2022, Information Security and Surveillance

Poland probes Pegasus spyware abuse under the PiS government

Security Affairs

DECEMBER 3, 2024

According to rumors, the Polish special services are using surveillance software to spy on government opponents. In June 2022, the controversial Israeli surveillance vendor NSO Group told the European Union lawmakers that its Pegasus spyware was used by at least five countries in the region.

Spyware

Spyware Government Surveillance Hacking

Google Threat Intelligence Group (GTIG) tracked 75 actively exploited zero-day flaws in 2024

Security Affairs

APRIL 29, 2025

In 2024, Google tracked 75 exploited zero-day vulnerabilities, down from 98 in 2023 but up from 63 in 2022. The report published by GTIG highlights evolving attacker tactics, better vendor defenses, and growing challenges in detecting commercial surveillance activity. ” continues the report. ” concludes the report.

Surveillance

Surveillance Mobile Software Hacking

Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit?

Security Affairs

AUGUST 28, 2022

Leaked documents show the surveillance firm Intellexa offering exploits for iOS and Android devices for $8 Million. Intellexa is an Israeli surveillance firm founded by Israeli entrepreneur Tal Dilian, it offers surveillance and hacking solution to law enforcement and intelligence agencies. Pierluigi Paganini.

Surveillance

Surveillance Spyware Mobile Hacking

EU officials were targeted with Israeli surveillance software

Security Affairs

APRIL 13, 2022

According to a report published by Reuters, an Israeli surveillance software was used to spy on senior officials in the European Commission. The report did not attribute the attacks to a specific threat actor or did not reveal what information was obtained following the compromise of the victims’ devices. .”

Surveillance

Surveillance Software Spyware Hacking

Israeli surveillance firm QuaDream is shutting down amidst spyware accusations

Security Affairs

APRIL 17, 2023

The Israeli surveillance firm QuaDream is allegedly shutting down its operations after Citizen Lab and Microsoft uncovered their spyware. Last week Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. and 14.4.2,

Surveillance

Surveillance Spyware Education Media

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Security Affairs

JUNE 17, 2022

Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country.

Spyware

Spyware Surveillance Telecommunications Mobile

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

The modular architecture of the malware allows to extend its functionalities for multiple malicious purposes, including surveillance, reconnaissance, information theft, DDoS attacks, and arbitrary code execution.

Computers and Electronics

Computers and Electronics Telecommunications Malware Surveillance

Australian Defense Department will replace surveillance cameras from Chinese firms Hikvision and Dahua

Security Affairs

FEBRUARY 12, 2023

Australia’s Defense Department announced that they will remove surveillance cameras made by Chinese firms linked to the government of Beijing. Australia’s Defense Department is going to replace surveillance cameras made by Chinese firms Hikvision and Dahua, who are linked to the government of Beijing. ” reported The Guardian. “We

Surveillance

Surveillance Government Manufacturing Risk

QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit

Security Affairs

APRIL 12, 2023

At least five members of civil society worldwide have been targeted with spyware and exploits developed by surveillance firm QuaDream. Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. ” concludes Citizen Lab.

Spyware

Spyware Surveillance Government Malware

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 1, 2023

Five of the issues added by CISA to its catalog are part of the exploits used by surveillance vendors to target mobile devices with their commercial spyware: CVE-2021-30900 – Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability. CISA orders federal agencies to fix this flaw by April 20, 2023.

Spyware

Spyware Surveillance Mobile Education

Anomaly Six, a US surveillance firm that tracks roughly 3 billion devices in real-time

Security Affairs

APRIL 26, 2022

An interesting article published by The Intercept reveals the secretive business of a US surveillance firm named Anomaly Six. While Russia was invading Ukraine in February, two unknown surveillance startups, Anomaly Six and Zignal Labs joined forces to provide powerful surveillance services.

Surveillance

Surveillance Mobile Government Media

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Security Affairs

NOVEMBER 11, 2022

Lookout researchers discovered two long-running surveillance campaigns targeting the ethnic minority Uyghurs. Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. List of installed packages. Call logs and geocoded location associated with the call.

