Blog and Spyware - Cyber Security Informer

Pegasus spyware and how it exploited a WebP vulnerability

Malwarebytes

SEPTEMBER 27, 2023

Recent events have demonstrated very clearly just how persistent and wide-spread the Pegasus spyware is. The exploit chain based on these vulnerabilities was capable of compromising devices without any interaction from the victim and were reportedly used by the NSO Group to deliver its infamous Pegasus spyware.

Spyware

Spyware Surveillance Mobile Software

Kamran Spyware Targets Gilgit Baltistan Users Through Hunza News

Hackology

NOVEMBER 11, 2023

The emergence of Kamran spyware, targeting users of a regional news website, has raised concerns among cybersecurity experts. Distributed through a possible watering-hole attack on the Hunza News website , the spyware prompts users to grant permissions, allowing access to sensitive data.

Spyware

Spyware Malware Risk Mobile

Android “System Update” malware steals photos, videos, GPS location

Malwarebytes

APRIL 1, 2021

A newly discovered piece of Android malware shares the same capabilities found within many modern stalkerware-type apps—it can swipe images and video, rifle through online searches, record phone calls and video, and peer into GPS location data—but the infrastructure behind the malware obscures its developer’s primary motivations.

Malware

Malware Spyware Advertising Surveillance

Experts warn of a new malvertising campaign spreading the ChromeLoader

Security Affairs

MAY 26, 2022

If applied to a higher-impact threat—such as a credential harvester or spyware—this PowerShell behavior could help malware gain an initial foothold and go undetected before performing more overtly malicious activity, like exfiltrating data from a user’s browser sessions.” ” reads the analysis published by the experts.

Malware

Malware Spyware Threat Detection Engineering

Q&A: Here’s why Android users must remain vigilant about malicious apps, more so than ever

The Last Watchdog

MAY 8, 2019

Just recently, for instance, the search giant removed 50 malicious apps , installed 30 million times, from the official Google Play Store, including fitness, photo-editing, and gaming apps. However, they’re primarily adware delivery vehicles designed to aggressively display ads and install spyware. Currently we have almost 6.5

Adware

Adware Spyware Mobile Banking

What is a keylogger?

Malwarebytes

SEPTEMBER 1, 2022

A blog post published earlier this year posed the question "Is Grammarly a keylogger?" Every time you type a search in a browser, what you type is sent off to the search engine of your choosing (most likely Google). Thus, most such malware is not referred to as a "keylogger," but rather is called "spyware.".

Adware

Adware Software Spyware Passwords

Mac users using Exodus cryptocurrency wallet targeted by a small spam campaign

Security Affairs

NOVEMBER 20, 2018

Security researchers at F-Secure have recently uncovered a small spam campaign aimed at delivering spyware to Mac users that use Exodus wallet. ” states the blog post published by F-Secure. Security experts at F-Secure have recently spotted a small spam campaign aimed at Mac users that use Exodus cryptocurrency wallet.

Cryptocurrency

Cryptocurrency Spyware Advertising Surveillance

November 2023 Product Release News

Security Boulevard

NOVEMBER 20, 2023

Yes, I know it is a chunky dataset but the intention - for now - is for this to serve as a repository of recent malware intelligence you can search against and pivot into. You can also export it to 3rd party tools for additional correlation and analysis. The emphasis here is on recency for now, but this will be changing in upcoming releases!

Malware

Malware Spyware DNS Architecture

Identifying Common Types of Cyberattacks

SiteLock

AUGUST 27, 2021

In this blog, we’ll discuss what cyberattacks are, the most common types of attacks your website is likely to face, and most importantly, how you can prevent them. You may be most familiar with computer malware such as Trojan viruses and spyware, which can be used to retrieve sensitive data from a computer or even take control of the system.

Small Business

Small Business DDOS Malware Phishing

Anti-Debugging Techniques from a Complex Visual Basic Packer

Security Affairs

JULY 17, 2019

Hash 32951a56e3fcd8f5b006c0b64ec694ddf722eba71e2093f7ee90f57856941f3d Threat Hawkey Spyware Brief Description Hawkey Spyware inside a Visual Basic Packer Ssdeep 12288:GVwYvwrMkE9LfRUXkpW7zGidwY/rwxOp8mH:COrI9zRUJfGCfzw0. The searched email clients are: Outlook SeaMonkey Postbox Thunderbird. Pierluigi Paganini.

