Security Affairs

NOVEMBER 26, 2021

A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e.

Spyware 120

Spyware Social Engineering Surveillance Engineering 120

Krebs on Security

SEPTEMBER 14, 2021

Also, Apple has issued an emergency update to fix a flaw that’s reportedly been abused to install spyware on iOS products, and Google ‘s got a new version of Chrome that tackles two zero-day flaws. Finally, Adobe has released critical security updates for Acrobat , Reader and a slew of other software.

Spyware 63

Spyware Social Engineering Surveillance Internet 63

Security Affairs

FEBRUARY 9, 2025

CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog Cisco addressed two critical flaws in its Identity Services Engine (ISE) Notorious hacker behind 40+ cyberattacks on strategic organizations arrested Lazarus APT targets crypto wallets using cross-platform JavaScript stealer U.S.

Spyware 61

Spyware Cybercrime Scams Social Engineering 61

Malwarebytes

SEPTEMBER 14, 2021

Spyware developed by the company NSO Group is back in the news today after Apple released an emergency fix for iPhones, iPads, Macs, and Apple Watches. The update fixes a vulnerability silently exploited by software called Pegasus, which is often used in high-level surveillance campaigns by governments. ” Pegasus spyware.

Spyware 135

Spyware Surveillance Software Engineering 135

Joseph Steinberg

JULY 13, 2022

Apple last week announced new security features specifically intended to offer “specialized additional protection to users who may be at risk of highly targeted cyberattacks from private companies developing state-sponsored mercenary spyware.”. Flip phones are not totally immune from government surveillance and action either.).

Cybersecurity 258

Cybersecurity Artificial Intelligence Government Social Engineering 258

Security Affairs

DECEMBER 12, 2024

The Russia-linked APT Gamaredon used two new Android spyware tools calledBoneSpyandPlainGnome against former Soviet states. Lookout researchers linked the BoneSpy and PlainGnome Android surveillance families to the Russian APT group Gamaredon (a.k.a. These findings tie the mobile surveillance families to Gamaredons desktop campaigns.

Mobile 99

Mobile Malware Surveillance Social Engineering 99

Malwarebytes

AUGUST 26, 2021

Researchers from Citizen Lab, an academic research and development lab based in the University of Toronto in Canada, has recently discovered that an exploit affecting iMessage is being used to target Bahraini activists with the Pegasus spyware. The attackers just deploy the exploit. No need for the target to click something.

Spyware 108

Spyware Surveillance Social Engineering Government 108

Security Affairs

MARCH 25, 2021

Facebook has taken action against a series of accounts used by a China-linked cyber-espionage group, tracked as Earth Empusa or Evil Eye, to deploy surveillance malware on devices used by Uyghurs activists, journalists, and dissidents living outside China.

Surveillance 115

Surveillance Social Engineering Malware Accountability 115

Security Affairs

SEPTEMBER 3, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Social Engineering 126

Social Engineering Spyware Data breaches Surveillance 126

eSecurity Planet

FEBRUARY 22, 2022

There is no need for social engineering , as the program can implant backdoors directly without forced consent. NSO Group’s Pegasus software has been routinely in the headlines in recent years for using zero-click attacks to install its spyware. Spyware and Zero-Days: A Troubling Market.

Spyware 125

Spyware Software Government Social Engineering 125

Security Affairs

OCTOBER 28, 2018

Many experts linked the Regin malware to the Five Eyes alliance , they found alleged references to the super spyware in a number of presentations leaked by Edward Snowden and according to malware researchers, it has been used in targeted attacks against government agencies in the EU and the Belgian telecoms company Belgacom.

Hacking 110

Hacking Spyware Telecommunications Malware 110

SecureWorld News

NOVEMBER 23, 2021

The opening lines of the lawsuit say it all: "Defendants are notorious hackers—amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse.". And Apple's Head of Security Engineering and Architecture was extremely blunt when he announced the lawsuit on Twitter.

Spyware 96

Spyware Surveillance Engineering Software 96

SecureWorld News

NOVEMBER 30, 2023

Lionel Litty, Chief Security Architect at Menlo Security, discussed this trend with SecureWorld News: "Despite all the care taken by Google engineers, we continue to see a steady stream of security issues that are exploitable, including many 0-days that are actually exploited.

Spyware 113

Spyware Surveillance Malware Risk 113

Security Affairs

SEPTEMBER 1, 2024

Under Meredith Whittaker, It’s Out to Prove Surveillance Capitalism Wrong EU investigating Telegram over user numbers Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Surveillance 120

Surveillance Malware Firewall Phishing 120

SecureList

NOVEMBER 28, 2024

Epeius is a commercial spyware tool developed by an Italian company that claims to provide intelligence solutions to law enforcement agencies and governments. The second, an article published in 2024 by the Google Threat Analysis Group, described the business model of various companies that provide commercial surveillance solutions.

Malware 118

Malware Government Software Spyware 118

SecureList

NOVEMBER 30, 2021

Based on forensic analysis of numerous mobile devices, Amnesty International’s Security Lab found that the software was repeatedly used in an abusive manner for surveillance. FinSpy is an infamous, commercial surveillance toolset that is used for “legal surveillance” purposes.

Malware 140

Malware Mobile Spyware Surveillance 140

Security Affairs

JANUARY 10, 2021

The exploit called “SignSight” involved the modification of software installers hosted on the Certificate Authorities website (“ca.gov.vn”) to insert a spyware tool called PhantomNet or Smanager to unsuspecting end users. For more information on this breach, see: Software Supply-Chain Attack Hits Vietnam Government Certification Authority.

