Heimadal Security

JULY 16, 2021

A new report by Microsoft and Citizen Lab has tracked DevilsTongue spyware, a threat that targets zero-day vulnerabilities in Windows systems. Threat actors seem to belong to an Israeli-based spyware company by its name Candiru or Sourgum. What Is a Spyware?

Spyware 119

Spyware Malware Data breaches Cybersecurity 119

Security Boulevard

APRIL 18, 2024

It’s rare to see a data breach study observers call a “mixed bag.” The post Roku experiences another data breach; Apple notifies users about mercenary spyware attacks appeared first on Security Boulevard.

Data breaches 69

Data breaches Spyware Hacking 69

Security Boulevard

JUNE 28, 2023

The post Ironic: LetMeSpy Spyware Hackers Were Hacked (by Hackers) appeared first on Security Boulevard. Content warning: Abuse, stalking, controlling behavior, Schadenfreude, irony, doxxing.

Spyware 111

Spyware Hacking Social Engineering Data breaches 111

Security Affairs

JUNE 29, 2023

The company immediately launched an investigation into the incident and notified law enforcement and data protection watchdogs. “It’s not clear who is behind the LetMeSpy hack or their motives. .” India, and Africa.

Data breaches 98

Data breaches Spyware Hacking Accountability 98

Schneier on Security

JUNE 28, 2023

Most of the location data points are centered over population hotspots, suggesting the majority of victims are located in the United States, India and Western Africa. The leaked data contains no identifying information, which means people whose data was leaked can’t be notified.

Hacking 249

Hacking Spyware Accountability Data breaches 249

Troy Hunt

MARCH 23, 2019

Here's this week's which has a bunch of different things in it I found interesting including the usual raft of data breaches and other industry bits and pieces. Gotta fly, enjoy! Elsevier looks like they logged a bunch of passwords in plain text (who would do that.

Data breaches 173

Data breaches Spyware Firmware Passwords 173

Security Affairs

NOVEMBER 17, 2024

that reboots locked devices Ymir ransomware, a new stealthy ransomware grow in the wild Amazon discloses employee data breach after May 2023 MOVEit attacks A new fileless variant of Remcos RAT observed in the wild A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine U.S.

Cryptocurrency 112

Cryptocurrency Malware Hacking Ransomware 112

IT Security Guru

AUGUST 9, 2022

A data breach is any person’s nightmare. Hackers target small and medium businesses as they don’t have the resources to pay for cybersecurity tools and network upgrades to protect their data against the latest cybercriminals’ tricks as large corporations do. Download from official sources . Pay attention to symptoms of malware.

Data breaches 117

Data breaches Passwords Accountability Antivirus 117

Webroot

FEBRUARY 21, 2025

Phishing scams, ransomware attacks, data breaches, and identity theft are part of a growing list of online dangers that are a daily reality. It combines multiple security capabilities into one easy-to-use package that includes: Antivirus protection Detects and neutralizes viruses, malware , spyware , and ransomware.

Antivirus 84

Antivirus Identity Theft Cyber threats Phishing 84

Adam Levin

NOVEMBER 26, 2019

Using the information and accesses exposed, they could create effective phishing campaigns, or target companies with various forms of malicious software attacks: malware, spyware, ransomware, and more,” the article continued. The leaked data also included information from affiliated platforms, including Booking.com and Hotelbeds.com.

B2B 295

B2B Spyware VPN Phishing 295

Security Affairs

SEPTEMBER 4, 2018

The company that sells the parental control spyware app Family Orbit has been hacked, pictures of hundreds of monitored children were left online. The company that sells the parental control spyware app Family Orbit has been hacked, the pictures of hundreds of monitored children were left online only protected by a password.

Spyware 76

Spyware Hacking Data breaches Passwords 76

Malwarebytes

JUNE 4, 2025

However, the Google Threat Analysis Group (TAG) team, which discovered the exploit, focuses on spyware and nation-state attackers who abuse zero days for espionage purposes. We dont just report on browser vulnerabilities.

