Security Boulevard

MARCH 24, 2025

This is a news item roundup of privacy or privacy-related news items for 16 MAR 2025 - 22 MAR 2025. Surveillance Tech in the News This section covers surveillance technology and methods in the news. The post Privacy Roundup: Week 12 of Year 2025 appeared first on Security Boulevard.

Surveillance 75

Surveillance Telecommunications Data breaches Spyware 75

Zero Day

JUNE 17, 2025

Written by Lance Whitney, Contributor June 17, 2025 at 11:25 a.m. Also: Why multi-factor authentication is absolutely essential in 2025 You may think that such messages are handled directly by the companies and websites for which you have an account. Here's how it happened and why it's a problem.

Authentication 108

Authentication Password Management Small Business Passwords 108

Security Affairs

APRIL 8, 2025

WhatsApp addressed a flaw, tracked as CVE-2025-30401, that could allow attackers to trick users and enable remote code execution. WhatsApp released a security update to address a vulnerability, tracked as CVE-2025-30401, that could let attackers trick users and enable remote code execution.

Spyware 115

Spyware Surveillance Hacking Media 115

Security Boulevard

MARCH 31, 2025

This is a news item roundup of privacy or privacy-related news items for 23 MAR 2025 - 29 MAR 2025. Surveillance Tech in the News This section covers surveillance technology and methods in the news. Tracked as CVE-2025-2783, this vulnerability, when exploited, could allow attackers to bypass Chromium's sandbox.

VPN 59

VPN Surveillance Malware Data breaches 59

BH Consulting

JANUARY 30, 2025

Cyber risk remains top of mind for business leaders A regular January fixture, the World Economic Forums Global Risk Report 2025 features two technology-related threats among the top five risks for the year ahead and beyond. The Electronic Frontier Federation has a good explainer of the surveillance mechanism behind the world of online ads.

Cyber Risk 69

Cyber Risk Computers and Electronics Risk CISO 69

Security Boulevard

MARCH 17, 2025

This is a news item roundup of privacy or privacy-related news items for 9 MAR 2025 - 15 MAR 2025. Surveillance Tech in the News This section covers surveillance technology and methods in the news. CVE-2025-26633 , a security feature bypass in Microsoft Management Console.

Surveillance 59

Surveillance Data breaches Spyware Malware 59

Security Affairs

APRIL 18, 2025

The two vulnerabilities are: CoreAudio (CVE-2025-31200) The vulnerability is a memory corruption issue that was addressed with improved bounds checking. RPAC (CVE-2025-31201) An attacker with read/write access could bypass Pointer Authentication on iOS. Apple addressed the flaw by removing the vulnerable code.

Authentication 102

Authentication Surveillance Passwords Media 102

Security Boulevard

FEBRUARY 17, 2025

This is a news item roundup of privacy or privacy-related news items for 9 FEB 2025 - 15 FEB 2025. Surveillance Tech in the News This section covers surveillance technology and methods in the news. CVE-2025-21418. CVE-2025-21391. CVE-2025-21194. Tips for finding old accounts.

Surveillance 52

Surveillance Data breaches VPN Malware 52

Security Affairs

APRIL 5, 2025

The researchers Evan Connelly reported the flaw to Verizon on February 22, 2025, the vulnerability was addressed in mid-March. Call metadata can enable real-time surveillance if misused. It offers features like spam detection, automatic blocking of high-risk spam calls, and the ability to report unwanted numbers.

Wireless 104

Wireless Surveillance Risk Media 104

Malwarebytes

JULY 3, 2025

And seven years on, the Bureau’s defenses against this kind of surveillance are still inadequate. The findings came to light in a June 2025 report from the DoJ’s Inspector General. The document details just how damaging this type of surveillance can be.

Hacking 99

Hacking Surveillance Risk Mobile 99

Security Affairs

MARCH 20, 2025

In March 2025, threat actors distributed archived messages through Signal. CERT-UA’s report states that the UAC-0200 activity has been tracked since summer 2024, with recent decoy messages (since February 2025) focusing on UAVs and electronic warfare. CERT-UA published Indicators of Compromise (IoCs) for the ongoing campaign.

Computers and Electronics 107

Computers and Electronics Telecommunications Malware Surveillance 107

Security Affairs

MARCH 21, 2025

— Operation Zero (@opzero_en) March 20, 2025 A zero-day broker like Operation Zero might be willing to pay millions for Telegram exploits for several reasons, including: Government and Intelligence Demand Telegram is widely used for secure communication, including by journalists, activists, dissidents, and political figures. .

Government 144

Government Surveillance Hacking Mobile 144

Security Boulevard

MARCH 3, 2025

This is a news item roundup of privacy or privacy-related news items for 23 FEB 2025 - 1 MAR 2025. Surveillance Tech in the News This section covers surveillance technology and methods in the news. The surveillance tech waiting for workers as they return to the office ArsTechnica RTO continues to pick up steam.

