Accountability, Information Security, Mobile and Surveillance

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Security Affairs

JUNE 24, 2022

Researchers from Google’s Threat Analysis Group (TAG) revealed that the Italian surveillance firm RCS Labs was helped by some Internet service providers (ISPs) in Italy and Kazakhstan to infect Android and iOS users with their spyware. ” reads the report published by Google. Follow me on Twitter: @securityaffairs and Facebook.

Surveillance

Surveillance Mobile Spyware Telecommunications

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Security Affairs

NOVEMBER 11, 2022

Lookout researchers discovered two long-running surveillance campaigns targeting the ethnic minority Uyghurs. Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. List of installed packages. Call logs and geocoded location associated with the call.

Surveillance

Surveillance Spyware Malware Mobile

EU officials were targeted with Israeli surveillance software

Security Affairs

APRIL 13, 2022

According to a report published by Reuters, an Israeli surveillance software was used to spy on senior officials in the European Commission. The report did not attribute the attacks to a specific threat actor or did not reveal what information was obtained following the compromise of the victims’ devices. .”

Surveillance

Surveillance Software Spyware Hacking

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 1, 2023

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. Cybersecurity and Infrastructure Security Agency (CISA) has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Spyware

Spyware Surveillance Mobile Education

Android mobile devices from top vendors in China have pre-installed malware

Security Affairs

FEBRUARY 9, 2023

Researchers reported that the top-of-the-line Android mobile devices sold in China are shipped with malware. The apps were designed to exfiltrate user and device information in a stealthy way, including system info, geolocation, user profile, social relationships, and call history.

Mobile

Mobile Malware Surveillance Spyware

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Security Affairs

APRIL 8, 2020

In October 2019, WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. According to the NSO CEO, Facebook was interested in improving surveillance capabilities on iOS devices of the Onavo Protect. ” Who will win? Facebook or NSO Group? Pierluigi Paganini.

Surveillance

Surveillance Spyware Advertising Government

Egypt regularly spies on opponents and activists with mobile apps

Security Affairs

OCTOBER 4, 2019

Researchers at Check Point discovered that Egypt ‘ government has been spying citizens in a sophisticated surveillance program. Researchers at Check Point discovered that the Egyptian government has been spying on activists and opponents as part of a sophisticated surveillance program. SecurityAffairs – Egypt, surveillance).

Mobile

Mobile Surveillance Government Advertising

Eken camera doorbells allow ill-intentioned individuals to spy on you

Security Affairs

MARCH 3, 2024

Photo: Consumer Reports The security flaws could allow threat actors to view footage from the devices or control them completely. An attacker can exploit the flaws to create an account on the app and gain access to a nearby doorbell camera by pairing it with another device.

Manufacturing

Manufacturing Wireless Retail Surveillance

Pegasus Project – how governments use Pegasus spyware against journalists

Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Spyware

Spyware Government Surveillance Media

FBI warns swatting attacks on owners of smart devices

Security Affairs

JANUARY 2, 2021

According to the alert issued by the FBI, the swatters have been hijacking smart devices such as video and audio capable home surveillance devices. “Recently, offenders have been using victims’ smart devices, including video and audio capable home surveillance devices, to carry out swatting attacks. ” concludes the alert.

Passwords

Passwords Surveillance Manufacturing Accountability

Donot Team targets a Togo prominent activist with Indian-made spyware

Security Affairs

OCTOBER 11, 2021

A Togolese human rights advocate was hit by mobile spyware that has been allegedly developed by an Indian firm called Innefu Labs. The application was in fact a piece of custom Android spyware designed to extract some of the most sensitive and personal information stored on the activist’s phone.”

Spyware

Spyware Surveillance Accountability Mobile

Sextortion campaign uses Goontact spyware to target Android and iOS users

Security Affairs

DECEMBER 16, 2020

“The spyware, which we have named Goontact, targets users of illicit sites, typically offering escort services, and steals personal information from their mobile device.” These sites advertise account IDs for secure messaging apps such as KakaoTalk or Telegram that could allow to communicate with the escorts.

