs

FEBRUARY 20, 2022

Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Banking 84

Banking Spyware Surveillance Ransomware 84

SecureList

JULY 29, 2021

This is our latest installment, focusing on activities that we observed during Q2 2021. For further surveillance of the victim, the malware operator may also deploy additional tools. Interestingly, the exploit was found in the wild as part of a separate framework, alongside CVE-2021-1732 as well as other previously patched exploits.

Malware 142

Malware Phishing Password Management Social Engineering 142

SecureList

JANUARY 20, 2022

At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner , which has been integrated into Kaspersky products since the beginning of 2019. com) and that StealthMutant was observed in this campaign only from February, 2021. What happened? ns.glbaitech[.]com) Loader MD5. 92.38.178[.]246.

Firmware 145

Firmware Malware Encryption Passwords 145

SecureList

OCTOBER 17, 2023

This strategic shift signals its intent to intensify its surveillance capabilities and expand its range of targets. These are new variants of the same hacking tools that we first reported in August 2019, and later detailed again in June 2021. At that time, we showed that Owowa may have been developed by a Chinese-speaking individual.

Government 108

Government Malware VPN Manufacturing 108

Krebs on Security

MARCH 22, 2023

In November 2022, researchers at Google’s Project Zero warned about active attacks on Samsung mobile phones which chained together three security vulnerabilities that Samsung patched in March 2021, and which would have allowed an app to add or read any files on the device.

Malware 259

Malware eCommerce Mobile Media 259

eSecurity Planet

OCTOBER 26, 2021

The Russian-based cybercrime group responsible for the high-profile attack on software maker SolarWinds last year is continuing to take aim at the global supply chain, according to a warning issued by Microsoft this week. See also: Best Third-Party Risk Management (TPRM) Tools of 2021. See also: Top Microsegmentation Tools for 2021.

Government 120

Government Cybercrime Accountability Software 120

eSecurity Planet

OCTOBER 21, 2022

A report from IBM claims that 21% of all cyber attacks the company remediated in 2021 were ransomware, making it the most common type of attack in the report. Once a system is infected, ransomware attacks usually come in 3 stages: Surveillance: The hackers scan their target for more information on the system they are attacking.

Malware 75

Malware Adware Spyware Antivirus 75

Malwarebytes

MAY 10, 2022

A majority of the Members of the European Parliament adopted the chat control regulation on July 6, 2021, allowing providers to scan communications voluntarily. Privacy advocates argue it brings the EU closer to the surveillance state that many see in other countries and that is a frightful image. I’m asking for me.

Encryption 87

Encryption Surveillance Artificial Intelligence Spyware 87

SecureList

NOVEMBER 14, 2022

In another publication , Google also followed up on the activities of a similar vendor named Cytrox that had leveraged four 0-day vulnerabilities in a 2021 campaign. A recent leak has put it in the hands of cybercrime actors and it is very likely that by the end of the year we will see it involved in APT cases too. Drone hacking!

Firmware 110

Firmware Surveillance Mobile Telecommunications 110

SecureList

NOVEMBER 14, 2023

The threat actor used news about the Russo-Ukrainian conflict to trick targets into opening harmful emails that exploited the vulnerabilities (CVE-2020-35730, CVE-2020-12641 and CVE-2021-44026). As we look ahead, we might anticipate more occasional cases of advanced attacks to leverage consumer devices and smart home technology.

Hacking 108

Hacking Energy and Utilities Media Malware 108

Krebs on Security

MARCH 2, 2023

The document points to the 2021 takedown of the Emotet botnet — a cybercrime machine that was heavily used by multiple Russian ransomware groups — as a model for this activity, but says those disruptive operations need to happen faster and more often. .” cyber interests.

Cybersecurity 230

Cybersecurity Insurance Cyber Insurance Government 230