Surveillance

Surveillance Spyware Malware Mobile

Iranian govt uses BouldSpy Android malware for internal surveillance operations

Security Affairs

MAY 1, 2023

Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). The researchers are tracking the spyware since March 2020, starting in 2023, multiple security experts [ 1 , 2 ] started monitoring its activity. .

Surveillance

Surveillance Malware Spyware Accountability

PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022

Security Affairs

APRIL 18, 2023

Citizen Lab reported that Israeli surveillance firm NSO Group used at least three iOS zero-click exploits in 2022. A new report from Citizen Lab states that the Israeli surveillance firm NSO Group used at least three zero-click zero-day exploits to deliver its Pegasus spyware. ” reads the report. ” reads the report.

Surveillance

Surveillance Spyware Education Risk

US Gov adds surveillance firms Cytrox and Intellexa to Entity List for trafficking in cyber exploits

Security Affairs

JULY 19, 2023

government added surveillance technology vendors Cytrox and Intellexa to an economic blocklist for trafficking in cyber exploits. national security or foreign policy interests. Government warns of the key role that surveillance technology plays in surveillance activities that can lead to repression and other human rights abuses.

Surveillance

Surveillance Spyware Government Technology

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

Security Affairs

MARCH 13, 2025

North Korea-linked threat actor ScarCruft (aka APT37 , Reaper, and Group123) is behind a previously undetected Android surveillance tool namedKoSpythat was used to target Korean and English-speaking users. The researchers state that the threat is a relatively new malware family with early samples going back to March 2022.

Spyware

Spyware Surveillance Encryption Malware

European firm DSIRF behind the attacks with Subzero surveillance malware

Security Affairs

JULY 28, 2022

The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) researchers linked a threat group known as Knotweed to an Austrian surveillance firm named DSIRF, known for using multiple Windows and Adobe zero-day exploits. The malicious DLL used in the attacks was signed by ‘DSIRF GmbH’.”

Surveillance

Surveillance Malware Authentication Accountability

Cytrox’s Predator spyware used zero-day exploits in 3 campaigns

Security Affairs

MAY 23, 2022

We assess the exploits were packaged by a single commercial surveillance company, Cytrox, and sold to different govt-backed actors. link] — Shane Huntley (@ShaneHuntley) May 19, 2022. The attacks aimed at installing the surveillance spyware Predator, developed by the North Macedonian firm Cytrox.

Spyware

Spyware Surveillance Government Banking

Google fixes a new actively exploited Chrome zero-day, it is the seventh one this year

Security Affairs

OCTOBER 28, 2022

Google Thursday released an emergency patch for Chrome 107 to address the actively exploited zero-day vulnerability CVE-2022-3723. Google released an emergency update for the Chrome 107 to address an actively exploited zero-day vulnerability tracked as CVE-2022-3723. šek, Milánek, and Przemek Gmerek of Avast on October 25, 2022.

Engineering

Engineering Surveillance Hacking Information Security

A flaw in Dahua IP Cameras allows full take over of the devices

Security Affairs

JULY 31, 2022

A vulnerability, tracked as CVE-2022-30563, impacting Dahua IP Camera can allow attackers to seize control of IP cameras. The CVE-2022-30563 vulnerability impacting Dahua IP Camera can allow attackers to seize control of IP cameras. The issue affects Dahua’s implementation of the Open Network Video Interface Forum ( ONVIF ).

Surveillance

Surveillance Authentication Telecommunications Manufacturing

Increased GDPR Enforcement Highlights the Need for Data Security

Security Affairs

NOVEMBER 18, 2024

government surveillance. Amazon: €746 Million ($781 Million), 2021 In 2021, Amazon received a hefty fine for failing to secure proper consent for advertising cookies. Instagram: €405 Million ($427 Million), 2022 Instagram was fined for violating privacy rules concerning children’s data. After the invalidation of the EU-U.S.

Data privacy

Data privacy Risk Surveillance Government

CISA adds Qualcomm flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

DECEMBER 6, 2023

CVE-2022-22071 was included in our May 2022 public bulletin. Google Threat Analysis Group and Google Project Zero first reported that the CVE-2023-33106, CVE-2023-33107, CVE-2022-22071 and CVE-2023-33063 were actively exploited in targeted attacks.