Spyware

Spyware Mobile Surveillance Malware

Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches

Data breaches Malware Mobile Spyware

Rhythm in the algorithm: digital rights groups call on Spotify to abandon voice recognition invention

SC Magazine

APRIL 9, 2021

A screenshot from a music video of hte Evan Greer song, “Surveillance Capitalism,” which tackles the dangers of commercial surveillance technology. Sometimes fighting the excesses of the creeping surveillance economy is done through position papers, coalition building and lawsuits. Our concern is not ‘Hey patch this up.’

Surveillance

Surveillance Artificial Intelligence Technology Media

Rampant Kitten ‘s arsenal includes Android malware that bypasses 2FA

Security Affairs

SEPTEMBER 18, 2020

Security researchers from Check Point discovered an Android malware, developed by an Iran-linked group dubbed Rampant Kitten, that is able to bypass 2FA. Rampant Kitten has been active at least since 2014 and was involved in ongoing surveillance operations against Iranian minorities, anti-regime organizations, and resistance movements.

Malware

Malware Phishing Accountability Advertising

Dangerous permissions detected in top Android health apps

Security Affairs

SEPTEMBER 15, 2023

Leading Android health apps expose users to avoidable threats like surveillance and identity theft, due to their risky permissions. The Android challenge In the digital age, mobile applications have become an integral part of our lives, transforming the way we communicate, work, and entertain ourselves. Cybernews has the story.

Accountability

Accountability Mobile Surveillance Information Security

Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks

Security Affairs

JULY 25, 2019

Researchers at Lookout discovered a new mobile spyware dubbed Monokle that was developed by a Russian defense contractor. Experts at Lookout discovered a new Android mobile spyware in the wild, dubbed Monokle, that was developed by a Russian defense contractor named Special Technology Centre Ltd. ( Pierluigi Paganini.

Spyware

Spyware Surveillance Mobile Advertising

Bouncing Golf cyberespionage campaign targets Android users in Middle East

Security Affairs

JUNE 19, 2019

The attackers appear to be focused o n stealing military-related information. The researchers speculate on a possible connection to Domestic Kitten espionage activities, an extensive surveillance operation conducted by Iranian APT actor aimed at specific groups of individuals since 2016. ” Trend Micro concludes.

Mobile

Mobile Malware Advertising Encryption

Proton Technologies makes the code of ProtonMail iOS App open source

Security Affairs

NOVEMBER 2, 2019

Recently the cybersecurity firm SEC Consult reviewed the source code of the ProtonMail iOS App and found seven low-risk vulnerabilities in the popular mobile mail client. “During the initial code review, SEC Consult found seven low-risk vulnerabilities in the reviewed source code and the mobile app.”

Technology

Technology Mobile Advertising Surveillance

Security Affairs newsletter Round 229 – News of the week

Security Affairs

SEPTEMBER 1, 2019

White hat hacker demonstrated how to hack a million Instagram accounts. A new variant of Trickbot banking Trojan targets Verizon, T-Mobile, and Sprint users. Expert found Russias SORM surveillance equipment leaking user data. Twitter account of Jack Dorsey, Twitter CEO and co-founder, has been hacked.

eCommerce

eCommerce Data breaches Malware Advertising

An attacker was able to siphon audio feeds from multiple Clubhouse rooms

Security Affairs

FEBRUARY 22, 2021

In response to the malicious activity, the company permanently banned the account used by the attacker and deployed new “safeguards” to prevent similar attacks in the future, but ClubHouse was not able to ensure that it will not happen again. ” reported Bloomberg.

CSO

CSO Internet Internet Surveillance

Malicious app exploiting CVE-2019-2215 zero-day available in Google Play since March

Security Affairs

JANUARY 7, 2020

According to Stone, the CVE-2019-2215 vulnerability was being used or sold by the controversial surveillance firm NSO Group , it was exploited by its surveillance software Pegasus. In October, Google released the October 2019 set of Android fixes that addressed the flaw. ” reads a blog post published by Stone.

