Encryption, Information Security, Mobile and Surveillance

WhatsApp flaws could have allowed hackers to remotely hack mobile devices

Security Affairs

APRIL 14, 2021

WhatsApp recently addressed two security vulnerabilities in its app for Android that could have been exploited by remote attackers to execute malicious code on a target device and potentially eavesdrop on communications. The communication with upstream servers and the E2E encryption implementation are two notable ones.

Mobile

Mobile Hacking Encryption Surveillance

Signal denies claims of an alleged zero-day flaw in its platform

Security Affairs

OCTOBER 16, 2023

Encrypted messaging app Signal denied claims of an alleged zero-day flaw in its platform after a responsible investigation. The popular encrypted messaging app Signal denied claims of an alleged zero-day vulnerability in its platform. “PSA: we have seen the vague viral reports alleging a Signal 0-day vulnerability.

Spyware

Spyware Surveillance Encryption Mobile

Unknown FinSpy Mac and Linux versions found in Egypt

Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. FinSpy can spy on most popular desktop and mobile operating systems, including Android, iOS, Windows, macOS, and Linux. ” reads the Amnesty’s report.

Spyware

Spyware Surveillance Mobile Advertising

The iPhone of a Russian journalist was infected with the Pegasus spyware

Security Affairs

SEPTEMBER 14, 2023

A joint investigation conducted by Access Now and the Citizen Lab revealed that the journalist, who is at odds with the Russian government, was infected with the surveillance software. However, there is no public evidence that the Russian government is a client of the Israeli surveillance firm NSO Group. ” states Access Now.

Spyware

Spyware Surveillance Media Government

Lorenz ransomware gang stolen files from defense contractor Hensoldt

Security Affairs

JANUARY 14, 2022

This week a Hensholdt spokesperson confirmed the security breach to BleepingComputer explaining that a small number of mobile devices in its UK subsidiary has been affected. Hensoldt AG focuses on sensor technologies for protection and surveillance missions in the defence, security and aerospace sectors.

Ransomware

Ransomware Surveillance Mobile Encryption

Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches

Data breaches Malware Mobile Spyware

Experts spotted a new advanced Android spyware posing as “System Update”

Security Affairs

MARCH 27, 2021

Researchers spotted a sophisticated Android spyware that implements exfiltration capabilities and surveillance features, including recording audio and phone calls. Experts from security firm Zimperium have spotted a new sophisticated Android spyware that masquerades itself as a System Update application.

Spyware

Spyware Malware Surveillance Mobile

UN approves Russia-Cina sponsored resolution on new cybercrime convention

Security Affairs

DECEMBER 30, 2019

Many governments worldwide persecute their internal oppositions charging them with criminal activities and use strict online surveillance to track them. The surveillance software developed by NSO Group was used by government organizations worldwide to spy on human rights groups , activists, journalists, lawyers, and dissidents.

Cybercrime

Cybercrime Surveillance Spyware Government

Bouncing Golf cyberespionage campaign targets Android users in Middle East

Security Affairs

JUNE 19, 2019

The attackers appear to be focused o n stealing military-related information. The researchers speculate on a possible connection to Domestic Kitten espionage activities, an extensive surveillance operation conducted by Iranian APT actor aimed at specific groups of individuals since 2016. ” Trend Micro concludes.

Mobile

Mobile Malware Advertising Encryption

Proton Technologies makes the code of ProtonMail iOS App open source

Security Affairs

NOVEMBER 2, 2019

Recently the cybersecurity firm SEC Consult reviewed the source code of the ProtonMail iOS App and found seven low-risk vulnerabilities in the popular mobile mail client. “During the initial code review, SEC Consult found seven low-risk vulnerabilities in the reviewed source code and the mobile app.”

Technology

Technology Mobile Advertising Surveillance

US NCSC and DoS share best practices against surveillance tools

Security Affairs

JANUARY 9, 2022

The US NCSC and the Department of State published joint guidance on defending against attacks using commercial surveillance tools. In the last years, we have reported several cases of companies selling commercial surveillance tools to governments and other entities that have used them for malicious purposes. Pierluigi Paganini.