Surveillance 52

Surveillance Data breaches Firmware Encryption 52

Security Affairs

JULY 4, 2025

As such, these apps are commonly referred to as “stalkerware” (or spouseware) for their propensity to facilitate non-consensual surveillance of spouses and romantic partners, which is illegal. Daigle shared his findings with TechCrunch security editor Zack Whittaker, who contacted Google on June 23, 2025.

Spyware 77

Spyware Passwords Data collection Surveillance 77

Penetration Testing

JUNE 17, 2025

The flaws, coordinated by CERT@VDE, are tracked as CVE-2025-25264 and CVE-2025-25265, and have been assigned CVSS scores of 8.8 The most severe of the two, CVE-2025-25264, stems from an overly permissive Cross-Origin Resource Sharing (CORS) policy. respectively.

Firmware 60

Firmware Penetration Testing Manufacturing Advertising 60

Security Affairs

FEBRUARY 13, 2025

The trend of malicious targeting in the drone manufacturing segment increased during Q3-Q4 2024 and continued into Q1 2025. Unmanned Aerial Vehicles (UAVs), commonly known as drones, have become integral to modern military operations, particularly for intelligence, surveillance, and reconnaissance (ISR) missions.

Technology 87

Technology Surveillance Manufacturing Cyber threats 87

Security Affairs

JUNE 24, 2025

link] — Andy Stone (@andymstone) June 23, 2025 Stone noted WhatsApp messages are end-to-end encrypted by default, providing stronger security than most apps on the CAO’s approved list, which lack this protection. ” the company spokesman added.

Government 96

Government Spyware Mobile Encryption 96

eSecurity Planet

JUNE 25, 2025

Briar Briar is built for when traditional networks fail, or surveillance is everywhere. The post Protect Your Privacy: Best Secure Messaging Apps in 2025 appeared first on eSecurity Planet. It syncs chats directly over Bluetooth, Wi‑Fi, or USB, so you can stay connected offline or under censorship pressure.

Encryption 58

Encryption Data collection Backups Accountability 58

Zero Day

JUNE 22, 2025

Written by Charlie Osborne, Contributing Writer and  Lance Whitney, Contributor June 22, 2025 at 1:30 a.m. Rather, this is based on 30 different datasets that Cybernews said it's been monitoring since the beginning of 2025. Here's how to check if your accounts are at risk and what to do next. billion records each.

Passwords 101

Passwords Data breaches Password Management Accountability 101

Approachable Cyber Threats

OCTOBER 24, 2024

The proposed CMMC rule cleared review and is expected to be published in early October - meaning third-party assessment requirements for DoD contracts could be in place as early as June 2025. What is a JSVA?”

Surveillance 97

Surveillance Risk Technology Cybersecurity 97

Zero Day

JUNE 20, 2025

Written by Charlie Osborne, Contributing Writer and  Lance Whitney, Contributor June 20, 2025 at 9:32 a.m. Rather, this is based on 30 different datasets that Cybernews said it's been monitoring since the beginning of 2025. Here's how to check if your accounts are at risk and what to do next. billion records each.

Passwords 106

Passwords Data breaches Password Management Identity Theft 106

eSecurity Planet

JUNE 25, 2025

Briar Briar is built for when traditional networks fail, or surveillance is everywhere. The post Protect Your Privacy: Best Secure Messaging Apps in 2025 appeared first on eSecurity Planet. It syncs chats directly over Bluetooth, Wi‑Fi, or USB, so you can stay connected offline or under censorship pressure.

Encryption 52

Encryption Data collection Backups Accountability 52

Security Affairs

JANUARY 29, 2025

Cybersecurity and Infrastructure Security Agency (CISA) added Apple Multiple Products Use-After-Free Vulnerability, tracked as CVE-2025-24085 ,to its Known Exploited Vulnerabilities (KEV) catalog. Usually, such kinds of vulnerabilities are exploited by nation-state actors or commercial surveillance spyware vendors in targeted attacks.

Spyware 59

Spyware Surveillance Media Hacking 59

Security Affairs

JUNE 30, 2025

Canada ordered Chinese surveillance firm Hikvision to cease all operations in the country, citing national security concerns. following a national security review under the Investment Canada Act: pic.twitter.com/Gvl6aWRxyQ — Mélanie Joly (@melaniejoly) June 28, 2025 The ban includes its business and technology use.

Surveillance 72

Surveillance Government Manufacturing Technology 72

The Last Watchdog

MAY 29, 2025

Related: Shareholders sue over murder At RSAC 2025, I sat down with Chuck Randolph , SVP of Strategic Intelligence and Security at 360 Privacy , to unpack a trend reshaping the threat landscape: the weaponization of personal data against corporate leaders and high-net-worth individuals. Todays adversaries are exploiting digital breadcrumbs.

