Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. In 2015, the hacker who breached the systems of the Italian surveillance firm Hacking Team leaked a 400GB package containing hacking tools and exploits codes.

Firmware 145

Firmware Spyware Surveillance Hacking 145

Security Boulevard

MARCH 17, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Kagi Search introduces Privacy Pass authentication AlternativeTo Kagi officially rolls out Privacy Pass support for its Android app. Tuta also shares planned updates "coming soon" to Tuta Mail.

Surveillance 59

Surveillance Data breaches Spyware Malware 59

Security Boulevard

FEBRUARY 17, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Google's reCAPTCHA is not only useless, it's also basically spyware Techspot This study demonstrates Google's reCAPTCHA v2 and v3 are flawed and don't actually keep out bots. Tips for finding old accounts. CVE-2025-21391.

Surveillance 52

Surveillance Data breaches VPN Malware 52

Security Affairs

NOVEMBER 24, 2024

CISA adds Progress Kemp LoadMaster, Palo Alto Networks PAN-OS and Expedition bugs to its Known Exploited Vulnerabilities catalog Great Plains Regional Medical Center ransomware attack impacted 133,000 individuals Recently disclosed VMware vCenter Server bugs are actively exploited in attacks Foreign adversary hacked email communications of the Library (..)

Cybercrime 74

Cybercrime Artificial Intelligence Hacking VPN 74

Security Affairs

SEPTEMBER 3, 2023

LockBit ransomware gang hit the Commission des services electriques de Montréal (CSEM) Social engineering attacks target Okta customers to achieve a highly privileged role Talos wars of customizations of the open-source info stealer SapphireStealer UNRAVELING EternalBlue: inside the WannaCry’s enabler Researchers released a free decryptor for the Key (..)

Social Engineering 129

Social Engineering Data breaches Spyware Malware 129

Security Affairs

SEPTEMBER 1, 2024

Under Meredith Whittaker, It’s Out to Prove Surveillance Capitalism Wrong EU investigating Telegram over user numbers Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Malware 123

Malware Surveillance Firewall Phishing 123

Security Affairs

JUNE 20, 2022

US DoJ announced to have shut down the Russian RSOCKS Botnet MaliBot Android Banking Trojan targets Spain and Italy Chinese DriftingCloud APT exploited Sophos Firewall Zero-Day before it was fixed Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould (..)

Spyware 108

Spyware DNS Ransomware Surveillance 108

Hacker's King

MAY 20, 2023

Two-factor authentication (2FA) has become an essential security measure in the digital age. By impersonating the authenticated user, they can bypass the 2FA process altogether. Call forwarding, Botnets, Spyware: Securing Devices and Networks More sophisticated methods of bypassing 2FA involve compromising the user’s device.

Authentication 52

Authentication Social Engineering Spyware Engineering 52

SecureWorld News

AUGUST 16, 2023

A common example of this is surveillance. We normalize the use of surveilling and tracking young people through "parentware" or spyware (software which allows someone to see what someone else is doing on their device) and apps which enable the tracking of someone's location. Use good passwords.

Surveillance 98

Surveillance Technology Accountability Spyware 98

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 98

Data breaches Malware Mobile Spyware 98

Malwarebytes

OCTOBER 14, 2021

From a technical perspective, spyware—defined as software running on the device that surveils and tracks you—is not much of a thing, because of Apple’s restrictions on what apps can do, plus the fact that you can’t hide an app on iOS. Photos synced up to iCloud can be viewed. You might say, “But wait!

Spyware 130

Spyware Backups Passwords Authentication 130

SecureList

NOVEMBER 14, 2022

The cyber-offense ecosystem still appears to be shaken by the sudden demise of NSO Group; at the same time, these activities indicate to us that we’ve only seen the tip of the iceberg when it comes to commercial-grade mobile surveillance tooling. We believe that research into mail software vulnerabilities is only getting started.

Firmware 131

Firmware Surveillance Mobile Telecommunications 131

Malwarebytes

JULY 2, 2023

Last week on Malwarebytes Labs: A proxyjacking campaign is looking for vulnerable SSH servers New technique can defeat voice authentication "after only six tries" "Free" Evil Dead Rise movie scam lurks in Amazon listings Spyware app LetMeSpy hacked, tracked user data posted online Online safety tips for LGBTQIA+ communities Top contenders in Endpoint (..)

Spyware 97

Spyware Surveillance IoT Scams 97

Security Affairs

DECEMBER 22, 2020

This includes Israeli spyware that could install surveillance software on a target’s phone by simply calling them through WhatsApp. And that’s simply the nature of software – all programs have bugs, some more serious than others. One famous example is WhatsApp, which has had numerous vulnerabilities throughout the years.

Encryption 143

Encryption Spyware Surveillance Software 143

Schneier on Security

MARCH 31, 2025

At the same time, the NSA urgently needs to find and fix any vulnerabilities quickly as it can—and similarly, ensure that commercial smartphones are free of backdoors—access points that allow people other than a smartphone’s user to bypass the usual security authentication methods to access the device’s contents.

Government 340

Government Telecommunications Hacking Spyware 340