Security Affairs

NOVEMBER 24, 2024

CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)

Cybercrime 71

Cybercrime Artificial Intelligence Hacking VPN 71

Security Affairs

DECEMBER 22, 2024

Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion Spyware distributed through Amazon Appstore BADBOX Botnet Is Back Supply Chain Attack on Rspack npm Packages Injects Cryptojacking Malware 4.5

Malware 59

Malware Spyware Surveillance Cybercrime 59

Security Affairs

FEBRUARY 26, 2025

” LightSpy now targets social media platforms like Facebook and Instagram from Android, extracting messages, contacts, and metadata, enhancing surveillance and exploitation potential. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, LightSpy spyware)

Data collection 104

Data collection Spyware Media Surveillance 104

Security Affairs

NOVEMBER 11, 2022

Lookout researchers discovered two long-running surveillance campaigns targeting the ethnic minority Uyghurs. Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. SecurityAffairs – hacking, Uyghurs). List of installed packages. Pierluigi Paganini.

Surveillance 98

Surveillance Spyware Malware Mobile 98

Security Affairs

MAY 1, 2023

Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). However, much of the victim data points to its broader usage, which indicates targeted surveillance efforts towards minorities within Iran.”

Surveillance 98

Surveillance Malware Spyware Accountability 98

Security Affairs

FEBRUARY 9, 2025

US Justice Department says cybercrime forum allegedly affected 17 million Americans Cybercrime is increasingly complex.

Spyware 61

Spyware Cybercrime Scams Social Engineering 61

SecureWorld News

AUGUST 27, 2021

Australian Parliament passed the controversial Surveillance Legislation Amendment Bill 2020, also known as the Identify and Disrupt Bill and to a few the “hacking” bill, on August 25. Differing views on the police "hacking" bill. All eyes will be on Australia to see the results of the “hacking” bill’s introduction.

Hacking 98

Hacking Computers and Electronics Surveillance Cybercrime 98

Security Affairs

FEBRUARY 10, 2022

I transcribed a recent interview, here some questions and answers about nation-state hacking, spyware, and cyber warfare. Spyware are powerful weapons in the arsenal of governments and cybercrime gangs. Pegasus is probably the most popular surveillance software on the market, it has been developed by the Israeli NSO Group.

Spyware 98

Spyware Hacking Ransomware Surveillance 98

Malwarebytes

DECEMBER 7, 2021

Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets. Sadly, any setback to the Chinese hacking group or others will likely be temporary as the hackers will find and build new infrastructure to use in forthcoming attacks. An overview of Chinese hacking groups and their aliases.

Hacking 122

Hacking Malware Surveillance Data collection 122

Security Affairs

JANUARY 19, 2025

CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog Inexperienced actors developed the FunkSec ransomware using AI tools Credit Card Skimmer campaign targets WordPress via database injection Microsoft took legal action against crooks who developed a tool to abuse its AI-based services Pro-Russia hackers (..)

Spyware 70

Spyware Data breaches DNS Artificial Intelligence 70

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 126

Social Engineering Spyware Data breaches Surveillance 126

Security Affairs

MARCH 21, 2021

Hackers also posted images captured from the hacked surveillance video on Twitter with an #OperationPanopticon hashtag, published images show that they have gained root shell access to the surveillance cameras used by Telsa and Cloudflare. SecurityAffairs – hacking, cybercrime). ” continues the DoJ.

Identity Theft 107

Identity Theft Computers and Electronics Surveillance Hacking 107

Security Affairs

NOVEMBER 26, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. million patients in the U.S.

Data breaches 129

Data breaches Surveillance Cryptocurrency Ransomware 129

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 125

Spyware Surveillance DDOS Identity Theft 125

Malwarebytes

DECEMBER 7, 2021

Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets. Sadly, any setback to the Chinese hacking group or others will likely be temporary as the hackers will find and build new infrastructure to use in forthcoming attacks. An overview of Chinese hacking groups and their aliases.

Hacking 98

Hacking Malware Surveillance Data collection 98

Security Affairs

AUGUST 18, 2021

surveillance law to be incompatible with EU privacy rights.” SecurityAffairs – hacking, cybercrime). . “The DPA’s concern follows a landmark ruling ( Schrems II ) by Europe’s top court last summer which invalidated a flagship data transfer arrangement between the EU and the U.S. ” states Yahoo News.

Surveillance 145

Surveillance Cybercrime Hacking Government 145

Krebs on Security

AUGUST 5, 2019

This story is about how crooks increasingly are abusing third-party financial aggregation services like Mint , Plaid , Yodlee , YNAB and others to surveil and drain consumer accounts online. Crooks are constantly probing bank Web sites for customer accounts protected by weak or recycled passwords.

Banking 279

Banking Passwords Risk Accountability 279

Security Affairs

JANUARY 7, 2024

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4

Artificial Intelligence 124

Artificial Intelligence Data breaches Scams Insurance 124

Security Affairs

JULY 31, 2022

. “We’re publishing the details of a new vulnerability (tracked under CVE-2022-30563) affecting the implementation of the Open Network Video Interface Forum (ONVIF) WS-UsernameToken authentication mechanism in some IP cameras developed by Dahua, a very popular manufacturer of IP-based surveillance solutions.” Pierluigi Paganini.

Surveillance 145

Surveillance Authentication Telecommunications Manufacturing 145

Security Affairs

DECEMBER 24, 2019

According to a report published by the New York Times, the popular app ToTok was used by the UAE government as a surveillance tool. The report said US intelligence officials and a security researcher determined the app was being used by the UAE government for detailed surveillance. SecurityAffairs – ToTok, surveillence).

