Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Upon installing the two spyware, they request extensive device permissions.

Spyware 81

Spyware Surveillance Mobile Malware 81

Security Affairs

AUGUST 24, 2021

Citizen Lab uncovered a new zero-click iMessage exploit that was used to deploy the NSO Group’s Pegasus spyware on devices belonging to Bahraini activists. Researchers from Citizen Lab spotted a zero-click iMessage exploit that was used to deploy NSO Group’s Pegasus spyware on Bahraini activists’ devices.

Spyware 97

Spyware Surveillance Hacking Mobile 97

Security Affairs

JANUARY 28, 2022

Finland Ministry for Foreign Affairs revealed that devices of Finnish diplomats have been infected with NSO Group’s Pegasus spyware. Finland’s Ministry for Foreign Affairs revealed that the devices of some Finnish diplomats have been compromised with the infamous NSO Group’s Pegasus spyware. Pierluigi Paganini.

Spyware 83

Spyware Surveillance Mobile Risk 83

Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Spyware 113

Spyware Government Surveillance Media 113

Security Affairs

AUGUST 30, 2023

Google removed FlyGram from Google Play after January 6, 2021. The malware distributed by the nation-state actors is Android BadBazaar , which has been previously employed in attacks aimed at Uyghurs and other Turkic ethnic minorities. org) and a Telegram alternative app (flygram[.]org).” ” reads the analysis published by ESET.

Spyware 113

Spyware Accountability Malware Hacking 113

Security Affairs

JANUARY 21, 2022

Researchers spotted several spyware campaigns targeting industrial enterprises to steal credentials and conduct financial fraud. Researchers from Kaspersky Lab have uncovered multiple spyware campaigns that target industrial firms to steal email account credentials and carry out fraudulent activities. Pierluigi Paganini.

Spyware 86

Spyware Accountability Social Engineering Phishing 86

Security Affairs

MARCH 29, 2023

Google’s Threat Analysis Group (TAG) discovered several exploit chains targeting Android, iOS, and Chrome to install commercial spyware. The exploit chains were used to install commercial spyware and malicious apps on targets’ devices. The experts pointed out that both campaigns were limited and highly targeted.

Spyware 85

Spyware Surveillance Firmware Internet 85

Security Affairs

APRIL 1, 2023

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. Cybersecurity and Infrastructure Security Agency (CISA) has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Spyware 79

Spyware Surveillance Mobile Education 79

Security Affairs

NOVEMBER 11, 2022

The threat actors behind the campaigns used two Android spyware to spy on the victims and steal sensitive information. The investigation into the BadBazaar campaign started in late 2021 and is based on a tweet from @MalwareHunterTeam research team that was referencing a malicious English-Uyghur dictionary app.

Surveillance 89

Surveillance Spyware Malware Mobile 89

Security Affairs

NOVEMBER 24, 2021

federal court for illegally targeting its customers with the surveillance spyware Pegasus. According to the lawsuit, NSO Group is accountable for hacking into Apple’s iOS-based devices using zero-click exploits. The complaint provides new information on how NSO Group infected victims’ devices with its Pegasus spyware.

Spyware 85

Spyware Surveillance Software Hacking 85

Security Affairs

JUNE 2, 2022

Since March 2021, the malicious code was also employed in attacks aimed at several European countries as well as Japan. In March 2021, experts from Swiss security outfit PRODAFT estimated that the number of infected devices worldwide was approximately 60,000. SecurityAffairs – hacking, Android malware).

Spyware 86

Spyware Malware Banking Cybercrime 86

Security Affairs

JUNE 24, 2022

Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. CVE-2021-30883 internally referred to as Clicked2, marked as being exploited in-the-wild by Apple in October 2021. SecurityAffairs – hacking, RCS Labs). ” continues the analysis.

Surveillance 110

Surveillance Mobile Spyware Telecommunications 110

Security Affairs

JULY 21, 2021

FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents. SecurityAffairs – hacking, FormBook). XLoader is a very cheap malware strain that is based on the popular Formbook Windows malware.