Surveillance

Surveillance Mobile Spyware Malware

Malicious app exploiting CVE-2019-2215 zero-day available in Google Play since March

Security Affairs

JANUARY 7, 2020

According to Stone, the CVE-2019-2215 vulnerability was being used or sold by the controversial surveillance firm NSO Group , it was exploited by its surveillance software Pegasus. Collected data is encrypted using RSA and AES encryption algorithms, then it is sent to the C&C server.

Surveillance

Surveillance Advertising Marketing Encryption

WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies

Security Affairs

OCTOBER 30, 2019

WhatsApp sued Israeli surveillance firm NSO Group, accusing it of using a flaw in its messaging service to conduct cyberespionage on journalists and activists. WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. ” reads the lawsuit.

Surveillance

Surveillance Technology Spyware Mobile

Attack of drones: airborne cybersecurity nightmare

Security Affairs

DECEMBER 2, 2022

Naturally, threat actors follow the trend and exploit the technology for surveillance, payload delivery, kinetic operations, and even diversion. Further considerations must be taken to secure onboard storage of the drone, ensure routes drones travel are relatively safe (i.e., free from obstacles, sparsely populated, etc.)

Cybersecurity

Cybersecurity Wireless Computers and Electronics Penetration Testing

Swedish Government grants police the use of spyware against violent crime suspects

Security Affairs

OCTOBER 24, 2019

The Sweden government is going to authorize law enforcement agencies into using spyware to spy on suspects’ devices, the malicious code allows agents to read encrypted communications, to track their movements, exfiltrate data and spy on them via built-in microphone and camera. ” reads the official announcement.

Spyware

Spyware Government Surveillance Encryption

Swiss army asks its personnel to use the Threema instant-messaging app

Security Affairs

JANUARY 9, 2022

All communication is end-to-end encrypted, and the app is open source. In future, the army will forbid its relatives from exchanging information with one another via Whats app, signal or telegram and from disseminating official instructions via these channels.”

Computers and Electronics

Computers and Electronics Encryption Surveillance Cybercrime

7 Cyber Security Courses Online For Everybody

Spinone

NOVEMBER 21, 2019

This course covers a broad range of security topics, explaining it with a simple language. Here are only seven out of 26 topics: Insider threats Passwords Security of mobile devices Social engineering Viruses Email security Human error To start the course, you need to register and choose the type of account you need.

Social Engineering

Social Engineering Accountability Phishing Cybersecurity

Research: nearly all of your messaging apps are secure

Security Affairs

DECEMBER 22, 2020

These results are generally promising, as it signifies that the secure messaging industry is heading in the right direction. We also found that most of the apps used variations of RSA and AES for encryption and key hashes – which are some of the most secure encryption algorithms available today.

Encryption

Encryption Spyware Surveillance Software

European Commission has chosen the Signal app to secure its communications

Security Affairs

FEBRUARY 25, 2020

The popular cross-platform encrypted messaging service Signal has been chosen by the European Commission for its communications. The European Commission has decided to adopt for its staff the popular cross-platform encrypted messaging service Signal for its communications. ” reported the Politico. ” reported the Politico.

Encryption

Encryption Advertising Surveillance Hacking

Cyber Security Informer

WhatsApp flaws could have allowed hackers to remotely hack mobile devices

Signal denies claims of an alleged zero-day flaw in its platform

Trending Sources

Unknown FinSpy Mac and Linux versions found in Egypt

The iPhone of a Russian journalist was infected with the Pegasus spyware

Lorenz ransomware gang stolen files from defense contractor Hensoldt

Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition

Experts spotted a new advanced Android spyware posing as “System Update”

UN approves Russia-Cina sponsored resolution on new cybercrime convention

Bouncing Golf cyberespionage campaign targets Android users in Middle East

Proton Technologies makes the code of ProtonMail iOS App open source

US NCSC and DoS share best practices against surveillance tools

Malicious app exploiting CVE-2019-2215 zero-day available in Google Play since March

WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies

Attack of drones: airborne cybersecurity nightmare

Swedish Government grants police the use of spyware against violent crime suspects

Swiss army asks its personnel to use the Threema instant-messaging app

7 Cyber Security Courses Online For Everybody

Research: nearly all of your messaging apps are secure

European Commission has chosen the Signal app to secure its communications

Stay Connected