Surveillance

Surveillance Hacking Cybersecurity Risk

Google links three exploitation frameworks to Spanish commercial spyware vendor Variston

Security Affairs

NOVEMBER 30, 2022

Google’s Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. Officially, Variston claims to provide custom security solutions and custom patches for embedded system. Heliconia Files framework delivers a Firefox exploit chain for Windows and Linux.

Spyware

Spyware Surveillance Risk Hacking

Anonymous hacked other Russian organizations, some of the breaches could be severe

Security Affairs

APRIL 20, 2022

Synesis Surveillance System – Anonymous claims to have hacked the Synesis and Kipod surveillance systems. OpRussia #StandWithUkraine #FckPutin [link] — Anonymous TV (@YourAnonTV) April 19, 2022. OpRussia #FckPutin #StandWithUkraine pic.twitter.com/ps95L7gWeN — Anonymous TV (@YourAnonTV) April 19, 2022.

Hacking

Hacking Banking Surveillance Engineering

Tor Project responded to claims that law enforcement can de-anonymize Tor users

Security Affairs

SEPTEMBER 20, 2024

German law enforcement agencies have been surveilling Tor network by operating their own servers for months. Research conducted by ARD’s Panorama and STRG_F revealed that data collected during surveillance is processed using statistical methods, effectively breaking Tor’s anonymity. in June 2022.

Surveillance

Surveillance Data collection Media Hacking

Ukraine’s SBU arrested a member of Pro-Russia hackers group ‘Cyber Army of Russia’

Security Affairs

JANUARY 29, 2024

In early December, Ukraine’s SBU announced they shut down two surveillance cameras that were allegedly hacked by the Russian intelligence services to spy on air defense forces and critical infrastructure in Kyiv. The surveillance cameras were located in residential buildings and were used to monitor the surrounding area and a parking lot.

Surveillance

Surveillance DDOS Mobile Hacking

Russian zero-day broker is willing to pay $20M for zero-day exploits for iPhones and Android devices

Security Affairs

SEPTEMBER 27, 2023

Operation Zero was founded in 2022 by Sergey Zelenyuk, a former Kaspersky Lab security researcher. In April 2023, Operation Zero announced its expansion into the United Arab Emirates (UAE), seeking to attract new customers in the Middle East, where the surveillance market has exploded. ” states the company.

Mobile

Mobile Surveillance Marketing Hacking

Pegasus spyware used to spy on a Polish mayor

Security Affairs

MARCH 3, 2023

According to rumors, the Polish special services are using surveillance software to spy on government opponents. In June 2022, the controversial Israeli surveillance vendor NSO Group told the European Union lawmakers that its Pegasus spyware was used by at least five countries in the region.

Spyware

Spyware Surveillance Hacking Government

Swedish data protection authority rules against the use of Google Analytics

Security Affairs

JULY 5, 2023

Swedish data protection watchdog warns companies against using Google Analytics due to the risk of surveillance operated by the US government. The Swedish data protection watchdog warned businesses against using Google Analytics due to the risk of surveillance carried out by the US government.

Surveillance

Surveillance Government Risk Hacking

June 2023 Security Update for Android fixed Arm Mali GPU bug used by spyware?

Security Affairs

JUNE 7, 2023

June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The June 2023 Android Security Bulletin provides details about the fix for more than fifty vulnerabilities affecting Android devices. In early April, U.S.

Spyware

Spyware Surveillance Firmware Hacking

Experts discovered the first mobile malware families linked to Russia’s Gamaredon

Security Affairs

DECEMBER 12, 2024

Lookout researchers linked the BoneSpy and PlainGnome Android surveillance families to the Russian APT group Gamaredon (a.k.a. Early 2022 evidence suggests potential enterprise targeting, but no Ukrainian victims have been confirmed. These findings tie the mobile surveillance families to Gamaredons desktop campaigns.

