Security Affairs

APRIL 1, 2023

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. The exploits were used to install commercial spyware and malicious apps on targets’ devices. The experts pointed out that both campaigns were limited and highly targeted.

Spyware 75

Spyware Surveillance Mobile Education 75

Security Affairs

MAY 23, 2022

The attacks aimed at installing the surveillance spyware Predator, developed by the North Macedonian firm Cytrox. ” In December a report published by CitizenLab, when its researchers detailed the use of the Predator Spyware against exiled politician Ayman Nour and the host of a popular news program. To nominate, please visit:?

Spyware 126

Spyware Surveillance Government Banking 126

Security Affairs

JUNE 17, 2022

Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country. According to Lookout, the Hermit spyware was likely developed by Italian surveillance vendor RCS Lab S.p.A SecurityAffairs – hacking, Hermit spyware).

Spyware 73

Spyware Surveillance Telecommunications Mobile 73

Hackology

NOVEMBER 11, 2023

The emergence of Kamran spyware, targeting users of a regional news website, has raised concerns among cybersecurity experts. Distributed through a possible watering-hole attack on the Hunza News website , the spyware prompts users to grant permissions, allowing access to sensitive data.

Spyware 45

Spyware Malware Risk Mobile 45

Security Affairs

APRIL 19, 2022

Researchers from Citizen Lab have published a report detailing the use of a new zero-click iMessage exploit, dubbed HOMAGE, to install the NSO Group Pegasus spyware on iPhones belonging to Catalan politicians, journalists, academics, and activists. To nominate, please visit:? Follow me on Twitter: @securityaffairs and Facebook.

Spyware 87

Spyware Surveillance Government Software 87

Security Affairs

JUNE 2, 2022

“An international law enforcement operation involving 11 countries has resulted in the takedown of one of the fastest-spreading mobile malware to date. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”) To nominate, please visit:?. Pierluigi Paganini.

Spyware 82

Spyware Malware Banking Cybercrime 82

The Last Watchdog

MAY 8, 2019

Android users – and I’m one – are well-advised to be constantly vigilant about the types of cyberthreats directed, at any given time, at the world’s most popular mobile device operating system. However, they’re primarily adware delivery vehicles designed to aggressively display ads and install spyware. has begun delivering.

Adware 176

Adware Spyware Mobile Banking 176

Security Affairs

APRIL 13, 2022

One of the officials targeted with the infamous spyware there is Didier Reynders, a senior Belgian statesman who has served as the European Justice Commissioner since 2019. The Pegasus spyware used the ForcedEntry zero-day exploit to compromise the recipients’ devices without their interaction. ” concludes the report.

Surveillance 87

Surveillance Software Spyware Hacking 87

Security Affairs

APRIL 18, 2023

A new report from Citizen Lab states that the Israeli surveillance firm NSO Group used at least three zero-click zero-day exploits to deliver its Pegasus spyware. “These indicator overlaps allow us to attribute the 2022 zero-click chains to NSO Group’s Pegasus spyware with high confidence. ” reads the report. and 14.4.2,

Spyware 82

Spyware Surveillance Education Risk 82

The Last Watchdog

MAY 20, 2019

Don’t look now, but evidence is mounting that the mobile threats landscape is on the threshold of getting a lot more dicey. This is because mobile services and smartphone functionalities are rapidly expanding, and, as you might expect, cyberattacks targeting mobile devices and services are also rising sharply.

Mobile 138

Mobile Spyware Banking Manufacturing 138

Security Affairs

OCTOBER 14, 2020

The authorities started the investigation last year after the German blog Netzpolitik and some advocacy groups (Reporters Without Borders, Society for Freedom Rights, and the European Center for Constitutional and Human Rights), filed a complaint with Munich prosecutors in the summer of 2019.

Surveillance 106

Surveillance Spyware Software Advertising 106

Security Affairs

MAY 17, 2022

Experts spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data. Trend Micro researchers spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data from infected devices. To nominate, please visit:? Pierluigi Paganini.

Spyware 85

Spyware Cryptocurrency VPN Malware 85

Webroot

OCTOBER 25, 2021

The respected technology blog TechRadar has even referred to 2021 as “the year of the Chromebook.”. The Chromebook sandboxing feature will defend against many of these so-called “malicious apps” from invading devices through things like popular mobile games, but some will likely find ways to avoid the feature.