Spyware 75

Spyware Engineering Data breaches Scams 75

Security Affairs

JANUARY 19, 2025

CISA adds Aviatrix Controllers vulnerability to its Known Exploited Vulnerabilities catalog ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems Russia-linked APT Star Blizzard targets WhatsApp accounts Prominent US law firm Wolf Haldenstein disclosed a data breach Clop Ransomware exploits Cleo File Transfer flaw: dozens (..)

Spyware 71

Spyware Data breaches DNS Artificial Intelligence 71

Security Affairs

FEBRUARY 15, 2025

CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs Hacking Attackers exploit a new zero-day to hijack Fortinet firewalls Security OpenSSL patched high-severity flaw CVE-2024-12797 Progress Software fixed multiple high-severity (..)

Spyware 71

Spyware Firewall Artificial Intelligence Malware 71

Security Affairs

FEBRUARY 9, 2025

CISA adds Microsoft.NET Framework, Apache OFBiz, and Paessler PRTG Network Monitor flaws to its Known Exploited Vulnerabilities catalog SparkCat campaign target crypto wallets using OCR to steal recovery phrases International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists Online food (..)

Spyware 62

Spyware Cybercrime Scams Social Engineering 62

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware 129

Spyware Data breaches Hacking Ransomware 129

Security Affairs

MARCH 8, 2025

Quantum computers threaten to break online security in minutes, expert warns ENISA NIS360 2024 Catalan court says NSO Group executives can be charged in spyware investigation Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,newsletter)

Data breaches 69

Data breaches Hacking Cybercrime Artificial Intelligence 69

Security Boulevard

MARCH 24, 2025

Researchers name several countries as potential Paragon spyware customers TechCrunch The Citizen Lab, a group of academics and security researchers, recently published a report indicating the governments of Australia, Canada, Cyprus, Denmark, Israel, and Singapore are "likely" customers of Israeli spyware maker Paragon Solutions.

Surveillance 75

Surveillance Telecommunications Data breaches Malware 75

Security Affairs

FEBRUARY 2, 2025

ESXi Ransomware Attacks: Stealthy Persistence through SSH Tunneling MintsLoader: StealC and BOINC Delivery Cloud Ransomware Developments | The Risks of Customer-Managed Keys New TorNet backdoor seen in widespread campaign Active Exploitation: New Aquabot Variant Phones Home How we kept the Google Play & Android app ecosystems safe in 2024 Solana (..)

Malware 74

Malware Spyware Ransomware Hacking 74

Penetration Testing

JULY 26, 2024

A small Minnesota-based company, Spytech, specializing in spyware production, fell victim to a cyber attack. As a result of the data... The post Spytech Hacked: Thousands of Devices Exposed in Spyware Maker Breach appeared first on Cybersecurity News.

Spyware 67

Spyware Hacking Cyber Attacks Cybersecurity 67

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 110

Cryptocurrency Hacking Phishing Cyber Attacks 110

Security Affairs

APRIL 20, 2025

CISA adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog Entertainment venue management firm Legends International disclosed a data breach China-linked APT Mustang Panda upgrades tools in its arsenal Node.js

Data breaches 62

Data breaches Malware Phishing Hacking 62

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Data breaches 124

Data breaches Computers and Electronics Spyware Cybercrime 124

Security Affairs

JULY 28, 2024

Ukraine’s cyber operation shut down the ATM services of major Russian banks A bug in Chrome Password Manager caused user credentials to disappear BIND updates fix four high-severity DoS bugs in the DNS software suite Terrorist Activity is Accelerating in Cyberspace – Risk Precursor to Summer Olympics and Elections Progress Software fixed (..)

Spyware 124

Spyware Data breaches Cybercrime Banking 124

Security Affairs

APRIL 13, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads BadBazaar: iOS and Android Surveillanceware by Chinas APT15 Used to Target Tibetans and Uyghurs GOFFEE continues to attack (..)