Government 94

Government Surveillance Advertising Mobile 94

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% SecurityAffairs – hacking, newsletter). Pierluigi Paganini.

Spyware 142

Spyware Manufacturing Small Business Surveillance 142

Security Affairs

SEPTEMBER 1, 2024

Under Meredith Whittaker, It’s Out to Prove Surveillance Capitalism Wrong EU investigating Telegram over user numbers Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Surveillance 120

Surveillance Malware Firewall Phishing 120

Security Affairs

SEPTEMBER 14, 2023

A joint investigation conducted by Access Now and the Citizen Lab revealed that the journalist, who is at odds with the Russian government, was infected with the surveillance software. However, there is no public evidence that the Russian government is a client of the Israeli surveillance firm NSO Group. ” states Access Now.

Spyware 132

Spyware Surveillance Media Government 132

Security Affairs

NOVEMBER 14, 2018

During the first day of the Pwn2Own Tokyo 2018 contest, participants hacked Apple iPhone X, Samsung Galaxy S9 and Xiaomi Mi 6 devices earning more than $225,000. On the second day, the organizers only paid $100,000 for one iPhone and two Xiaomi hacks. Security Affairs – Pwn2Own Tokyo 2018, hacking). Pierluigi Paganini.

Hacking 110

Hacking Advertising Surveillance IoT 110

Security Affairs

MARCH 29, 2025

Camera Access: Starts front camera streaming for potential identity theft or surveillance. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,malware) Data Theft: Captures Google Authenticator screen content to steal OTP codes.

Banking 68

Banking Mobile Identity Theft Malware 68

Security Affairs

JUNE 23, 2022

The Israeli surveillance firm NSO Group revealed that its Pegasus spyware was used by at least five European countries. The controversial Israeli surveillance vendor NSO Group told the European Union lawmakers that its Pegasus spyware was used by at least five countries in the region. SecurityAffairs – hacking, NSO GROUP).

Spyware 109

Spyware Surveillance Software Media 109

Security Affairs

DECEMBER 10, 2023

billion personal records compromised by data breaches in past two years — underscoring need for end‑to‑end encryption Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) Will Enable Mass Spying Reddit Says Leaked U.S.-U.K.

Ransomware 126

Ransomware Data breaches Hacking Financial Services 126

Security Affairs

JULY 30, 2023

Now Abyss Locker also targets VMware ESXi servers Russian APT BlueBravo targets diplomatic entities with GraphicalProton backdoor CoinsPaid blames North Korea-linked APT Lazarus for theft of $37M worth of cryptocurrency Monitor Insider Threats but Build Trust First Zimbra fixed actively exploited zero-day CVE-2023-38750 in ZCS DepositFiles exposed (..)

Surveillance 98

Surveillance Cryptocurrency Cyber Attacks Hacking 98

Security Affairs

APRIL 17, 2022

SecurityAffairs – hacking, newsletter). To nominate, please visit:? Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. The post Security Affairs newsletter Round 361 by Pierluigi Paganini appeared first on Security Affairs.

Data breaches 100

Data breaches Wireless Hacking Surveillance 100

Security Affairs

SEPTEMBER 24, 2023

0-days exploited by commercial surveillance vendor in Egypt PREDATOR IN THE WIRES OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes Cybersecurity Apple and Google Are Introducing New Ways to Defeat Cell Site Simulators, But Is it Enough?

Cyber Attacks 122

Cyber Attacks Firewall Data breaches Telecommunications 122

Security Affairs

DECEMBER 4, 2022

. “Court documents and government contracting records show the agencies tasked with monitoring the Mexican border have spent record sums on car hacking tools, while talking up the extraordinary amount of valuable evidence that can be reaped from onboard computers.” SecurityAffairs – hacking, infotainment systems).

Surveillance 109

Surveillance Technology Hacking Mobile 109

Security Affairs

JANUARY 14, 2022

Hensoldt AG focuses on sensor technologies for protection and surveillance missions in the defence, security and aerospace sectors. SecurityAffairs – hacking, Hensoldt). Ransom demands have been quite high, between $500.000 and $700.000. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Ransomware 140

Ransomware Surveillance Mobile Encryption 140

Security Affairs

MARCH 28, 2024

In 2023, the researchers attributed a combined total of 48 out of 58 zero-day vulnerabilities to commercial surveillance vendors (CSVs) and government espionage actors, while 10 zero-day flaws were attributed to financially motivated actors.

Government 139

Government Surveillance Cybercrime Ransomware 139

Security Affairs

NOVEMBER 25, 2021

The PowerShortShell stealer is also used for Telegram surveillance and gathering system information from infected systems. “The adversary might be tied to Iran’s Islamic regime since the Telegram surveillance usage is typical of Iran’s threat actors like Infy, Ferocious Kitten, and Rampant Kitten. fn= hxxp://hr.dedyn.io/upload2.aspx

Surveillance 111

Surveillance Social Engineering Cybercrime Ransomware 111

Security Affairs

SEPTEMBER 23, 2023

The Royal group began reconnaissance activity in April 2023, and the analysis of system log data dates the beginning of the surveillance operations on April 7, 2023. Royal was then able to traverse the internal City infrastructure during the surveillance period using legitimate 3rd party remote management tools.”

Ransomware 134

Ransomware Surveillance Healthcare Accountability 134

Security Affairs

APRIL 16, 2023

hacking tools and electronics A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Data breaches 98

Data breaches Spyware Surveillance Retail 98

Security Affairs

SEPTEMBER 3, 2022

SecurityAffairs – hacking, newsletter). users China-linked APT40 used ScanBox Framework in a long-running espionage campaign Russian streaming platform Start discloses a data breach impacting 7.5M Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Data breaches 97

Data breaches Malware Surveillance Ransomware 97