Cyber Attacks 126

Cyber Attacks Government Surveillance Software 126

Hacker's King

MAY 20, 2023

However, if hackers gain access to these tokens through social engineering, phishing attacks, or other means, they can bypass 2FA by directly entering the codes, granting them unauthorized access. Social Engineering: Guarding Against Manipulation Social engineering remains a potent tool in hackers’ arsenal.

Authentication 52

Authentication Social Engineering Spyware Engineering 52

eSecurity Planet

OCTOBER 21, 2022

From facial recognition to surveillance cameras to time trackers or just having a couple guys standing over employees’ shoulders, there are a multitude of ways to make sure employees are staying on-task and being productive. Businesses have long wondered if employees are staying focused and doing their jobs.

Computers and Electronics 127

Computers and Electronics Surveillance Software Manufacturing 127

Security Boulevard

FEBRUARY 10, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Stable Channel Update for Desktop Google Chrome Releases Chrome version 133 includes 12 security fixes, including a high severity use-after-free vulnerability in the V8 JavaScript engine (CVE-2025-0445).

Spyware 52

Spyware Surveillance Government Data breaches 52

Google Security

MAY 15, 2024

Posted by Dave Kleidermacher, VP Engineering, Android Security and Privacy Our commitment to user safety is a top priority for Android. We’ve been consistently working to stay ahead of the world’s scammers, fraudsters and bad actors. These features require device OEM integration and compatible hardware.

Scams 79

Scams Threat Detection Social Engineering Surveillance 79

Malwarebytes

OCTOBER 14, 2021

From a technical perspective, spyware—defined as software running on the device that surveils and tracks you—is not much of a thing, because of Apple’s restrictions on what apps can do, plus the fact that you can’t hide an app on iOS. However, long-time Apple users know and love the “fun Apple.”

Spyware 124

Spyware Backups Passwords Authentication 124

SecureList

APRIL 27, 2021

During routine monitoring of detections for FinFisher spyware tools, we discovered traces that point to recent FinFly Web deployments. The group’s operations were exposed in 2018, showing that it was conducting surveillance attacks against individuals in the Middle East. Final thoughts.

Malware 145

Malware Government Spyware Social Engineering 145

SecureList

NOVEMBER 14, 2023

This politician became the target of a previously undiscovered “zero-day” attack aimed at infecting his phone with spyware. A creative avenue for threat actors is to expand their surveillance efforts to include devices such as smart home cameras, connected car systems and beyond.

Hacking 141

Hacking Energy and Utilities Malware Media 141

Pen Test Partners

MAY 26, 2025

Our analysis proved theyd been socially engineered using deepfake voice calls and spoofed emails, exonerating the staff member and aiding in Interpols ongoing investigation. Our investigation revealed spyware with call-forwarding and banking credential capture, likely installed via custom firmware on the device.

Banking 64

Banking VPN Ransomware Scams 64

Malwarebytes

JANUARY 29, 2024

For decades, governments and companies have surveilled the conversations, movements, and behavior of the public. DAVID RUIZ : We know that mass surveillance has this “Collect it all” mentality—of the NSA, obviously, but also from companies that gather clicks and shares and locations and app downloads and all of that.

Surveillance 94

Surveillance Government Advertising Spyware 94

SecureList

OCTOBER 26, 2021

On June 3, Check Point published a report about an ongoing surveillance operation targeting a Southeast Asian government, and attributed the malicious activities to a Chinese-speaking threat actor named SharpPanda. Historically, its Windows implant was represented by a single-stage spyware installer. Final thoughts.

Malware 145

Malware Government Surveillance Spyware 145

SecureList

NOVEMBER 17, 2021

The Israeli Defense Forces (IDF) have claimed that threat actors have been using catfishing to lure Israeli soldiers into installing spyware. This year, the use of surveillance software developed by private vendors has come under the spotlight, as discussed above. And now, we turn our attention to the future.

Mobile 145

Mobile Surveillance Ransomware Government 145

eSecurity Planet

OCTOBER 21, 2022

From ransomware attacks locking businesses out of their data until they pay potentially millions of dollars to spyware tracking users’ every move through their infected device, the effects of malware can be devastating. Types of spyware are often classified based on what information they’re gathering. Need More Intel on Rootkits?

Malware 75

Malware Adware Spyware Antivirus 75

ForAllSecure

SEPTEMBER 21, 2021

The Federal Trade Commission in the United States, banned an app called SpyPhone, and its CEO Scott Zuckerman, from operating in the surveillance industry. Some of those who bought the spyware were allegedly able to see live locations of the devices, view the targets emails, photos, web browsing history, text messages, video calls, etc.

Technology 52

Technology Software Surveillance Media 52

Adam Levin

JANUARY 7, 2021

as well as details about state business and likely correspondents, which could be used in a spear phishing attack, doxxing , and other social engineering ploys. This would include communications wiring, the planting of video, audio or network hacking devices as well as other electronic surveillance technology.

Computers and Electronics 342

Computers and Electronics Cybersecurity Social Engineering Spyware 342

Security Affairs

DECEMBER 22, 2024

CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog ConnectOnCall data breach impacted over 900,000 individuals Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware Multiple flaws in Volkswagen Group’s infotainment unit allow for vehicle compromise (..)

Data breaches 61

Data breaches Cybercrime Spyware Firmware 61