Mobile

Mobile Malware Surveillance Social Engineering

An Iranian group hacked Israeli CCTV cameras, defense was aware but didn’t block it

Security Affairs

DECEMBER 23, 2022

התחקיר המלא של @orenaharoni1 – מחר ב- #חדשותהערב pic.twitter.com/fMhv3i8S72 — כאן חדשות (@kann_news) December 19, 2022. A picture shows a security camera of a big security organization that was hacked by Iranian hackers, in Jerusalem, November 24, 2022. גורמי ביטחון ידעו.

Hacking

Hacking Surveillance Internet Internet

USCYBERCOM: MuddyWater APT is linked to Iran’s MOIS intelligence

Security Affairs

JANUARY 13, 2022

.” “MuddyWater is a subordinate element within the Iranian Ministry of Intelligence and Security (MOIS). According to the Congressional Research Service, the MOIS “conducts domestic surveillance to identify regime opponents. CyberIsATeamSport [link] — FBI (@FBI) January 12, 2022.

Surveillance

Surveillance Malware Telecommunications Hacking

Google TAG shares details about exploit chains used to install commercial spyware

Security Affairs

MARCH 29, 2023

The first campaign was spotted in November 2022, the exploit chains discovered by TAG researchers were affecting Android and iOS and were delivered via bit.ly The initial landing page was observed hosting the exploits for a WebKit remote code execution zero-day ( CVE-2022-42856 ) and a sandbox escape ( CVE-2021-30900 ) issue.

Spyware

Spyware Surveillance Firmware Internet

Chipmaker Qualcomm warns of three actively exploited zero-days

Security Affairs

OCTOBER 4, 2023

Google Threat Analysis Group and Google Project Zero first reported that the CVE-2023-33106, CVE-2023-33107, CVE-2022-22071 and CVE-2023-33063 are actively exploited in targeted attacks. Please contact your device manufacturer for more information on the patch status about specific devices.” ” reads the advisory.

Firmware

Firmware Surveillance Authentication Manufacturing

Hikvision fixed a critical flaw in Hybrid SAN and cluster storage products?

Security Affairs

APRIL 13, 2023

Chinese video surveillance giant Hikvision addressed a critical vulnerability in its Hybrid SAN and cluster storage products. Chinese video surveillance giant Hikvision addressed an access control vulnerability, tracked as CVE-2023-28808, affecting its Hybrid SAN and cluster storage products. 8 for Hybrid SAN and version 1.1.4

Surveillance

Surveillance Education Media Hacking

Law enforcement agencies can extract data from thousands of cars’ infotainment systems

Security Affairs

DECEMBER 4, 2022

. “The ability to gather piles of evidence on a potential crime from an automobile—sometimes more than can be obtained from a smartphone and often less well secured—is something that immigration and border cops have increasingly latched on to in 2022.” ” Forbes reports. ” continues Forbes.

Surveillance

Surveillance Technology Hacking Mobile

NSO Group Pegasus spyware leverages new zero-click iPhone exploit in recent attacks

Security Affairs

APRIL 19, 2022

63 of them were targeted or infected with the Pegasus spyware, and four others with the spyware developed by another surveillance firm named Candiru. The researchers reported that at least two of them were targeted or infected with both surveillance software. ” concludes the report.

Spyware

Spyware Surveillance Government Software

Do not use Tails OS until a flaw in the bundled Tor Browser will be fixed

Security Affairs

MAY 26, 2022

Tails is a security and privacy-oriented Linux distribution, it is a portable operating system that protects against surveillance and censorship. The root cause of the alert is a couple of critical zero-day issues, tracked as CVE-2022-1802 and CVE-2022-1529, in the Firefox browser that was addressed by Mozilla in May.

Surveillance

Surveillance Passwords Hacking Encryption

How to Prepare for ISO 27001 Stage 1 and Stage 2 Audits: Expert Tips

Centraleyes

JUNE 16, 2025

ISO 27001 is the international standard for Information Security Management Systems (ISMS). Achieving ISO 27001 certification demonstrates that your organization is committed to protecting sensitive data and managing risks related to information security.

Risk

Risk Information Security Surveillance

QNAP fixes multiple flaws, including a QVR RCE vulnerability

Security Affairs

MAY 6, 2022

QNAP addressed multiple vulnerabilities, including a critical remote execution flaw affecting the QVR video surveillance solution. QNAP QVR is a video surveillance solution of the Taiwanese vendor which is hosted on its NAS devices and doesn’t require any extra software.

