Firmware, Spyware and VPN - Cyber Security Informer

Critical Blink Router Flaws (CVSS 9.8) Allow Remote Root Code Execution via Unauthenticated Attacks

Penetration Testing

JUNE 15, 2025

The flaws, tracked as CVE-2025-45984 through CVE-2025-45988, affect a wide range of firmware versions used in both consumer and enterprise-grade networking equipment. Shared Affected Codebase: Each flaw targets the same goahead binary and associated shared object, amplifying the impact across models and firmware versions.

Firmware

Firmware DNS Penetration Testing Malware

Spyware in the IoT – the Biggest Privacy Threat This Year

SiteLock

AUGUST 27, 2021

To help avoid these online risks, it is highly recommended to use a Virtual Private Network (VPN). VPNs are the baseline cybersecurity tool to safeguard internet-enabled devices and a home network. A VPN provides a secure internet connection, ensuring your browsing data is encrypted for maximum privacy and security.

IoT

IoT Spyware VPN Passwords

Privacy Roundup: Week 12 of Year 2025

Security Boulevard

MARCH 24, 2025

Researchers name several countries as potential Paragon spyware customers TechCrunch The Citizen Lab, a group of academics and security researchers, recently published a report indicating the governments of Australia, Canada, Cyprus, Denmark, Israel, and Singapore are "likely" customers of Israeli spyware maker Paragon Solutions.

Surveillance

Surveillance Telecommunications Data breaches Spyware

Privacy Roundup: Week 7 of Year 2025

Security Boulevard

FEBRUARY 17, 2025

Google's reCAPTCHA is not only useless, it's also basically spyware Techspot This study demonstrates Google's reCAPTCHA v2 and v3 are flawed and don't actually keep out bots. Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw).

Surveillance

Surveillance Data breaches VPN Malware

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

In 2022, the GReAT team tracked several threat actors leveraging SilentBreak’s toolset as well as a commercial Android spyware we named MagicKarakurt. Okta was breached through one of its service providers, Sitel, itself compromised via the insecure VPN gateway of a recently acquired company.

Firmware

Firmware Surveillance Mobile Telecommunications

Privacy Roundup: Week 6 of Year 2025

Security Boulevard

FEBRUARY 10, 2025

Spyware maker Paragon terminates contract with Italian government: media reports TechCrunch This campaign was included in Week 5 of the Privacy Roundup , where Meta disrupted a campaign on WhatsApp targeting approximately 100 users with Paragon Spyware. Privacy Services Mullvad VPN for Windows on ARM is here!

Spyware

Spyware Surveillance Government Data breaches

IT threat evolution Q1 2024

SecureList

JUNE 3, 2024

The attackers were able to bypass this hardware-based security protection using another hardware feature of Apple-designed SoCs (System on a Chip): they did this by writing the data, destination address and data hash to unknown hardware registers of the chip that are not used by the firmware.

Banking

Banking Malware Computers and Electronics Mobile

Our capabilities. A story about what we can achieve

Pen Test Partners

MAY 26, 2025

Our investigation revealed spyware with call-forwarding and banking credential capture, likely installed via custom firmware on the device. We traced the entry to an outdated Ivanti VPN, correlated DNS to malware domains (like iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com), and observed 7zip activity linked to data staging.

Banking

Banking VPN Ransomware Scams

Network Protection: How to Secure a Network

eSecurity Planet

MARCH 22, 2023

Virtual Private Network (VPN) : For remote access, remote desktop protocol (RDP) no longer can be considered safe. Instead, organizations should use a virtual private network (VPN) solution. Onsite appliances can be expensive and difficult to deploy and maintain for the smallest organizations. and mobile (phones, tablets, etc.)

Firewall

Firewall Network Security Penetration Testing Encryption

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

Sophos: Noted that 43% of all 2023 malware signature updates are for stealers, spyware, and keyloggers often used to steal credentials from devices. 60% of all mobile and browser zero-days are exploited by spyware vendors. 20% increase accesses of specific organizations advertised. and software libraries to attack the supply chain.

Cybersecurity

Cybersecurity DDOS Penetration Testing Ransomware

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

eSecurity Planet

SEPTEMBER 11, 2023

Network security is another big theme this week: Whether it’s a VPN connection or an enterprise-grade networking platform, patch management solutions typically won’t update network devices, so admins may need to keep an eye on any flaws there too. of the Atlas VPN Linux client. via port 8076. version of Superset.

VPN

VPN Authentication Firmware Phishing

APT trends report Q3 2021

SecureList

OCTOBER 26, 2021

The samples we analyzed mimicked various applications such as private messaging, VPN, and media services. Historically, its Windows implant was represented by a single-stage spyware installer. This is done via links to malicious landing pages or direct messages via some instant messaging platform such as WhatsApp.

Malware

Malware Government Surveillance Spyware

Cyber Security Informer

Critical Blink Router Flaws (CVSS 9.8) Allow Remote Root Code Execution via Unauthenticated Attacks

Spyware in the IoT – the Biggest Privacy Threat This Year

Trending Sources

Privacy Roundup: Week 12 of Year 2025

Privacy Roundup: Week 7 of Year 2025

Advanced threat predictions for 2023

Privacy Roundup: Week 6 of Year 2025

IT threat evolution Q1 2024

Our capabilities. A story about what we can achieve

Network Protection: How to Secure a Network

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

APT trends report Q3 2021

Stay Connected