Security Boulevard

SEPTEMBER 30, 2021

A look at the nature and effects of legal, advanced spyware on application security. Pegasus is an advanced spyware that exploits vulnerable mobile apps to gain a foothold on iPhone and Android devices. Pegasus is the creation of the NSO Group , an Israeli firm that licenses it to governments to perform surveillance.

Spyware 52

Spyware Government Surveillance Mobile 52

Security Affairs

MAY 23, 2022

We assess the exploits were packaged by a single commercial surveillance company, Cytrox, and sold to different govt-backed actors. The attacks aimed at installing the surveillance spyware Predator, developed by the North Macedonian firm Cytrox. link] — Shane Huntley (@ShaneHuntley) May 19, 2022. Pierluigi Paganini.

Spyware 132

Spyware Surveillance Government Banking 132

Security Affairs

APRIL 12, 2023

At least five members of civil society worldwide have been targeted with spyware and exploits developed by surveillance firm QuaDream. Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. and 14.4.2,

Spyware 79

Spyware Surveillance Government Malware 79

Heimadal Security

MARCH 28, 2023

At least 50 US government officials are either suspected or confirmed to have been targeted by invasive commercial spyware designed to hack mobile phones, extract data, and track the movements of the victims. Government Restricts the Use of Spyware, White House Says appeared first on Heimdal Security Blog.

Spyware 73

Spyware Government Surveillance Mobile 73

Security Affairs

OCTOBER 30, 2019

WhatsApp sued Israeli surveillance firm NSO Group, accusing it of using a flaw in its messaging service to conduct cyberespionage on journalists and activists. WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. reads the description provided by Facebook.

Surveillance 53

Surveillance Technology Spyware Mobile 53

Security Affairs

APRIL 2, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) The post Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Spyware 85

Spyware Surveillance Artificial Intelligence Data breaches 85

SecureList

NOVEMBER 30, 2021

Based on forensic analysis of numerous mobile devices, Amnesty International’s Security Lab found that the software was repeatedly used in an abusive manner for surveillance. Later that month, representatives from the Israeli government visited the offices of NSO as part of an investigation into the claims.

Malware 116

Malware Mobile Spyware Surveillance 116

SecureList

APRIL 27, 2021

This resulted in the deployment of a custom backdoor, named Sunburst, on the networks of more than 18,000 SolarWinds customers, including many large corporations and government bodies, in North America, Europe, the Middle East and Asia. In November and December 2020, two public blog posts were published about this campaign.

Malware 142

Malware Spyware Government Social Engineering 142

Malwarebytes

MAY 24, 2022

The Google Threat Analysis Group (TAG) has revealed that of the nine zero-day vulnerabilities affecting Chrome, Android, Apple and Microsoft that it reported in 2021, five were in use by a single commercial surveillance company. Patches for the five vulnerabilities TAG mentions in its blog are available. Government spyware.

Spyware 134

Spyware Surveillance Government Marketing 134

SecureList

OCTOBER 26, 2021

In June, more than six months after DarkHalo had gone dark, we observed the DNS hijacking of multiple government zones of a CIS member state that allowed the attacker to redirect traffic from government mail servers to computers under their control – probably achieved by obtaining credentials to the control panel of the victims’ registrar.

Malware 143

Malware Government Surveillance Spyware 143

SecureList

NOVEMBER 14, 2022

Last June, Google’s TAG team released a blog post documenting attacks on Italian and Kazakh users that they attribute to RCS Lab, an Italian offensive software vendor. In 2022, the GReAT team tracked several threat actors leveraging SilentBreak’s toolset as well as a commercial Android spyware we named MagicKarakurt.

Firmware 117

Firmware Surveillance Mobile Telecommunications 117