Security Affairs

MARCH 13, 2025

North Korea-linked threat actor ScarCruft (aka APT37 , Reaper, and Group123) is behind a previously undetected Android surveillance tool namedKoSpythat was used to target Korean and English-speaking users. The researchers state that the threat is a relatively new malware family with early samples going back to March 2022.

Spyware 80

Spyware Surveillance Encryption Malware 80

Security Affairs

APRIL 17, 2023

The Israeli surveillance firm QuaDream is allegedly shutting down its operations after Citizen Lab and Microsoft uncovered their spyware. Last week Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. and 14.4.2,

Surveillance 98

Surveillance Spyware Education Media 98

Security Affairs

APRIL 12, 2023

At least five members of civil society worldwide have been targeted with spyware and exploits developed by surveillance firm QuaDream. Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. ” concludes Citizen Lab.

Spyware 98

Spyware Surveillance Government Malware 98

Security Affairs

JUNE 17, 2022

Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country.

Spyware 106

Spyware Surveillance Telecommunications Mobile 106

Security Affairs

FEBRUARY 12, 2023

Australia’s Defense Department announced that they will remove surveillance cameras made by Chinese firms linked to the government of Beijing. Australia’s Defense Department is going to replace surveillance cameras made by Chinese firms Hikvision and Dahua, who are linked to the government of Beijing. ” reported The Guardian. “We

Surveillance 98

Surveillance Government Manufacturing Risk 98

Security Affairs

APRIL 1, 2023

Five of the issues added by CISA to its catalog are part of the exploits used by surveillance vendors to target mobile devices with their commercial spyware: CVE-2021-30900 – Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability. CISA orders federal agencies to fix this flaw by April 20, 2023.

Spyware 98

Spyware Surveillance Mobile Education 98

Security Affairs

NOVEMBER 11, 2022

Lookout researchers discovered two long-running surveillance campaigns targeting the ethnic minority Uyghurs. Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. List of installed packages. Call logs and geocoded location associated with the call.

Surveillance 98

Surveillance Spyware Malware Mobile 98

Security Affairs

JULY 19, 2023

government added surveillance technology vendors Cytrox and Intellexa to an economic blocklist for trafficking in cyber exploits. Government warns of the key role that surveillance technology plays in surveillance activities that can lead to repression and other human rights abuses. national security or foreign policy interests.

Surveillance 98

Surveillance Spyware Government Technology 98

Security Affairs

APRIL 26, 2022

An interesting article published by The Intercept reveals the secretive business of a US surveillance firm named Anomaly Six. While Russia was invading Ukraine in February, two unknown surveillance startups, Anomaly Six and Zignal Labs joined forces to provide powerful surveillance services.

Surveillance 98

Surveillance Mobile Government Media 98

Security Affairs

APRIL 18, 2023

Citizen Lab reported that Israeli surveillance firm NSO Group used at least three iOS zero-click exploits in 2022. A new report from Citizen Lab states that the Israeli surveillance firm NSO Group used at least three zero-click zero-day exploits to deliver its Pegasus spyware. ” reads the report. ” reads the report.

Surveillance 98

Surveillance Spyware Education Risk 98

Security Affairs

MAY 1, 2023

Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). However, much of the victim data points to its broader usage, which indicates targeted surveillance efforts towards minorities within Iran.”

Surveillance 98

Surveillance Malware Spyware Accountability 98

Security Affairs

DECEMBER 23, 2022

An Iranian group hacked dozens of CCTV cameras in Israel in 2021 and maintained access for a long period of time. התחקיר המלא של @orenaharoni1 – מחר ב- #חדשותהערב pic.twitter.com/fMhv3i8S72 — כאן חדשות (@kann_news) December 19, 2022. pic.twitter.com/6ZKjb0fsy9 — Joe Truzman (@JoeTruzman) November 24, 2022.

Hacking 98

Hacking Surveillance Internet Internet 98

Security Affairs

JULY 28, 2022

The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) researchers linked a threat group known as Knotweed to an Austrian surveillance firm named DSIRF, known for using multiple Windows and Adobe zero-day exploits. SecurityAffairs – hacking, Subzero malware). ” concludes Microsoft.

