Architecture, Malware, Spyware and Surveillance

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Security Affairs

MARCH 2, 2024

Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Meta won the litigation against the Israeli spyware vendor NSO Group , a U.S. from April 29, 2018, to May 10, 2020). from April 29, 2018, to May 10, 2020).

Spyware

Spyware Surveillance Architecture Software

Experts found a macOS version of the sophisticated LightSpy spyware

Security Affairs

MAY 30, 2024

Researchers spotted a macOS version of the LightSpy surveillance framework that has been active in the wild since at least January 2024. Researchers from ThreatFabric discovered a macOS version of the LightSpy spyware that has been active in the wild since at least January 2024. and iOS versions before 11.4.

Spyware

Spyware Malware Surveillance Mobile

Unknown FinSpy Mac and Linux versions found in Egypt

Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. The binaries are obfuscated and do some checks to detect if the spyware is running in a Virtual Machine. ” reads the Amnesty’s report.

Spyware

Spyware Surveillance Mobile Advertising

New FinFisher spyware used to spy on iOS and Android users in 20 countries

Security Affairs

JULY 11, 2019

Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices. Experts at Kaspersky have discovered a new improved variant of the FinFisher spyware used to spy on both iOS and Android users in 20 countries. Pierluigi Paganini.

Spyware

Spyware Mobile Advertising Architecture

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

A China-linked threat actor used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea. Researchers from Kaspersky have spotted a UEFI malware that was involved in attacks on organizations with an interest in North Korea.

Firmware

Firmware Spyware Surveillance Hacking

Zero-Click Attacks a Growing Threat

eSecurity Planet

FEBRUARY 22, 2022

Most attacks make would-be victims click to install malware or redirect them to a phishing page to steal their credentials. NSO Group’s Pegasus software has been routinely in the headlines in recent years for using zero-click attacks to install its spyware. Spyware and Zero-Days: A Troubling Market.

Spyware

Spyware Software Government Social Engineering

Breaking: Apple Sues 'Abusive State-Actor' NSO Group

SecureWorld News

NOVEMBER 23, 2021

The opening lines of the lawsuit say it all: "Defendants are notorious hackers—amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse.". And Apple's Head of Security Engineering and Architecture was extremely blunt when he announced the lawsuit on Twitter.

Spyware

Spyware Surveillance Engineering Software

Advanced threat predictions for 2022

SecureList

NOVEMBER 17, 2021

The Israeli Defense Forces (IDF) have claimed that threat actors have been using catfishing to lure Israeli soldiers into installing spyware. This included DarkHotel and APT29 (aka CozyDuke and CozyBear) with their WellMess malware ( as attributed by the UK NCSC (National Cyber Security Centre ). Mobile devices exposed to wide attacks.

Mobile

Mobile Surveillance Ransomware Government

After SIMJacker, WIBattack hacking technique disclosed. Billions of users at risk

Security Affairs

SEPTEMBER 28, 2019

The scary part of the story is that a private surveillance firm was aware of the zero-day flaw since at least two years and is actively exploiting the SimJacker vulnerability to spy on mobile users in several countries. It also allows changing core network settings on their devices. language, radio type, battery level, etc.).

Hacking

Hacking Mobile Risk Advertising

FinSpy: unseen findings

SecureList

SEPTEMBER 28, 2021

FinSpy, also known as FinFisher or Wingbird , is an infamous surveillance toolset. Kaspersky has been tracking deployments of this spyware since 2011. The Pre-Validator ensures that the victim machine is not used for malware analysis. The macOS version of the malware is not as complicated as the Windows one.

Encryption

Encryption Malware Spyware Architecture

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

The malware posed as ransomware, demanding money from the victims for “decrypting” their data. UNC4841 deployed new malware designed to maintain presence on a small subset of high-priority targets compromised either before the patch was released or shortly afterwards. Verdict: prediction not fulfilled ❌ 7.

Hacking

Hacking Energy and Utilities Media Malware

Cyber Security Informer

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Experts found a macOS version of the sophisticated LightSpy spyware

Trending Sources

Unknown FinSpy Mac and Linux versions found in Egypt

New FinFisher spyware used to spy on iOS and Android users in 20 countries

Second-ever UEFI rootkit used in North Korea-themed attacks

Zero-Click Attacks a Growing Threat

Breaking: Apple Sues 'Abusive State-Actor' NSO Group

Advanced threat predictions for 2022

After SIMJacker, WIBattack hacking technique disclosed. Billions of users at risk

FinSpy: unseen findings

Advanced threat predictions for 2024

Stay Connected