Identity Theft 120

Identity Theft Spyware Phishing Antivirus 120

Security Affairs

APRIL 4, 2023

Recently CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices.

Phishing 87

Phishing Spyware Government Passwords 87

SecureList

JANUARY 16, 2024

Introduction In the ever-evolving landscape of mobile security, hunting for malware in the iOS ecosystem is akin to navigating a labyrinth with invisible walls. To date, the common methods for analyzing an iOS mobile infection are either to examine an encrypted full iOS backup, or to analyze the network traffic of the device in question.

Malware 120

Malware Mobile Backups Spyware 120

The Last Watchdog

FEBRUARY 28, 2021

It is not unusual to have your system or network infected with malware, such as spyware, that often lingers secretly with no apparent symptoms. Malware can be categorized based on how it behaves (adware, spyware and ransomware), and how it propagates from one victim to another (viruses, worms and trojans). Don’t worry though.

Cyber threats 113

Cyber threats Computers and Electronics Adware Spyware 113

Security Affairs

OCTOBER 30, 2019

In May, Facebook has patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device. Today @WhatsApp is taking a stand against the dangerous use of spyware. ” reads the lawsuit.

Surveillance 50

Surveillance Technology Spyware Mobile 50

Security Affairs

JUNE 26, 2022

SecurityAffairs awarded as Best European Personal Cybersecurity Blog 2022 Crooks are using RIG Exploit Kit to push Dridex instead of Raccoon stealer Flagstar Bank discloses a data breach that impacted 1.5

Small Business 74

Small Business Spyware Data breaches Surveillance 74

Security Affairs

APRIL 24, 2022

T-Mobile confirms Lapsus$ had access its systems Are you using Java 15/16/17 or 18 in production? Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Patch them now! To nominate, please visit:?

Cyber Insurance 71

Cyber Insurance Spyware Firmware Insurance 71

SecureList

MAY 27, 2022

Non-mobile statistics. Mobile statistics. One of the things you can do to protect yourself from advanced mobile spyware is to reboot your device on a daily basis. When they shut down the device, using the power and volume buttons, the spyware displays an image of the iOS shutdown screen, faking the shutdown.

Phishing 108

Phishing Spyware Firmware Malware 108

SecureList

NOVEMBER 30, 2021

Based on forensic analysis of numerous mobile devices, Amnesty International’s Security Lab found that the software was repeatedly used in an abusive manner for surveillance. Currently, several methods can be used for detection of Pegasus and other mobile malware. The list of targeted individuals includes 14 world leaders.

Malware 107

Malware Mobile Spyware Surveillance 107

Security Affairs

SEPTEMBER 28, 2019

Researchers are warning of a new variant of recently disclosed SimJacker attack, dubbed WIBattack , that could expose millions of mobile phones to remote hacking. WIBattack is a new variant of the recently discovered Simjacker attack method that could expose millions of mobile phones to remote hacking.

Hacking 87

Hacking Mobile Risk Advertising 87

Security Boulevard

SEPTEMBER 30, 2021

A look at the nature and effects of legal, advanced spyware on application security. Pegasus is an advanced spyware that exploits vulnerable mobile apps to gain a foothold on iPhone and Android devices. The spyware allows governments to crack citizen’s mobile devices, track them, and observe their communications.

Spyware 52

Spyware Government Surveillance Mobile 52

Security Affairs

JUNE 29, 2023

The news of the data breach was first reported by the Polish security research blog Niebezpiecznik , which also confirmed that the threat actors behind the attack claimed to have seized the domain associated with the spyware. “It’s not clear who is behind the LetMeSpy hack or their motives.

Data breaches 72

Data breaches Spyware Hacking Accountability 72

Malwarebytes

APRIL 1, 2021

It does not have a catchy name, but because of its capabilities and its method for going unnoticed, we are calling it Android/Trojan.Spy.FakeSysUpdate, or in this blog, “FakeSysUpdate” for short. First spotted by the research team at Zimperium zLabs , the newly found malware is already detected by Malwarebytes for Android.

