Security Boulevard

JANUARY 20, 2025

Inside the Black Box of Predictive Travel Surveillance Wired Covers the use of powerful surveillance technology in predicting who might be a "threat." Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). CVE-2025-21308.

Surveillance 97

Surveillance Malware Data breaches Scams 97

Security Affairs

AUGUST 17, 2021

The identifier could be obtained via social engineering. The attacker would also need to obtain Kalay UIDs through social engineering or other vulnerabilities in APIs or services that return Kalay UIDs. This varies from device to device but typically is used for device telemetry, firmware updates, and device control.”

IoT 124

IoT Hacking Social Engineering Firmware 124

SecureWorld News

AUGUST 24, 2022

If malware were installed on the device, it could control the LEDs by blinking and changing colors with firmware commands. The infection of a device can be achieved via supply chain attacks, social engineering techniques, or the use of hardware with installed software or firmware. The data can be textual (e.g.,

Firmware 98

Firmware Social Engineering Surveillance Malware 98

SecureList

NOVEMBER 30, 2021

Based on forensic analysis of numerous mobile devices, Amnesty International’s Security Lab found that the software was repeatedly used in an abusive manner for surveillance. Firmware vulnerabilities. FinSpy is an infamous, commercial surveillance toolset that is used for “legal surveillance” purposes.

Malware 140

Malware Mobile Spyware Surveillance 140

eSecurity Planet

FEBRUARY 22, 2022

There is no need for social engineering , as the program can implant backdoors directly without forced consent. It can even access the chip’s firmware to gain root access on the device, a significant privilege escalation. Zero-click attacks remove this hurdle.

Spyware 125

Spyware Software Government Social Engineering 125

SecureList

NOVEMBER 14, 2023

In May, Ars Technica reported that BootGuard private keys had been stolen following a ransomware attack on Micro-Star International (MSI) in March this year (firmware on PCs with Intel chips and BootGuard enabled will only run if it is digitally signed using the appropriate keys).

Hacking 141

Hacking Energy and Utilities Malware Media 141

Pen Test Partners

MAY 26, 2025

Our analysis proved theyd been socially engineered using deepfake voice calls and spoofed emails, exonerating the staff member and aiding in Interpols ongoing investigation. Our investigation revealed spyware with call-forwarding and banking credential capture, likely installed via custom firmware on the device.

Banking 64

Banking VPN Ransomware Scams 64