Security Affairs

JULY 28, 2022

The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) researchers linked a threat group known as Knotweed to an Austrian surveillance firm named DSIRF, known for using multiple Windows and Adobe zero-day exploits. The malicious DLL used in the attacks was signed by ‘DSIRF GmbH’.”

Surveillance 100

Surveillance Malware Authentication Accountability 100

SecureList

NOVEMBER 23, 2021

Citizens, for their part, are increasingly concerned with surveillance capitalism , a lack of anonymity and dependence on online services. While we hope 2022 will be the last pandemic year, we do not think the privacy trends will reverse. Here, we present some of our ideas about what key forces will shape the privacy landscape in 2022.

Government 127

Government Internet Internet Technology 127

Security Affairs

APRIL 18, 2023

Citizen Lab reported that Israeli surveillance firm NSO Group used at least three iOS zero-click exploits in 2022. A new report from Citizen Lab states that the Israeli surveillance firm NSO Group used at least three zero-click zero-day exploits to deliver its Pegasus spyware. ” reads the report. ” reads the report.

Spyware 98

Spyware Surveillance Education Risk 98

Krebs on Security

MAY 18, 2022

for “deceptive statements” the company and its founder allegedly made over how they handle facial recognition data collected on behalf of the Internal Revenue Service , which until recently required anyone seeking a new IRS account online to provide a live video selfie to ID.me. ” But several days after a Jan.

Government 295

Government Accountability Data collection Surveillance 295

SecureList

MARCH 8, 2023

The state of stalkerware in 2022 (PDF) Main findings of 2022 The State of Stalkerware is an annual report by Kaspersky which contributes to a better understanding of how many people in the world are affected by digital stalking. In addition, the data reveals a stable proliferation of stalkerware over the 12 months of 2022.

Mobile 123

Mobile Software Accountability Cybersecurity 123

Schneier on Security

MARCH 19, 2024

In a 2022 survey , Americans blamed social media for the coarsening of our political discourse, the spread of misinformation, and the increase in partisan polarization. 2: Surveillance Social media’s reliance on advertising as the primary way to monetize websites led to personalization, which led to ever-increasing surveillance.

Media 352

Media Advertising Surveillance Artificial Intelligence 352

Krebs on Security

OCTOBER 18, 2022

When a participant uses a SNAP payment card at an authorized retail store, their SNAP EBT account is debited to reimburse the store for food that was purchased. Over the past several months, authorities in multiple U.S. EBT is used in all 50 states, the District of Columbia, Puerto Rico, the Virgin Islands, and Guam.

Retail 296

Retail Banking Accountability Technology 296

eSecurity Planet

FEBRUARY 11, 2022

With nothing more than an employee’s face needed to gain access, accounts can be set up and access levels changed relatively easily, without the hassle or insecurity of improperly saved passwords. Also read: Top Single Sign-On (SSO) Solutions for 2022. Best Facial Recognition Software for 2022. Amazon Rekognition.

Software 125

Software Technology Authentication Artificial Intelligence 125

Security Affairs

APRIL 16, 2023

Microsoft warns of a new Remcos RAT campaign targeting US accounting and tax return preparation firms ahead of Tax Day. Tax Day, Microsoft has observed a new Remcos RAT campaign targeting US accounting and tax return preparation firms. Ahead of the U.S. The phishing attacks began in February 2023, the IT giant reported. LNK) files.

Accountability 98

Accountability Phishing Financial Services Surveillance 98

Security Affairs

JULY 31, 2022

A vulnerability, tracked as CVE-2022-30563, impacting Dahua IP Camera can allow attackers to seize control of IP cameras. The CVE-2022-30563 vulnerability impacting Dahua IP Camera can allow attackers to seize control of IP cameras. The issue affects Dahua’s implementation of the Open Network Video Interface Forum ( ONVIF ).

Surveillance 145

Surveillance Authentication Telecommunications Manufacturing 145

Security Affairs

NOVEMBER 18, 2024

government surveillance. Instagram: €405 Million ($427 Million), 2022 Instagram was fined for violating privacy rules concerning children’s data. After the invalidation of the EU-U.S. Privacy Shield in 2020, Meta continued transferring data under a framework that was deemed insufficient to protect European citizens from U.S.