Malware 145

Malware Spyware Advertising Surveillance 145

Webroot

MAY 12, 2021

push users into installing a browser hijacker known as mysearchflow.com, which is blocked as Spyware/Adware by Webroot. Mobile Threats. All these sites supported mobile browsing and the advertising, social engineering and malicious content targeting mobile users, too. Links on jackstream.

Scams 114

Scams Mobile Social Engineering Advertising 114

Security Affairs

MARCH 12, 2019

Despite the usage of Apex Legends references, the first two applications do not contain a real malware, but their main purpose is to obtain an economic return through Google Mobile Ads SDK. Figure 3: popup required by app to verify EA mobile account. Despite its dimensions, this is the only apk that shows a spyware behavior.

Spyware 79

Spyware Mobile Malware Phishing 79

SecureList

AUGUST 15, 2022

Non-mobile statistics. Mobile statistics. WinDealer’s man-on-the-side spyware. You can find more details, including appropriate mitigation steps, in our blog post. Mobile subscription Trojans. Other mobile subscription Trojans are less sophisticated. IT threat evolution in Q2 2022. Targeted attacks.

Mobile 82

Mobile Ransomware Malware Encryption 82

Quick Heal Antivirus

DECEMBER 26, 2023

Here, The post Beware: Fake Apps posing as Open AI’s ChatGPT App appeared first on Quick Heal Blog. Behind the face of advancing technology lies a dark underbelly – that of evolving cyber crime.

Technology 72

Technology Spyware Scams Mobile 72

Security Boulevard

JANUARY 25, 2022

Dancho Danchev’s Blog – Full Offline Copy Available – Volume – [PDF]. Dancho Danchev’s Blog – Full Offline Copy Available – Volume – [PDF]. Dancho Danchev’s Blog – Full Offline Copy Available – Volume – [PDF]. Dancho Danchev’s Blog – Full Offline Copy Available – Volume – [PDF]. Person on the U.S

Cybercrime 96

Cybercrime Hacking Scams Ransomware 96

SecureList

NOVEMBER 14, 2022

Mobile devices exposed to wide attacks. Although 2022 did not feature any mobile intrusion story on the scale of the Pegasus scandal, a number of 0-days have still been exploited in the wild by threat actors. In line with our predictions, we released two blog posts in 2022 introducing sophisticated low-level bootkits.

Firmware 110

Firmware Surveillance Mobile Telecommunications 110

SecureList

OCTOBER 26, 2021

This campaign was also covered by researchers at Zscaler in a blog post. We published a blog post at that time detailing the technical details of ShadowPad and its supply-chain attack campaign after its initial discovery, when it was deployed by an APT group known as Barium or APT41.

Malware 142

Malware Government Surveillance Spyware 142

Identity IQ

JULY 17, 2023

In this blog, we provide you with ten actionable ways to safeguard your digital identity, focusing specifically on how to prevent compromised credentials. Malware : Malicious software, such as viruses or spyware, can infect your devices and be used to steal your credentials. How Can Your Credentials Become Compromised?

Identity Theft 52

Identity Theft Password Management Passwords Authentication 52

Identity IQ

JULY 17, 2023

In this blog, we provide you with ten actionable ways to safeguard your digital identity, focusing specifically on how to prevent compromised credentials. Malware : Malicious software, such as viruses or spyware, can infect your devices and be used to steal your credentials. How Can Your Credentials Become Compromised?

Identity Theft 52

Identity Theft Password Management Passwords Authentication 52

SecureList

APRIL 27, 2021

During routine monitoring of detections for FinFisher spyware tools, we discovered traces that point to recent FinFly Web deployments. In November and December 2020, two public blog posts were published about this campaign. Domestic Kitten is a threat group mainly known for its mobile backdoors.

Malware 141

Malware Spyware Government Social Engineering 141

Digital Shadows

NOVEMBER 10, 2022

The malicious web page where we landed after clicking on the chat box Fake mobile apps Along with a reputable domain name, most organizations have now developed their own mobile app, used to communicate with customers, create engagement, and foster brand loyalty.

Cyber threats 52

Cyber threats Media Social Engineering Mobile 52

Security Affairs

AUGUST 25, 2019

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. App tainted with Ahmyst Open-source spyware appeared on Google Play Store twice. The best news of the week with Security Affairs. Once again thank you!

Small Business 49

Small Business Spyware Data breaches Advertising 49