Security Affairs

APRIL 9, 2019

Security experts at LookOut have discovered an iOS version of the dreaded surveillance Android app Exodus that was initially found on the official Google Play Store. Early versions of Exodus app used infrastructure which belonged to a company named Connexxa S.R.L. The developer is also associated with a company called eSurv S.R.L.,

Surveillance 67

Surveillance Spyware Phishing Malware 67

Security Affairs

AUGUST 30, 2019

The hacked sites were being used in indiscriminate watering hole attacks against their visitors, using iPhone 0-day.” “There was no target discrimination; simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant. Apple iOS 12.1.4

Spyware 88

Spyware Hacking Advertising Encryption 88

SecureList

NOVEMBER 10, 2021

In this research, we analyzed various types of threats: malware and unwanted software associated with streaming platforms and the content they offer, as well as phishing pages and fake websites mimicking the world’s biggest streaming services. Apple TV Plus. Methodology. Amazon Prime Video.

Phishing 100

Phishing Accountability Malware Adware 100

Malwarebytes

OCTOBER 13, 2022

Before an authenticator will share a public key or sign you into a site you have to authorise it to do so using a "gesture". Developers can build passkey support on their sites for end-users using Chrome via the WebAuthn API, on Android and other supported platforms. This is similar to Apple's ability to recover a keychain.

Passwords 95

Passwords Authentication Password Management Accountability 95

SecureList

DECEMBER 1, 2023

For most implants, the threat actor uses similar implementations of DLL hijacking (often associated with ShadowPad malware) and memory injection techniques, along with the use of RC4 encryption to hide the payload and evade detection. We reported this threat to Google, who removed all the apps from Google Play.

Malware 98

Malware Ransomware Encryption Energy and Utilities 98

SecureList

MARCH 1, 2021

These apps were placed on malicious websites, hyperlinks were distributed through spam, etc. For example, the GINP banking Trojan pretended to be an app that searched for COVID-19-infected individuals: the victim was coaxed into providing their bank card details under the pretext of a €0.75 Apple’s iOS naturally comes second.

Mobile 138

Mobile Malware Adware Banking 138

Digital Shadows

NOVEMBER 10, 2022

For instance, financially-motivated threat actors often plant in malicious URLs spoofing these events to fraudulent sites, hoping to maximize their chances of scamming naive internet users for a quick (illicit) profit. At the same time, mobile apps constitute an expansion of the attack surface for every organization.

Cyber threats 52

Cyber threats Media Social Engineering Mobile 52

Security Affairs

SEPTEMBER 9, 2018

is out, whats new? . · US charges North Korea agent over Sony Pictures hack and WannaCry. · USB Drives shipped with Schneider Solar Products were infected with malware. · Apple removed the popular app Adware Doctor because steals user browsing history. · Privacy-oriented Linux OS Tails 3.9

Adware 42

Adware Hacking Spyware Data breaches 42

SecureList

MARCH 29, 2023

Additionally, in many markets mobile banking has been pushing out online banking, with more and more convenient and secure banking apps emerging. E-shop brands were the most popular lure, accounting for 15.56% of attempts to visit phishing sites. Meanwhile, cryptocurrency became a prominent target for those seeking monetary gain.

Banking 76

Banking Phishing Cryptocurrency Mobile 76

SecureList

AUGUST 23, 2021

To measure the level of the cybersecurity risk associated with gaming, we investigated several types of threats. We uncovered a massive, coordinated campaign that distributed Swarez Dropper via numerous warez sites that were SEO-optimized. An example of a warez site page used for distributing Swarez. Methodology.

Adware 119

Adware Mobile Phishing Malware 119

SecureList

NOVEMBER 6, 2023

Our investigation encompassed attacks that involved threats disguised as game apps, mods and cheats, and features analysis of some of the most active malware families operating in this domain. Another site offers something named “ Counter-Strike 2 limited test”, but only to those who are willing to link their Steam account.