Data privacy 130

Data privacy Risk Surveillance Government 130

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status Vicarius Vulnerability management 2022 Private Dragos ICS and OT security 2021 Private Safeguard Cyber Risk management 2021 Private CyberGRX Risk management 2019 Private Signifyd Fraud protection 2018 Private RedOwl Security analytics 2015 Acquired: Forcepoint. AllegisCyber Investments. Norwest Investments.

Cybersecurity 128

Cybersecurity Technology Marketing Healthcare 128

Malwarebytes

JANUARY 16, 2023

The case of Karlee Besse, an accountant in British Colombia, was recently dismissed by the Civil Resolution Tribunal (CRT) in Canada, with a judge ordering her to pay back her former employer, Reach CPA, for "engaging in time theft"—a revelation that wouldn't have been possible if not for software Reach installed on her computer.

Accountability 98

Accountability Computers and Electronics Software Surveillance 98

Security Affairs

SEPTEMBER 23, 2023

The City of Dallas revealed that the Royal ransomware gang that hit the city system in May used a stolen account. The Royal group began reconnaissance activity in April 2023, and the analysis of system log data dates the beginning of the surveillance operations on April 7, 2023. ” reads the report. ” reads the report.

Ransomware 136

Ransomware Surveillance Healthcare Accountability 136

Security Boulevard

FEBRUARY 17, 2025

The more accounts you have, the bigger your attack surface and potential exposure to data breaches. Tips for finding old accounts. Surveillance Tech in the News This section covers surveillance technology and methods in the news. Malware campaigns covered generally target/affect the end user.

Surveillance 52

Surveillance Data breaches VPN Malware 52

Security Affairs

APRIL 13, 2023

Chinese video surveillance giant Hikvision addressed a critical vulnerability in its Hybrid SAN and cluster storage products. Chinese video surveillance giant Hikvision addressed an access control vulnerability, tracked as CVE-2023-28808, affecting its Hybrid SAN and cluster storage products. 8 for Hybrid SAN and version 1.1.4

Surveillance 98

Surveillance Education Media Hacking 98

Security Affairs

DECEMBER 4, 2022

. “The ability to gather piles of evidence on a potential crime from an automobile—sometimes more than can be obtained from a smartphone and often less well secured—is something that immigration and border cops have increasingly latched on to in 2022.” ” Forbes reports. ” continues Forbes.

Surveillance 111

Surveillance Technology Hacking Mobile 111

Security Boulevard

DECEMBER 3, 2022

mass surveillance campaigns internationally including the active use of variety of tags and automatically registered Twitter accounts. Although many of the accounts appear to be currently suspended the earliest tweets part of the campaign date back to July, 2022 and the campaign appears to be currently and still ongoing.

Accountability 98

Accountability Surveillance 98

Security Affairs

JUNE 3, 2024

. “Upon analyzing Headlace geofencing scripts and countries targeted by credential harvesting campaigns from 2022 onwards, Insikt Group identified that thirteen separate countries were targeted by BlueDelta. As expected, Ukraine topped the list, accounting for 40% of the activity.”

Malware 143

Malware Phishing Surveillance Internet 143

Security Affairs

FEBRUARY 13, 2022

to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps. US seizes $3.6 US seizes $3.6 Pierluigi Paganini.

Spyware 98

Spyware Ransomware Surveillance Hacking 98

Security Affairs

JULY 24, 2022

is optimized to automatically bypass censorship A massive cyberattack hit Albania Watch out for the CVE-2022-30136 Windows NFS Remote Code Execution flaw Graff paid a $7.5M is optimized to automatically bypass censorship A massive cyberattack hit Albania Watch out for the CVE-2022-30136 Windows NFS Remote Code Execution flaw Graff paid a $7.5M

Spyware 109

Spyware Surveillance Insurance Malware 109

Malwarebytes

OCTOBER 11, 2023

It’s spying when governments do it through opaque, mass surveillance regimes, it’s spying when companies do it through shadowy data broker networks that braid together disparate streams of information, and it’s spying when private individuals do it through unseen behavior on personal devices.

Surveillance 130

Surveillance Passwords Software Technology 130

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 98

Data breaches Malware Mobile Spyware 98

SecureList

NOVEMBER 28, 2024

The most remarkable findings In the second half of 2022, a wave of attacks from an unknown threat actor targeted victims with a new type of attack framework that we dubbed P8. Notably, the infections within the telecoms provider have been traced back to 2022.

