This site uses cookies to improve your experience. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country, we will assume you are from the United States. Select your Cookie Settings or view our Privacy Policy and Terms of Use.
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Used for the proper function of the website
Used for monitoring website traffic and interactions
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Strictly Necessary: Used for the proper function of the website
Performance/Analytics: Used for monitoring website traffic and interactions
Researchers found an updated LightSpy spyware with enhanced data collection features targeting social media platforms like Facebook and Instagram. have found an updated version of the LightSpy spyware that supports an expanded set of data collection features to target social media platforms like Facebook and Instagram.
Since March 2025, fake contract emails have been spreading Batavia spyware in targeted attacks on Russian organizations. Since March 2025, a targeted phishing campaign against Russian organizations has used fake contract-themed emails to spread the Batavia spyware, a new malware designed to steal internal documents.
Since March 2025, fake contract emails have been spreading Batavia spyware in targeted attacks on Russian organizations. Since March 2025, a targeted phishing campaign against Russian organizations has used fake contract-themed emails to spread the Batavia spyware, a new malware designed to steal internal documents.
We’ve seen a 147% increase in spyware, a broad category of apps that collect user data without consent, with a notable spike in Feb and March. Banking Trojans and spyware are now outpacing more traditional nuisances like adware and riskware , and what’s changed is the level of sophistication.
CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)
North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates Critical Sudo bugs expose major Linux distros to local Root exploits Google fined $314M for misusing idle Android users’ data A flaw in Catwatchful spyware exposed logins of +62,000 users China-linked group Houken hit French organizations using zero-days Data (..)
This is the first known case of an app infected with OCR spyware being found in Apple’s official app marketplace. That being said, we have insufficient data to attribute the campaign to a known cybercrime gang. You can store passwords, confidential documents and other sensitive information in special apps. org uploads.99ai[.]world
Like vampires, malware strains can operate quietly, leeching data or encrypting files without warning, making ransomware and spyware infections incredibly haunting. Breaking the spell : Employ a robust backup strategy, disable macros in documents, train employees to recognize suspicious links, and deploy endpoint detection and response tools.
Attacks on Middle Eastern countries Ballista New IoT Botnet Targeting Thousands of TP-Link Archer Routers Microsoft patches Windows Kernel zero-day exploited since 2023 Trump Cryptocurrency Delivers ConnectWise RAT EMERGING THREATS LockBit 4.0
million patients Crooks exploit the death of Pope Francis WhatsApp introduces Advanced Chat Privacy to protect sensitive communications Android spyware hidden in mapping software targets Russian soldiers Crypto mining campaign targets Docker environments with new evasion technique The popular xrpl.js
CISA adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog A member of the Scattered Spider cybercrime group pleads guilty The controversial case of the threat actor EncryptHub PoisonSeed Campaign uses stolen email credentials to spread crypto seed scams and and empty wallets EDR-as-a-Service (..)
CVSS) in IOS XE That Enables Root Exploits via JWT Internet tracking: How and why were followed online Google to pay Texas $1.4 CVSS) in IOS XE That Enables Root Exploits via JWT Internet tracking: How and why were followed online Google to pay Texas $1.4
Researchers from ThreatFabric discovered a macOS version of the LightSpy spyware that has been active in the wild since at least January 2024. LightSpy is a modular spyware that has resurfaced after several months of inactivity, the new version supports a modular framework with extensive spying capabilities.
FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents. The post XLoader, a $49 spyware that could target both Windows and macOS devices appeared first on Security Affairs. Pierluigi Paganini.
We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.
The latest version of the Azorult was delivered through the RIG exploit kit as well as other sources, previous variants were mainly distributed via weaponized Office documents as attachment of phishing messages. is available in the cybercrime underground market appeared first on Security Affairs. Pierluigi Paganini.
Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S
CISA adds Adobe Commerce and Magento, SolarWinds Serv-U, and VMware vCenter Server bugs to its Known Exploited Vulnerabilities catalog International Press – Newsletter Cybercrime Walsall teenager arrested in joint West Midlands Police and FBI operation Treasury Sanctions Leader and Primary Member of the Cyber Army of Russia Reborn Three arrested for (..)
Leaked documents show the surveillance firm Intellexa offering exploits for iOS and Android devices for $8 Million. The Vx-undergroud researchers shared some images of several confidential documents that appear to be the commercial offer of Intellect. Threat actors could use these exploits by tricking targets into clicking on a link.
A new sophisticated version of the AZORult Spyware was spotted in the wild, it was involved in a large email campaign on July 18. Malware researchers at Proofpoint spotted a new version of the AZORult Spyware in the wild, it was involved in a large email campaign on July 18, just 24 hours it appeared in cybercrime forums on the Dark Web.
Every third email, meanwhile, contained spyware , which is used by threat actors to steal payment data or other sensitive info to then put it on sale in the darknet or blackmail its owner. Another 17 percent contained downloaders, while backdoors and banking Trojans came third with a 16- and 15-percent shares, respectively.
Ticketmaster confirms data breach impacting 560 million customers Critical Apache Log4j2 flaw still threatens global finance Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin ShinyHunters is selling data of 30 million Santander customers Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours LilacSquid APT (..)
The Vermin group attempted to deploy two malicious codes in this campaign, the previously known Spectr spyware, and a new malware family dubbed Firmachagent. “The PowerShell code is designed to download components of the SPECTR malware (which steals documents, screenshots, browser data, etc.)
Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com Experts warn of threat actors abusing Google Alerts to deliver unwanted programs FBI warns of the consequences of telephony denial-of-service (TDoS) attacks An attacker was able to siphon audio feeds from multiple Clubhouse rooms Georgetown County has yet to recover from a sophisticated (..)
PoC publicly available Linux variant of Cerber ransomware targets Atlassian servers Ivanti fixed two critical flaws in its Avalanche MDM Researchers released exploit code for actively exploited Palo Alto PAN-OS bug Cisco warns of large-scale brute-force attacks against VPN and SSH services PuTTY SSH Client flaw allows of private keys recovery A renewed (..)
Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). The researchers are tracking the spyware since March 2020, starting in 2023, multiple security experts [ 1 , 2 ] started monitoring its activity.
The offer was emailed as a PDF document, and once it was downloaded, spyware infected the company's systems. This recent incident is part of a growing trend in cybercrime, in which threat actors target all kinds of decentralized finance (DeFi) platforms.
Generative AI (GenAI) can already be used to create and entertain a convincing interaction with victims, including the creation of lure documents, without the translation, spelling, and grammatical errors that used to reveal phishing. Professional spyware vendors have deep enough pockets to invest in new tools, training, and development.
The steps we’re taking today will send a clear message: In a free society, it is unacceptable to weaponize powerful state-sponsored spyware against those who seek to make the world a better place.". That behavior by NSO Group, according to Citizen Lab and Apple, includes secret installation of Pegasus Spyware. And he didn't stop there.
Typically, they construct emails that masquerade as communications from legitimate venture companies, but with an attached, macro-enabled document. When opened, this document eventually downloads a backdoor. One of the things you can do to protect yourself from advanced mobile spyware is to reboot your device on a daily basis.
Today it constantly reaches several organization across Italy presenting itself in several ways, for instance as a malicious document delivered through email. . This latest Ursnif variant shows the same modus operandi: a malicious document in which is embedded an highly obfuscated VBA macro that acts as a first stage dropper.
CISA adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog German agency BSI sinkholed a botnet of 30,000 devices infected with BadBox U.S.
During routine monitoring of detections for FinFisher spyware tools, we discovered traces that point to recent FinFly Web deployments. It was first publicly documented in 2014, in the aftermath of the Gamma Group hacking incident. FinFly Web is, in essence, a suite of tools and packages that implement a web-based exploitation server.
Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users German BSI agency warns of ransomware attacks over Christmas holidays Cuba ransomware gang hacked 49 US critical infrastructure organizations CISA warns of vulnerabilities in Hitachi Energy products NSO Group spyware used to compromise iPhones of 9 US State Dept officials (..)
Organizations are addressing zero-day vulnerabilities more quickly, says Google CISA, FBI, NSA warn of the increased globalized threat of ransomware Croatian phone carrier A1 Hrvatska discloses data breach FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities (..)
NFT theft and a new brand of cybercrime. In an extraordinary and revealing Twitter thread, one NFT owner documented the experience of having his tokens stolen from a marketplace for digital art. Regardless, it’s safe to say they’re worth getting to know, because they’ll make headlines for some time to come.
Since 2018, Lazarus has persistently targeted crypto-currency-related businesses for a long time, using malicious Word documents and themes related to the crypto-currency business to lure potential targets. Using a number of vulnerabilities in iOS, the attachment is executed and installs spyware. This throws up several possibilities.
We first documented the threat actor HotCousin in 2021 as a cluster of malicious activities leveraging the EnvyScout implant, publicly attributed to Dark Halo (NOBELIUM) by Microsoft. In June, we identified a previously unknown Android spyware app that targets Persian-speaking individuals. Russian-speaking activity.
Tax documents such as W-2s and 1040s can be purchased for around $1.04, while Social Security numbers range from $0.19 Spyware can be loaded onto your machine to log all your keystrokes. Stolen data can then be bought and sold on the dark web. to $62 for bundles of personal details. How Account Takeover Affects Organizations.
Following this, we released the first of a series of additional reports describing the final payload in the infection chain: a highly sophisticated spyware implant that we dubbed “TriangleDB” Operating in memory, this implant periodically communicates with the C2 (command and control) infrastructure to receive commands.
Cybercriminals often use malware to gain access to a computer or mobile device to deploy viruses, worms, Trojans, ransomware, spyware, and rootkits. MOUSEISLAND MOUSEISLAND is usually found within the embedded macros of a Microsoft Word document and can download other payloads.
As cybercrime has become well-funded and increasingly sophisticated, phishing remains one of the most effective methods used by criminals to introduce malware into businesses. Ransomware is a type of malware, but others exist, including spyware, adware, bots and Trojans. Phishing and Spear Phishing.
Last June, Google’s TAG team released a blog post documenting attacks on Italian and Kazakh users that they attribute to RCS Lab, an Italian offensive software vendor. In 2022, the GReAT team tracked several threat actors leveraging SilentBreak’s toolset as well as a commercial Android spyware we named MagicKarakurt.
We organize all of the trending information in your field so you don't have to. Join 28,000+ users and stay up to date on the latest articles your peers are reading.
You know about us, now we want to get to know you!
Let's personalize your content
Let's get even more personalized
We recognize your account from another site in our network, please click 'Send Email' below to continue with verifying your account and setting a password.
Let's personalize your content