Cyber Risk 130

Cyber Risk Risk Surveillance Cybercrime 130

Security Affairs

JUNE 27, 2025

APT42 focuses on highly targeted spear-phishing and social engineering techniques, its operations broadly fall into three categories, credential harvesting, surveillance operations, and malware deployment. “The threat actors directed victims who engaged with them to fake Gmail login pages or Google Meet invitations.

Phishing 80

Phishing Education Social Engineering Surveillance 80

SecureWorld News

JULY 2, 2025

Governor Greg Abbott recently signed House Bill 149 , formally titled the Texas Responsible Artificial Intelligence Governance Act (TRAIGA), on June 22, 2025. Critics may argue this misses major commercial threats from AI used in surveillance, retail profiling, or hiring tools.) Texas is making waves in AI governance.

Government 111

Government Artificial Intelligence Risk Technology 111

Security Affairs

JANUARY 19, 2025

CISA adds Aviatrix Controllers vulnerability to its Known Exploited Vulnerabilities catalog ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems Russia-linked APT Star Blizzard targets WhatsApp accounts Prominent US law firm Wolf Haldenstein disclosed a data breach Clop Ransomware exploits Cleo File Transfer flaw: dozens (..)

Spyware 69

Spyware Data breaches DNS Firewall 69

Tech Republic Security

FEBRUARY 7, 2025

As reported by The Washington Post, Apple received notice of a possible request in March 2024, but the official ask occurred in January 2025.

Encryption 187

Encryption Government Surveillance Cybersecurity 187

The Hacker News

APRIL 28, 2025

In a new campaign detected in March 2025, senior members of the World Uyghur Congress (WUC) living in exile have been targeted by a Windows-based malware that's capable of conducting surveillance.

Malware 99

Malware Surveillance Phishing 99

Adam Shostack

FEBRUARY 12, 2025

The example of a dos threat being high impact for a disease surveillance lab, and low impact to an agricultural researcher is great. L582, if Globus treats encryption as optional in the year 2025, NIST should select a more secure example to reference, such as scp. How does that activity differ from whats in this guide? is excellent.

Risk 147

Risk Manufacturing Encryption Surveillance 147

The Last Watchdog

JANUARY 6, 2022

billion by 2025. As a result, The majority of businesses (55 percent) are using some sort of a tool to monitor for insider threats; including data leak prevention (DLP) software (54 percent), user behavior analytics (UBA) software (50 percent), and employee monitoring and surveillance (47 percent).

Marketing 279

Marketing Software Surveillance Information Security 279

Zero Day

JUNE 27, 2025

Written by Kennedy Otieno, Contributing Writer June 27, 2025 at 3:30 a.m. The team of developers behind the service say they're advocates of digital autonomy and freedom from surveillance, which may explain why the app offers so many protection features. Here's who we'd recommend it to the most.

VPN 59

VPN Password Management Small Business Internet 59

Security Boulevard

FEBRUARY 10, 2025

This is a news item roundup of privacy or privacy-related news items for 2 FEB 2025 - 8 FEB 2025. Surveillance Tech in the News This section covers surveillance technology and methods in the news. The post Privacy Roundup: Week 6 of Year 2025 appeared first on Security Boulevard.

Spyware 52

Spyware Surveillance Government Data breaches 52

Security Affairs

MARCH 3, 2025

In a statement published on 25 February 2025, Cellebrite announced that it had blocked Serbia from using its solution after reports that police used it to unlock and infect the phones of a journalist and activist. CVE-2024-53104 was patched in Androids February 2025 update, while CVE-2024-53197 and CVE-2024-50302 (CVSS score of 5.5)

Hacking 67

Hacking Spyware Technology Surveillance 67

Security Boulevard

JANUARY 27, 2025

This is a news item roundup of privacy or privacy-related news items for 19 JAN 2025 - 25 JAN 2025. Surveillance Tech in the News This section covers surveillance technology and methods in the news. The post Privacy Roundup: Week 4 of Year 2025 appeared first on Security Boulevard.

Surveillance 52

Surveillance Data breaches Backups Malware 52

Security Affairs

FEBRUARY 9, 2025

Malware Malicious packages deepseeek and deepseekai published in Python Package Index Coyote Banking Trojan: A Stealthy Attack via LNK Files Go Supply Chain Attack: Malicious Package Exploits Go Module Proxy Caching for Persistence Rat Race: ValleyRAT Malware Targets Organizations with New Delivery Techniques Semantic Entanglement-Based Ransomware (..)

Spyware 60

Spyware Cybercrime Scams Social Engineering 60