Security Affairs

MAY 22, 2024

A researcher discovered a consumer-grade spyware app on the check-in systems of at least three Wyndham hotels across the US. The security researcher Eric Daigle discovered a commercial spyware app, called pcTattletale, on the check-in systems of at least three Wyndham hotels across the US, TechCrunch first reported.

Spyware 112

Spyware Surveillance Software Internet 112

Security Affairs

APRIL 1, 2023

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. The exploits were used to install commercial spyware and malicious apps on targets’ devices. The threat actors behind the attacks used both zero-day and n-day exploits in their exploits.

Spyware 75

Spyware Surveillance Mobile Education 75

Security Affairs

MARCH 29, 2023

Google’s Threat Analysis Group (TAG) discovered several exploit chains targeting Android, iOS, and Chrome to install commercial spyware. The exploit chains were used to install commercial spyware and malicious apps on targets’ devices. This was recently highlighted by blog posts from Project Zero and Github Security Lab.”

Spyware 81

Spyware Surveillance Firmware Internet 81

Hackology

NOVEMBER 11, 2023

The emergence of Kamran spyware, targeting users of a regional news website, has raised concerns among cybersecurity experts. Distributed through a possible watering-hole attack on the Hunza News website , the spyware prompts users to grant permissions, allowing access to sensitive data.

Spyware 45

Spyware Malware Risk Mobile 45

Malwarebytes

APRIL 1, 2021

It does not have a catchy name, but because of its capabilities and its method for going unnoticed, we are calling it Android/Trojan.Spy.FakeSysUpdate, or in this blog, “FakeSysUpdate” for short. Whether for malicious information gathering or for non-consensual surveillance of a romantic partner, these invasions of privacy are flat-out wrong.

Malware 145

Malware Spyware Advertising Surveillance 145

SecureList

NOVEMBER 14, 2022

Last June, Google’s TAG team released a blog post documenting attacks on Italian and Kazakh users that they attribute to RCS Lab, an Italian offensive software vendor. In 2022, the GReAT team tracked several threat actors leveraging SilentBreak’s toolset as well as a commercial Android spyware we named MagicKarakurt.

Firmware 110

Firmware Surveillance Mobile Telecommunications 110

SecureList

OCTOBER 26, 2021

This campaign was also covered by researchers at Zscaler in a blog post. We published a blog post at that time detailing the technical details of ShadowPad and its supply-chain attack campaign after its initial discovery, when it was deployed by an APT group known as Barium or APT41. Other interesting discoveries.

Malware 142

Malware Government Surveillance Spyware 142