Surveillance 100

Surveillance Malware Authentication Accountability 100

Security Affairs

OCTOBER 28, 2022

Google Thursday released an emergency patch for Chrome 107 to address the actively exploited zero-day vulnerability CVE-2022-3723. Google released an emergency update for the Chrome 107 to address an actively exploited zero-day vulnerability tracked as CVE-2022-3723. šek, Milánek, and Przemek Gmerek of Avast on October 25, 2022.

Engineering 141

Engineering Surveillance Hacking Information Security 141

Security Affairs

MAY 23, 2022

We assess the exploits were packaged by a single commercial surveillance company, Cytrox, and sold to different govt-backed actors. link] — Shane Huntley (@ShaneHuntley) May 19, 2022. The attacks aimed at installing the surveillance spyware Predator, developed by the North Macedonian firm Cytrox. Pierluigi Paganini.

Spyware 145

Spyware Surveillance Government Banking 145

Security Affairs

JULY 31, 2022

A vulnerability, tracked as CVE-2022-30563, impacting Dahua IP Camera can allow attackers to seize control of IP cameras. The CVE-2022-30563 vulnerability impacting Dahua IP Camera can allow attackers to seize control of IP cameras. SecurityAffairs – hacking, IP Cameras). ” reads the advisory published by Nozomi Networks.

Surveillance 145

Surveillance Authentication Telecommunications Manufacturing 145

Security Affairs

JANUARY 29, 2024

In early December, Ukraine’s SBU announced they shut down two surveillance cameras that were allegedly hacked by the Russian intelligence services to spy on air defense forces and critical infrastructure in Kyiv. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, SBU)

Surveillance 138

Surveillance DDOS Mobile Hacking 138

Security Affairs

NOVEMBER 18, 2024

government surveillance. Instagram: €405 Million ($427 Million), 2022 Instagram was fined for violating privacy rules concerning children’s data. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, GDPR ) After the invalidation of the EU-U.S.

Data privacy 130

Data privacy Risk Surveillance Government 130

Security Affairs

DECEMBER 6, 2023

CVE-2022-22071 was included in our May 2022 public bulletin. Google Threat Analysis Group and Google Project Zero first reported that the CVE-2023-33106, CVE-2023-33107, CVE-2022-22071 and CVE-2023-33063 were actively exploited in targeted attacks. CISA orders federal agencies to fix these vulnerabilities by December 26, 2023.

Surveillance 137

Surveillance Hacking Cybersecurity Risk 137

Security Affairs

APRIL 13, 2022

Researchers discovered five vulnerabilities that can be exploited to remotely hack hospital Aethon’s TUG autonomous mobile robots. SecurityAffairs – hacking, TUG autonomous mobile robots). The post JekyllBot:5 flaws allow hacking TUG autonomous mobile robots in hospitals appeared first on Security Affairs. Pierluigi Paganini.

Mobile 111

Mobile Hacking Firmware Surveillance 111

Security Affairs

NOVEMBER 30, 2022

Google’s Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. The vulnerabilities in Google, Microsoft and Mozilla exploited by the company were fixed in 2021 and early 2022. SecurityAffairs – hacking, Variston). ” TAG concludes. Pierluigi Paganini.

Spyware 110

Spyware Surveillance Risk Hacking 110

Security Affairs

MARCH 3, 2023

According to rumors, the Polish special services are using surveillance software to spy on government opponents. The news of the hack was reported by the Gazeta Wyborcza daily, and unfortunately, it isn’t the first time that the Pegasus spyware was used in the country.

Spyware 98

Spyware Surveillance Hacking Government 98

Security Affairs

SEPTEMBER 20, 2024

German law enforcement agencies have been surveilling Tor network by operating their own servers for months. Research conducted by ARD’s Panorama and STRG_F revealed that data collected during surveillance is processed using statistical methods, effectively breaking Tor’s anonymity. in June 2022.

Surveillance 142

Surveillance Data collection Media Encryption 142

Security Affairs

SEPTEMBER 27, 2023

Operation Zero was founded in 2022 by Sergey Zelenyuk, a former Kaspersky Lab security researcher. In April 2023, Operation Zero announced its expansion into the United Arab Emirates (UAE), seeking to attract new customers in the Middle East, where the surveillance market has exploded. ” states the company.

Mobile 141

Mobile Surveillance Marketing Hacking 141

Security Affairs

DECEMBER 4, 2022

. “The ability to gather piles of evidence on a potential crime from an automobile—sometimes more than can be obtained from a smartphone and often less well secured—is something that immigration and border cops have increasingly latched on to in 2022.” SecurityAffairs – hacking, infotainment systems). Pierluigi Paganini.