Mobile 98

Mobile Phishing Accountability Scams 98

Cisco Security

AUGUST 29, 2022

I wanted to be prepared for any changes or new requirements on-site. We received updated plans for the training rooms, Expo Hall and support needs 12 days before we arrived on site. When there were reported issues, we quickly deployed Cisco Meraki engineers or NOC technical associates. to fine tune the network.

Engineering 72

Engineering Wireless Malware DNS 72

BH Consulting

FEBRUARY 7, 2023

Many of the organisations affected by these acts claim that have been complying with self-regulatory codes for years (such as the EU Code of Conduct for Countering Hate Speech Online) and are now struggling with the overheads of dealing with all these new pieces of legislative oversight and with all the agencies associated with them.

Marketing 52

Marketing Digital transformation Advertising Accountability 52

Spinone

FEBRUARY 7, 2018

If your company has a BYOD policy, it can be extremely difficult to manage the apps that are installed and used on users’ own devices that are used for work. These apps can often help improve productivity and collaboration, but they can also introduce many new security risks. User installed apps have a couple of main drawbacks.

Mobile 40

Mobile Data breaches Accountability Risk 40

ForAllSecure

JUNE 16, 2021

Vamosi: Hey, if you're like me you probably have a few 100 apps on your mobile device. So how can you have all those powerful apps on your mobile with less overall memory? How many apps today are vulnerable to leaking API information, how might future API based data breaches work. Okay, that's starting to get very personal.

Hacking 52

Hacking Mobile Authentication Internet 52

ForAllSecure

JUNE 16, 2021

Vamosi: Hey, if you're like me you probably have a few 100 apps on your mobile device. So how can you have all those powerful apps on your mobile with less overall memory? How many apps today are vulnerable to leaking API information, how might future API based data breaches work. Okay, that's starting to get very personal.

Hacking 52

Hacking Mobile Authentication Internet 52

ForAllSecure

OCTOBER 29, 2020

Apple Podcasts. In the summer of 2018 during Rootz, a program to teach kids hacking during the annual DEF CON conference in Las Vegas, Nevada, an eleven-year-old hacker exploited an online imitation of the State of Florida’s Election Site in a matter of minutes. Listen to EP 08: Hacking Voting Systems. Google Podcasts.

Hacking 52

Hacking Mobile Software Technology 52

ForAllSecure

OCTOBER 29, 2020

Apple Podcasts. In the summer of 2018 during Rootz, a program to teach kids hacking during the annual DEF CON conference in Las Vegas, Nevada, an eleven-year-old hacker exploited an online imitation of the State of Florida’s Election Site in a matter of minutes. Listen to EP 08: Hacking Voting Systems. Google Podcasts.

Hacking 52

Hacking Mobile Software Technology 52

ForAllSecure

OCTOBER 20, 2020

Apple Podcasts. In the summer of 2018 during Rootz, a program to teach kids hacking during the annual DEF CON conference in Las Vegas, Nevada, an eleven-year-old hacker exploited an online imitation of the State of Florida’s Election Site in a matter of minutes. Listen to EP 08: Hacking Voting Systems. Google Podcasts.

Hacking 40

Hacking Mobile Software Technology 40

ForAllSecure

SEPTEMBER 21, 2021

They discuss how software and IoT companies can avoid becoming the next Black Mirror episode and share resources that can help survivors (and those who want to help them) deal with the technology issues that can be associated with technologically facilitated abuse. Apps that haven't yet been flagged as such, but do the same thing.

Technology 52

Technology Software Surveillance Media 52

Cisco Security

AUGUST 28, 2023

Endpoint Agents were also deployed on laptops of NOC technical associate personnel and used for mobile diagnostic information in different investigations. On the evening of the day of the Business Hall, there was a new version of the Black Hat / Lead Retrieval app published in the Apple App Store.

Wireless 61

Wireless DNS Mobile Technology 61

ForAllSecure

MAY 13, 2022

Since then Hash started a reverse engineering wiki site called Recessim and created dozens of YouTube videos in a channel of that same name to chronicle his adventures. The site he created is called Recessim. Our story actually begins a few years before with the famous Dallas hacker association. of reverse engineering.

Engineering 52

Engineering Energy and Utilities Computers and Electronics Firmware 52