Surveillance

Surveillance Advertising Marketing Encryption

QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit

Security Affairs

APRIL 12, 2023

At least five members of civil society worldwide have been targeted with spyware and exploits developed by surveillance firm QuaDream. Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. ” concludes Citizen Lab.

Spyware

Spyware Surveillance Government Malware

7 Cyber Security Courses Online For Everybody

Spinone

NOVEMBER 21, 2019

In case you want to train your employees, you may need to use a company account to be able to set scheduled lessons for your staff. to $199 for business accounts. This course covers a broad range of security topics, explaining it with a simple language. But it works only for individual users.

Social Engineering

Social Engineering Accountability Phishing Cybersecurity

WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies

Security Affairs

OCTOBER 30, 2019

WhatsApp sued Israeli surveillance firm NSO Group, accusing it of using a flaw in its messaging service to conduct cyberespionage on journalists and activists. WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. ” reads the lawsuit.

Surveillance

Surveillance Technology Spyware Mobile

Law enforcement agencies can extract data from thousands of cars’ infotainment systems

Security Affairs

DECEMBER 4, 2022

Recently security the security expert researcher Sam Curry warned of vulnerabilities in mobile apps that exposed Hyundai and Genesis car models after 2012 to remote attacks. “New cars are surveillance on wheels, sending sensitive passenger data to carmakers and police.

Surveillance

Surveillance Technology Mobile Hacking

Attack of drones: airborne cybersecurity nightmare

Security Affairs

DECEMBER 2, 2022

Naturally, threat actors follow the trend and exploit the technology for surveillance, payload delivery, kinetic operations, and even diversion. Let’s dive into some examples of how enterprises must account for external drones entering their airspace and cyber threats to drones operated by the enterprise. Danger Drone platform.

Cybersecurity

Cybersecurity Wireless Computers and Electronics Penetration Testing

NSO Group spyware used to compromise iPhones of 9 US State Dept officials

Security Affairs

DECEMBER 3, 2021

Apple warns that the mobile devices of at least nine US Department of State employees were compromised with NSO Group ‘s Pegasus spyware. ” NSO Group told Reuters that it is not aware of the tools used in the attacks and added it has canceled the customer accounts, anyway it declared that will investigate the incidents.

Spyware

Spyware Surveillance Hacking Software

PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022

Security Affairs

APRIL 18, 2023

Citizen Lab reported that Israeli surveillance firm NSO Group used at least three iOS zero-click exploits in 2022. A new report from Citizen Lab states that the Israeli surveillance firm NSO Group used at least three zero-click zero-day exploits to deliver its Pegasus spyware.

Spyware

Spyware Surveillance Education Risk

Cyber Security Informer

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Trending Sources

EU officials were targeted with Israeli surveillance software

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Android mobile devices from top vendors in China have pre-installed malware

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Egypt regularly spies on opponents and activists with mobile apps

Eken camera doorbells allow ill-intentioned individuals to spy on you

Pegasus Project – how governments use Pegasus spyware against journalists

FBI warns swatting attacks on owners of smart devices

Donot Team targets a Togo prominent activist with Indian-made spyware

Sextortion campaign uses Goontact spyware to target Android and iOS users

Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition

Rhythm in the algorithm: digital rights groups call on Spotify to abandon voice recognition invention

Rampant Kitten ‘s arsenal includes Android malware that bypasses 2FA

Dangerous permissions detected in top Android health apps

Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks

Bouncing Golf cyberespionage campaign targets Android users in Middle East

Proton Technologies makes the code of ProtonMail iOS App open source

Security Affairs newsletter Round 229 – News of the week

An attacker was able to siphon audio feeds from multiple Clubhouse rooms

Malicious app exploiting CVE-2019-2215 zero-day available in Google Play since March

QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit

7 Cyber Security Courses Online For Everybody

WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies

Law enforcement agencies can extract data from thousands of cars’ infotainment systems

Attack of drones: airborne cybersecurity nightmare

NSO Group spyware used to compromise iPhones of 9 US State Dept officials

PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022

Stay Connected