Security Affairs

JUNE 7, 2023

June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The June 2023 Android Security Bulletin provides details about the fix for more than fifty vulnerabilities affecting Android devices. In early April, U.S.

Spyware 85

Spyware Surveillance Firmware Hacking 85

Security Affairs

MARCH 29, 2023

Google’s Threat Analysis Group (TAG) discovered several exploit chains targeting Android, iOS, and Chrome to install commercial spyware. The exploit chains were used to install commercial spyware and malicious apps on targets’ devices. The experts pointed out that both campaigns were limited and highly targeted.

Spyware 87

Spyware Surveillance Firmware Internet 87

Security Affairs

APRIL 3, 2024

CVE-2024-29745 CVE-2024-29748″ The company did not provide details about the attacks, but in the past such kind of bugs was actively exploited by nation-state actors or commercial spyware vendors. The 2024-04-01 security patch level addressed eight high-severity flaws in Framework and System.

Spyware 109

Spyware Firmware Hacking Information Security 109

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. The firmware malware is based on code associated with HackingTeam’s VectorEDK bootkit, with minor changes. ” concludes the report.

Firmware 128

Firmware Spyware Surveillance Hacking 128

Security Affairs

SEPTEMBER 28, 2021

Experts spotted a new variant of the FinFisher surveillance spyware that is able to hijack and replace the Windows UEFI bootloader to infect Windows machines. Kaspersky experts shared the results of an 8-months investigation into FinSpy spyware at the Security Analyst Summit (SAS) 2021.

Spyware 86

Spyware Surveillance Firmware Malware 86

Security Affairs

OCTOBER 1, 2023

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One FBI warns of dual ransomware attacks Progress Software fixed two critical severity flaws in WS_FTP Server Child abuse site taken down, organized child exploitation crime suspected – exclusive A still unpatched zero-day RCE impacts more than 3.5M

Artificial Intelligence 102

Artificial Intelligence Firmware Data breaches Hacking 102

Security Affairs

JUNE 5, 2022

Unpatched critical Atlassian Confluence Zero-Day RCE flaw actively exploited Microsoft blocked Polonium attacks against Israeli organizations LockBit ransomware attack impacted production in a Mexican Foxconn plant Conti leaked chats confirm that the gang’s ability to conduct firmware-based attacks An international police operation dismantled FluBot (..)

Spyware 102

Spyware Firmware Ransomware Scams 102