Surveillance 110

Surveillance Technology Hacking Mobile 110

Security Affairs

OCTOBER 4, 2023

Google Threat Analysis Group and Google Project Zero first reported that the CVE-2023-33106, CVE-2023-33107, CVE-2022-22071 and CVE-2023-33063 are actively exploited in targeted attacks. “CVE-2022-22071 was included in our May 2022 public bulletin. ” reads the advisory.

Firmware 127

Firmware Surveillance Authentication Manufacturing 127

Security Affairs

JULY 5, 2023

Swedish data protection watchdog warns companies against using Google Analytics due to the risk of surveillance operated by the US government. The Swedish data protection watchdog warned businesses against using Google Analytics due to the risk of surveillance carried out by the US government.

Surveillance 98

Surveillance Government Risk Hacking 98

Security Affairs

APRIL 13, 2023

Chinese video surveillance giant Hikvision addressed a critical vulnerability in its Hybrid SAN and cluster storage products. Chinese video surveillance giant Hikvision addressed an access control vulnerability, tracked as CVE-2023-28808, affecting its Hybrid SAN and cluster storage products. 8 for Hybrid SAN and version 1.1.4

Surveillance 98

Surveillance Education Media Hacking 98

Security Affairs

MAY 26, 2022

Tails is a security and privacy-oriented Linux distribution, it is a portable operating system that protects against surveillance and censorship. The root cause of the alert is a couple of critical zero-day issues, tracked as CVE-2022-1802 and CVE-2022-1529, in the Firefox browser that was addressed by Mozilla in May.

Surveillance 114

Surveillance Passwords Hacking Encryption 114

Security Affairs

JUNE 7, 2023

June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. Security updates released this month also addressed a vulnerability, tracked as CVE-2022-22706 , that affects the Arm Mali GPU. In early April, U.S.

Spyware 98

Spyware Surveillance Firmware Hacking 98

Security Affairs

MARCH 29, 2023

The first campaign was spotted in November 2022, the exploit chains discovered by TAG researchers were affecting Android and iOS and were delivered via bit.ly The initial landing page was observed hosting the exploits for a WebKit remote code execution zero-day ( CVE-2022-42856 ) and a sandbox escape ( CVE-2021-30900 ) issue.

Spyware 98

Spyware Surveillance Firmware Internet 98

Security Affairs

JANUARY 13, 2022

According to the Congressional Research Service, the MOIS “conducts domestic surveillance to identify regime opponents. It also surveils anti-regime activists abroad through its network of agents placed in Iran’s embassies.” CyberIsATeamSport [link] — FBI (@FBI) January 12, 2022. SecurityAffairs – hacking, Iran).

Surveillance 142

Surveillance Malware Telecommunications Hacking 142

Security Affairs

DECEMBER 12, 2024

Lookout researchers linked the BoneSpy and PlainGnome Android surveillance families to the Russian APT group Gamaredon (a.k.a. Early 2022 evidence suggests potential enterprise targeting, but no Ukrainian victims have been confirmed. These findings tie the mobile surveillance families to Gamaredons desktop campaigns.

Mobile 99

Mobile Malware Surveillance Social Engineering 99

Security Affairs

APRIL 17, 2022

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice. To nominate, please visit:?

Data breaches 100

Data breaches Wireless Hacking Surveillance 100

Security Affairs

MAY 6, 2022

QNAP addressed multiple vulnerabilities, including a critical remote execution flaw affecting the QVR video surveillance solution. QNAP QVR is a video surveillance solution of the Taiwanese vendor which is hosted on its NAS devices and doesn’t require any extra software. SecurityAffairs – hacking, QNAP).

Surveillance 98

Surveillance Hacking Software Cybersecurity 98

Security Affairs

APRIL 19, 2022

63 of them were targeted or infected with the Pegasus spyware, and four others with the spyware developed by another surveillance firm named Candiru. The researchers reported that at least two of them were targeted or infected with both surveillance software. SecurityAffairs – hacking, NSO Group Pegasus). Pierluigi Paganini.

Spyware 108

Spyware Surveillance Government Software 108

Security Affairs

FEBRUARY 13, 2022

to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps. SecurityAffairs – hacking, newsletter).

Spyware 98

Spyware Ransomware Surveillance Hacking 98