Surveillance

Surveillance Hacking Software Cybersecurity

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

The Royal group began reconnaissance activity in April 2023, and the analysis of system log data dates the beginning of the surveillance operations on April 7, 2023. Royal was then able to traverse the internal City infrastructure during the surveillance period using legitimate 3rd party remote management tools.”

Ransomware

Ransomware Surveillance Healthcare Accountability

Researchers analyzed the PREDATOR spyware and its loader Alien

Security Affairs

MAY 29, 2023

Security researchers at Cisco Talos and the Citizen Lab have shared technical details about a commercial Android spyware named Predator that is sold by the surveillance firm Intellexa (formerly known as Cytrox). The attacks aimed at installing the surveillance spyware Predator, developed by the North Macedonian firm Cytrox.

Spyware

Spyware Surveillance Media Malware

HID Mercury Access Controller flaws could allow to unlock Doors

Security Affairs

JUNE 12, 2022

Researchers from security firm Trellix discovered some critical vulnerabilities in HID Mercury Access Controllers that can be exploited by attackers to remotely unlock doors. The flaws impact products manufactured by LenelS2, a provider of advanced physical security solutions (i.e. Overall 4.8. Overall 4.8.

Firmware

Firmware Penetration Testing Manufacturing Authentication

Poland probes Pegasus spyware abuse under the PiS government

Google Threat Intelligence Group (GTIG) tracked 75 actively exploited zero-day flaws in 2024

Trending Sources

Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit?

EU officials were targeted with Israeli surveillance software

Israeli surveillance firm QuaDream is shutting down amidst spyware accusations

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Australian Defense Department will replace surveillance cameras from Chinese firms Hikvision and Dahua

QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Anomaly Six, a US surveillance firm that tracks roughly 3 billion devices in real-time

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Iranian govt uses BouldSpy Android malware for internal surveillance operations

PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022

US Gov adds surveillance firms Cytrox and Intellexa to Entity List for trafficking in cyber exploits

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

European firm DSIRF behind the attacks with Subzero surveillance malware

Cytrox’s Predator spyware used zero-day exploits in 3 campaigns

Google fixes a new actively exploited Chrome zero-day, it is the seventh one this year

A flaw in Dahua IP Cameras allows full take over of the devices

Increased GDPR Enforcement Highlights the Need for Data Security

CISA adds Qualcomm flaws to its Known Exploited Vulnerabilities catalog

Google links three exploitation frameworks to Spanish commercial spyware vendor Variston

Anonymous hacked other Russian organizations, some of the breaches could be severe

Tor Project responded to claims that law enforcement can de-anonymize Tor users

Ukraine’s SBU arrested a member of Pro-Russia hackers group ‘Cyber Army of Russia’

Russian zero-day broker is willing to pay $20M for zero-day exploits for iPhones and Android devices

Pegasus spyware used to spy on a Polish mayor

Swedish data protection authority rules against the use of Google Analytics

June 2023 Security Update for Android fixed Arm Mali GPU bug used by spyware?

Experts discovered the first mobile malware families linked to Russia’s Gamaredon

An Iranian group hacked Israeli CCTV cameras, defense was aware but didn’t block it

USCYBERCOM: MuddyWater APT is linked to Iran’s MOIS intelligence

Google TAG shares details about exploit chains used to install commercial spyware

Chipmaker Qualcomm warns of three actively exploited zero-days

Hikvision fixed a critical flaw in Hybrid SAN and cluster storage products?

Law enforcement agencies can extract data from thousands of cars’ infotainment systems

NSO Group Pegasus spyware leverages new zero-click iPhone exploit in recent attacks

Do not use Tails OS until a flaw in the bundled Tor Browser will be fixed

How to Prepare for ISO 27001 Stage 1 and Stage 2 Audits: Expert Tips

QNAP fixes multiple flaws, including a QVR RCE vulnerability

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Researchers analyzed the PREDATOR spyware and its loader Alien

HID Mercury Access Controller flaws could allow to unlock Doors

Stay Connected