Malware 118

Malware Government Software Spyware 118

Security Affairs

MARCH 26, 2023

NCA infiltrates the cybercriminal underground with fake DDoS-for-hire sites Pwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-days CISA announced the Pre-Ransomware Notifications initiative China-linked hackers target telecommunication providers in the Middle East City of Toronto is one of the victims hacked by Clop gang using GoAnywhere (..)

Data breaches 98

Data breaches DDOS Backups Hacking 98

CyberSecurity Insiders

JANUARY 6, 2023

Network visibility accounts for the information of everyone who interacts with your servers––from their IP address and protocol to the amount of time they’ve spent on your network. In the last few years, fueled partly by the pandemic, internet traffic has exploded, growing at an annual rate of 30% between 2018 and 2022.

Marketing 135

Marketing B2B Surveillance Risk 135

CyberSecurity Insiders

NOVEMBER 23, 2022

In 2022, it took around 9 months to identify and contain a breach. Both access control and surveillance are essential elements in a security strategy. Surveillance helps deter unauthorized users from attempting to enter the building and provides a record of any incident. . What Is An On-Premise Video And Access Control System?

Cybersecurity 78

Cybersecurity Surveillance Passwords Mobile 78

Malwarebytes

OCTOBER 25, 2023

We have previously reported about PimEyes being accused of " surveillance and stalking on a scale previously unimaginable " after privacy campaign group Big Brother Watch filed a complaint in 2022 with the UK’s Information Commissioner's Office (ICO), claiming that PimEyes facilitates stalking.

Engineering 120

Engineering Identity Theft Surveillance Technology 120

Security Affairs

JANUARY 2, 2023

Given the vast level of tracking and surveillance that technology companies can embed into their widely used products, it is only fair that consumers be informed of how important user data, including information about their every move, is gathered, tracked, and utilized by these companies. Racine (@AGKarlRacine) December 30, 2022.

Consumer Protection 98

Consumer Protection Data collection Surveillance Accountability 98

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 98

Spyware Ransomware Malware Data breaches 98

Security Affairs

MAY 2, 2023

TBK Vision is a video surveillance company that provides network CCTV devices and other related equipment, including DVRs for the protection of critical infrastructure facilities. The CVE-2018-9995 flaw is due to an error when handling a maliciously crafted HTTP cookie.

Authentication 98

Authentication Surveillance Retail Education 98

Malwarebytes

MAY 9, 2023

Timeline Our investigation started in September 2022, when one of our former coworkers Hossein Jazi discovered an interesting lure , that seemed to target some entities over the war context: Tweet published by @hjazi in September 2022 In fact, this is the attack that Kaspersky analyzed in its blog.

Surveillance 90

Surveillance Accountability DNS Encryption 90

SecureList

MARCH 13, 2024

In most countries around the world, use of stalkerware is currently not prohibited, but installing a surveillance application on another person’s smartphone without their consent is illegal and punishable. Nevertheless, iPhone users fearing surveillance should always keep a close eye on their device.

Mobile 108

Mobile Passwords Surveillance Technology 108

Malwarebytes

SEPTEMBER 14, 2022

More than 1 billion suspicious messages and spam texts have been sent in the Philippines in 2022 so far. Turned down due to a lack of detail and guidelines which “may give rise to a situation of dangerous state intrusion and surveillance threatening many constitutionally protected rights”, it’s now back on the table.

Media 83

Media Surveillance Cybercrime Accountability 83

Security Affairs

DECEMBER 2, 2022

Naturally, threat actors follow the trend and exploit the technology for surveillance, payload delivery, kinetic operations, and even diversion. Let’s dive into some examples of how enterprises must account for external drones entering their airspace and cyber threats to drones operated by the enterprise.

Cybersecurity 144

Cybersecurity Wireless Computers and Electronics Penetration Testing 144

Malwarebytes

MAY 24, 2022

An unknown Advanced Persistent Threat (APT) group has targeted Russian government entities with at least four separate spear phishing campaigns since late February, 2022. This email also contains links to fake Instagram and Facebook accounts. The rostec.digital facebook account. The rostec.digital Instagram account.

Malware 145

Malware Phishing Government Accountability 145

Security Affairs

MAY 14, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog. We are in the final !

Data breaches 98

Data breaches DDOS Ransomware Hacking 98