Spyware

Spyware Malware Passwords Accountability

Cyber Threats to the FIFA World Cup Qatar 2022

Digital Shadows

NOVEMBER 10, 2022

These malicious apps constitute a risk for customers and developers alike—and they can be easily found online using the most common search engines. If you’re interested in a regional and industry breakdown of all things ransomware observed in the past quarter, check our Q3 2022 ransomware blog.

Cyber threats

Cyber threats Media Social Engineering Mobile

IT threat evolution Q1 2022

SecureList

MAY 27, 2022

BlueNoroff continues its search for crypto-currency. One of the things you can do to protect yourself from advanced mobile spyware is to reboot your device on a daily basis. When they shut down the device, using the power and volume buttons, the spyware displays an image of the iOS shutdown screen, faking the shutdown.

Phishing

Phishing Spyware Firmware Malware

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Last Watchdog

FEBRUARY 28, 2021

It is not unusual to have your system or network infected with malware, such as spyware, that often lingers secretly with no apparent symptoms. Malware can be categorized based on how it behaves (adware, spyware and ransomware), and how it propagates from one victim to another (viruses, worms and trojans). Don’t worry though.

Cyber threats

Cyber threats Computers and Electronics Adware Spyware

Spam and phishing in 2022

SecureList

FEBRUARY 16, 2023

The scam operators told the users it was possible to find damaging information about every third user of a social network by running a search. If the user agreed to a search to be done for them, they were told that a certain amount of dirty linen indeed had been found. Scammers created a page on the telegra.ph

Phishing

Phishing Scams Accountability Energy and Utilities

The SLoad Powershell malspam is expanding to Italy

Security Affairs

NOVEMBER 27, 2018

.” sLoad implements a broad range of capabilities including the ability to take screenshots, read the list of running process, exfiltrate DNS cache, exfiltrate outlook e-mail and other typical spyware functionalities. Technical details, including IoCs and Yara Rules, about the sLoad malware are available on the Yoroi blog.

Spyware

Spyware DNS Advertising Malware

Apex Legends for Android: a Fake App could Compromise your Smartphone

Security Affairs

MARCH 12, 2019

Despite its dimensions, this is the only apk that shows a spyware behavior. After collecting all the information about its victim, the spyware sends them to its C2 located at “krater[.]giize[.]com”. Investigating the package names, it was possible to identify many other fake applications which have spyware behavior too.

Spyware

Spyware Mobile Malware Phishing

We explored the dangers of pirated sport streams so you don’t have to

Webroot

MAY 12, 2021

Hijacked search results. This means different search results are served up or users can be spammed with junk notifications and explicit content. push users into installing a browser hijacker known as mysearchflow.com, which is blocked as Spyware/Adware by Webroot. A fake AV scam claiming to have found threats on your machine.

Scams

Scams Mobile Social Engineering Advertising

How to Track Your Kids (and Other People's Kids) With the TicTocTrack Watch

Troy Hunt

APRIL 15, 2019

Not to mention the various spyware apps often installed on kids' phones to track them which then subsequently leak their data all over the internet. It's also relevant in light of the embedded media piece at the start of this blog post: this isn't "a new device developed by a Brisbane mother" nor is the mother "the creator of the watch".

Spyware

Spyware Passwords Manufacturing Marketing

Cyber Security Informer

Pegasus spyware and how it exploited a WebP vulnerability

Kamran Spyware Targets Gilgit Baltistan Users Through Hunza News

Trending Sources

Android “System Update” malware steals photos, videos, GPS location

Experts warn of a new malvertising campaign spreading the ChromeLoader

Q&A: Here’s why Android users must remain vigilant about malicious apps, more so than ever

What is a keylogger?

Mac users using Exodus cryptocurrency wallet targeted by a small spam campaign

November 2023 Product Release News

Identifying Common Types of Cyberattacks

Anti-Debugging Techniques from a Complex Visual Basic Packer

Cyber Threats to the FIFA World Cup Qatar 2022

IT threat evolution Q1 2022

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

Spam and phishing in 2022

The SLoad Powershell malspam is expanding to Italy

Apex Legends for Android: a Fake App could Compromise your Smartphone

We explored the dangers of pirated sport streams so you don’t have to

How to Track Your Kids (and Other People's Kids) With the TicTocTrack Watch

Stay Connected