Malware 75

Malware Spyware Government Mobile 75

Malwarebytes

SEPTEMBER 4, 2024

After using passwords obtained from one of the countless breaches as a lure to trick victims into paying, the “Hello pervert” sextortion scammers have recently introduced two new pressure tactics: Name-dropping the infamous Pegasus spyware and adding pictures of your home environment. It works well on Android, iOS, and Windows.

Scams 139

Scams Spyware Passwords Password Management 139

Security Affairs

JUNE 2, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 126

Data breaches VPN Cloud Migration Cybercrime 126

Security Affairs

JULY 7, 2024

GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfill.io GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfill.io

Data breaches 123

Data breaches Hacking Banking Spyware 123

Troy Hunt

AUGUST 24, 2018

I update how the Mozilla testing with HIBP is going, I'm going to update my Ubiquiti network at home and I get a bit cranky about people installing spyware on other people's phones. I’m also a guy who sees a lot of data breaches and no-way no-how will I ever resort to installing this sort of product on either of my kids’ devices.

Spyware 119

Spyware Data breaches 119

Security Affairs

APRIL 21, 2024

carmaker with phishing attacks Law enforcement operation dismantled phishing-as-a-service platform LabHost Previously unknown Kapeka backdoor linked to Russian Sandworm APT Cisco warns of a command injection escalation flaw in its IMC.

Data breaches 133

Data breaches Ransomware Phishing Malware 133

Security Affairs

JULY 14, 2024

CISA adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog Evolve Bank data breach impacted over 7.6 Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Their focus? million miles on U.S.

Data breaches 120

Data breaches VPN Malware Banking 120

Security Affairs

APRIL 14, 2024

Crooks manipulate GitHub’s search results to distribute malware BatBadBut flaw allowed an attacker to perform command injection on Windows Roku disclosed a new security breach impacting 576,000 accounts LastPass employee targeted via an audio deepfake call TA547 targets German organizations with Rhadamanthys malware CISA adds D-Link multiple (..)

Data breaches 130

Data breaches Social Engineering Malware Hacking 130

Security Boulevard

MARCH 17, 2025

While easy to file away as the app publisher's problem, hard-coded secrets to APIs and cloud storage could result in data breaches, which naturally have a direct effect on user privacy. Items presented here are typically curated with the end user and small groups (such as families and small/micro businesses) in mind.

Surveillance 59

Surveillance Data breaches Spyware Malware 59

SecureWorld News

APRIL 2, 2025

The latest wave of privacy litigation doesn't involve data breaches, AI models, or spyware. It involves tracking pixelsand legal theories pulled from a time when Blockbuster Video was still a thing.

Consumer Protection 78

Consumer Protection Spyware Surveillance Retail 78

Security Affairs

NOVEMBER 28, 2021

Italy’s Antitrust Agency fines Apple and Google for aggressive practices of data acquisition HAEICHI-II: Interpol arrested +1,000 suspects linked to various cybercrimes IKEA hit by a cyber attack that uses stolen internal reply-chain emails Marine services provider Swire Pacific Offshore (SPO) hit by Clop ransomware Threat actors target crypto and (..)

Spyware 100

Spyware Data breaches Cyber Attacks Ransomware 100

Security Affairs

JULY 25, 2021

Kaseya obtained a universal decryptor for REvil ransomware attack Over 80 US Municipalities Sensitive Information, Including Residents Personal Data, Left Vulnerable in Massive Data Breach Threat Report Portugal: Q2 2021 What Is An Identity and Access Management So-lution and How Can Businesses Benefit From It?

Spyware 126

Spyware Data breaches Government Ransomware 126

Security Affairs

JANUARY 1, 2024

TWO SPYWARE SENDING DATA OF MORE THAN 1.5M million downloads have been discovered spying on users and sending data to China. DARKBEAM LEAKS BILLIONS OF EMAIL AND PASSWORD COMBINATIONS DarkBeam left an Elasticsearch and Kibana interface unprotected, exposing records from previously reported and non-reported data breaches.

Cybersecurity 135

Cybersecurity Spyware Data breaches Passwords 135