Spyware 99

Spyware Malware Cybercrime Advertising 99

Security Affairs

FEBRUARY 6, 2022

One of the vulnerabilities in Apple iOS that was previously exploited by the spyware developed by the Israeli company NSO Group was also separately used by another surveillance firm named QuaDream. The two surveillance firms employed the zero-click iMessage exploit dubbed FORCEDENTRY (CVE-2021-30860). as a zero-day.

Surveillance 94

Surveillance Spyware Government Hacking 94

Security Affairs

APRIL 22, 2024

The threat actors shared a portion of the stolen data with TechCrunch as proof of the hack, it includes records on current and former government officials, diplomats, and politically exposed people. The list also includes criminals, suspected terrorists, intelligence operatives and a European spyware firm.

Risk 113

Risk Spyware Hacking Accountability 113

Security Affairs

SEPTEMBER 13, 2021

Apple rolled out security patches to fix a couple of zero-day flaws in iOS and macOS (CVE-2021-30860, CVE-2021-30858), the IT giant also warns its customers that these issues are actively exploited in attacks in the wild, come of which were reported by researchers from Citizen Lab. SecurityAffairs – hacking, Apple).

Spyware 90

Spyware Surveillance Hacking Mobile 90

Security Affairs

APRIL 13, 2022

One of the officials targeted with the infamous spyware there is Didier Reynders, a senior Belgian statesman who has served as the European Justice Commissioner since 2019. ” Security researchers said that Apple sent the warnings to its users targeted between February and September 2021. ” concludes the report.

Surveillance 91

Surveillance Software Spyware Hacking 91

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence 95

Artificial Intelligence VPN Hacking Firewall 95

Security Affairs

JULY 8, 2023

.” reads the security bulletin. CVE-2023-26083 CVE-2021-29256 CVE-2023-2136 The CVE-2023-26083 is an Arm Mali GPU kernel driver information disclosure vulnerability that the US CISA added to its Known Exploited Vulnerabilities catalog in April 2023.

Spyware 94

Spyware Hacking Mobile Information Security 94

Security Affairs

DECEMBER 16, 2021

Tens of thousands of devices worldwide, including many industrial control systems (ICS), have been hit by the PseudoManuscrypt spyware. Kaspersky researchers reported that tens of thousands of devices belonging to industrial and government organizations worldwide have been hit by the PseudoManuscrypt spyware. Pierluigi Paganini.

Spyware 108

Spyware Energy and Utilities Malware Engineering 108

Security Affairs

MARCH 6, 2024

” reads the security bulletin published by the company. The issue is likely chained with other flaws in an exploit used by a commercial spyware vendor or a nation-state actor. The second issue added to the Catalog is an OS Command Injection vulnerability in Sunhillo SureLine.

Spyware 109

Spyware Cybersecurity Ransomware Risk 109

Security Affairs

SEPTEMBER 28, 2021

Experts spotted a new variant of the FinFisher surveillance spyware that is able to hijack and replace the Windows UEFI bootloader to infect Windows machines. Kaspersky experts shared the results of an 8-months investigation into FinSpy spyware at the Security Analyst Summit (SAS) 2021. Pierluigi Paganini.

Spyware 83

Spyware Surveillance Firmware Malware 83

Security Affairs

JUNE 11, 2021

“Al Jazeera Media Network was subjected to a series of cyber hacking attempts to penetrate some of its platforms and websites this week.” “Between June 5 and 8, 2021, Al Jazeera websites and platforms experienced continued electronic attacks aimed at accessing, disrupting, and controlling some of the news platforms.

Cyber Attacks 127

Cyber Attacks Media Spyware Hacking 127

Security Affairs

DECEMBER 3, 2022

SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 396 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook and Mastodon. Pierluigi Paganini.

Spyware 92

Spyware Data breaches VPN Hacking 92

Security Affairs

JULY 24, 2022

ransom and sued its insurance firm for refusing to cover this payment Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever Google is going to remove App Permissions List from the Play Store Security Affairs newsletter Round 374 by Pierluigi Paganini APT groups target journalists and media organizations since 2021.

Spyware 90

Spyware Surveillance Insurance Malware 90

Security Affairs

OCTOBER 11, 2021

to address a zero-day flaw, tracked as CVE-2021-30883, that is actively exploited in the wild. ” The CVE-2021-30883 vulnerability was reported by an anonymous researcher. link] pic.twitter.com/GqzCcMIcum — Saar Amar (@AmarSaar) October 11, 2021. July 2021 – CVE-2021-30807 zero day.

Spyware 113

Spyware Hacking Mobile Information Security 113

Security Affairs

JUNE 11, 2023

Experts found new MOVEit Transfer SQL Injection flaws The University of Manchester suffered a cyber attack and suspects a data breach Russians charged with hacking Mt.

Social Engineering 88

Social Engineering Data breaches Ransomware Cybercrime 88

Security Affairs

NOVEMBER 9, 2022

Google Project Zero disclosed three Samsung phone vulnerabilities, tracked as CVE-2021-25337, CVE-2021-25369 and CVE-2021-25370, that have been exploited by a surveillance company. Google reported the vulnerabilities to Samsung immediately after their discovery in late 2020s, and the vendor addressed them in March 2021.

Surveillance 103

Surveillance Spyware Mobile Manufacturing 103

Security Affairs

APRIL 8, 2023

The CVE-2023-26083 flaw in the Arm Mali GPU driver is chained with other issues to install commercial spyware, as reported by Google’s Threat Analysis Group (TAG) in a recent report. Mandiant researchers first observed this affiliate targeting Veritas issues in the wild on October 22, 2022.

Backups 79

Backups Spyware Ransomware Education 79

Security Affairs

MAY 17, 2022

Experts spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data. Trend Micro researchers spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data from infected devices.

Spyware 88

Spyware Cryptocurrency VPN Malware 88

Security Affairs

NOVEMBER 14, 2021

Every week the best security articles from Security Affairs free for you in your email box. SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 340 appeared first on Security Affairs. If you want to also receive for free the newsletter with the international press subscribe here.

Spyware 53

Spyware Data breaches Ransomware Retail 53

Security Affairs

JULY 19, 2022

The spyware is able to steal SMS messages, contact lists, and device information and to sign victims up for premium service subscriptions. The Facestealer spyware was first spotted on July 2021 by Dr. Web researchers, the development team behind the threat has frequently changed its code. Pierluigi Paganini.

Malware 120

Malware Spyware Banking Mobile 120

Security Affairs

AUGUST 29, 2021

SecurityAffairs – hacking, newsletter). SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 329 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. If you want to also receive for free the international pre ss subscribe here.

Spyware 102

Spyware Data breaches Surveillance Hacking 102

Security Affairs

JUNE 25, 2023

Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter ) The post Security Affairs newsletter Round 425 by Pierluigi Paganini – International edition appeared first on Security Affairs.

DDOS 87

DDOS Cybercrime Spyware Malware 87

Security Affairs

OCTOBER 2, 2021

Researchers at New Zealand’s computer emergency response team (CERT NZ) spotted the fake security warnings used to deceive the Android users: “Your device is infected with the FluBot® malware. Android has detected that your device has been infected,” states the fake security warning observed by the researchers.

Banking 115

Banking Malware Spyware Passwords 115

Security Affairs

OCTOBER 29, 2021

1/6 pic.twitter.com/dBw0E5pj6r — ESET research (@ESETresearch) October 29, 2021. 5/6 pic.twitter.com/tuwQKJpFml — ESET research (@ESETresearch) October 29, 2021. In order to facilitate file encryption, the ransomware look for processes associated with backups, anti-virus/anti-spyware, and file copying and terminates them.

Encryption 106

Encryption Ransomware Spyware Malware 106

Security Affairs

NOVEMBER 28, 2021

SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 342 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Spyware 81

Spyware Data breaches Cyber Attacks Ransomware 81