Schneier on Security

FEBRUARY 6, 2023

But what if, instead, somebody hacked into the system and just switched the labels for “gun” and “turtle” or swapped “stop” and “45 mi/h”? Like everything else, these systems will be hacked through vulnerabilities in those more conventional parts of the system. This is bulk surveillance and can easily operate on this massive scale.

Encryption 225

Encryption Software Hacking Social Engineering 225

Security Affairs

MARCH 25, 2021

Facebook has taken action against a series of accounts used by a China-linked cyber-espionage group, tracked as Earth Empusa or Evil Eye, to deploy surveillance malware on devices used by Uyghurs activists, journalists, and dissidents living outside China. SecurityAffairs – hacking, Facebook). Pierluigi Paganini.

Surveillance 80

Surveillance Social Engineering Malware Spyware 80

Malwarebytes

AUGUST 26, 2021

The Bahrain government and groups linked to them—such as LULU , a known operator of Pegasus, and others like them who are associated with a separate government—were tagged as culprits of the surveillance activity. It could also hack the iPhone 11, the latest model of that time. No real protection in sight?

Spyware 97

Spyware Surveillance Social Engineering Government 97

Krebs on Security

MARCH 29, 2022

The reality that teenagers are now impersonating law enforcement agencies to subpoena privileged data on their targets at whim is evident in the dramatic backstory behind LAPSUS$ , the data extortion group that recently hacked into some of the world’s most valuable technology companies , including Microsoft , Okta , NVIDIA and Vodafone.

Accountability 276

Accountability Government Hacking Social Engineering 276

Security Affairs

MAY 21, 2020

The Chafer APT group has distributed data stealer malware since at least mid-2014, it was focused on surveillance operations and the tracking of individuals. Most of the hacking activity occurs on Friday and Saturday, coinciding with the weekend in the Middle East. SecurityAffairs – Chafer APT, hacking). Pierluigi Paganini.

Government 112

Government Social Engineering Telecommunications Hacking 112

Joseph Steinberg

JULY 13, 2022

Additionally, keep in mind that while Lockdown Mode may make it more difficult for attackers to exploit social engineering in order to compromise devices, until Apple more strictly controls what apps it allows in its app store , potential government spying remains a major problem.

Cybersecurity 249

Cybersecurity Artificial Intelligence Government Social Engineering 249

Security Affairs

NOVEMBER 25, 2021

The PowerShortShell stealer is also used for Telegram surveillance and gathering system information from infected systems. “The adversary might be tied to Iran’s Islamic regime since the Telegram surveillance usage is typical of Iran’s threat actors like Infy, Ferocious Kitten, and Rampant Kitten. fn= hxxp://hr.dedyn.io/upload2.aspx

Surveillance 83

Surveillance Social Engineering Cybercrime Phishing 83

Security Affairs

NOVEMBER 26, 2021

Upon opening the app, it requests that the user grant the app permissions to perform surveillance actions such as to access to the microphone to record audio and all files stored on the device. The malicious apps use social engineering to ask the user to grant advanced permissions. SecurityAffairs – hacking, Operation Cyclone).

Spyware 88

Spyware Social Engineering Surveillance Engineering 88

eSecurity Planet

FEBRUARY 22, 2022

There is no need for social engineering , as the program can implant backdoors directly without forced consent. Pegasus performs zero-click hacks by exploiting security flaws in popular applications installed by default on iOS and Android, such as WhatsApp, Telegram, Skype, or iMessage. Zero-click attacks remove this hurdle.

Spyware 122

Spyware Software Government Social Engineering 122

Krebs on Security

AUGUST 5, 2019

This story is about how crooks increasingly are abusing third-party financial aggregation services like Mint , Plaid , Yodlee , YNAB and others to surveil and drain consumer accounts online. “If the account is active, hackers then can go to the next stage for 2FA phishing or social engineering, or linking the accounts with another.”

Banking 257

Banking Passwords Risk Password Management 257

ForAllSecure

DECEMBER 21, 2022

In a moment I’ll share a couple of travel stories from a well-known hacker, one who took creepy surveillance technology and flipped it around. It’s about challenging out expectations about the people who hack for a living. Sometimes you can use surveillance tools in your favor. So let’s get started.

Computers and Electronics 40

Computers and Electronics Surveillance Big data Social Engineering 40

Identity IQ

FEBRUARY 8, 2024

But the dark web is also associated with illegal activities including the trafficking of drugs, weapons, and illegal pornography, hacking and cybercrime, terrorism, and the sale of stolen data or personal information. He was charged with money laundering, computer hacking, and conspiracy to traffic narcotics.

Identity Theft 98

Identity Theft Cryptocurrency Government Engineering 98

SecureList

NOVEMBER 14, 2023

Mail servers become priority targets In June, Recorded Future warned that BlueDelta (aka Sofacy, APT28, Fancy Bear and Sednit) exploited vulnerabilities in Roundcube Webmail to hack multiple organizations including government institutions and military entities involved in aviation infrastructure. Drone hacking!

Hacking 109

Hacking Energy and Utilities Media Malware 109

SecureWorld News

OCTOBER 26, 2021

The suspected Russian Advanced Persistent Threat (APT) behind the SolarWinds incident is attempting to warm-up strategic social engineering techniques to breach firms around the world in an effort to breathe life into similar cyberattacks. Burt also went into detail about what he suspects.

Technology 81

Technology Social Engineering Cybersecurity Surveillance 81

Security Boulevard

MARCH 1, 2024

EKEN IoT FAIL: Amazon, Sears and Shein still sell security swerving stuff. The post Cheap Video Doorbell Cams: Tools of Stalkers and Thieves appeared first on Security Boulevard.

IoT 130

IoT Social Engineering Internet Internet 130

Security Boulevard

FEBRUARY 14, 2024

I❤️POE: Does your home security need a rethink? Wireless cameras are kinda useless, say cops. The post ALERT: Thieves❤️Wi-Fi Camera Jammers appeared first on Security Boulevard.

Wireless 132

Wireless Social Engineering Internet Internet 132

SecureList

OCTOBER 26, 2021

Upon further investigation we also discovered additional implants deployed through both ShadowPad and ShadowShredder, such as Quarian backdoor, PlugX, Poison Ivy and other hack tools. In this quarter we focused on researching and dismantling surveillance frameworks following malicious activities we detected. Final thoughts.

Malware 143

Malware Government Surveillance Spyware 143

Spinone

NOVEMBER 21, 2019

Here are only seven out of 26 topics: Insider threats Passwords Security of mobile devices Social engineering Viruses Email security Human error To start the course, you need to register and choose the type of account you need. No hacking or programming experience is needed.

Social Engineering 40

Social Engineering Accountability Phishing Cybersecurity 40

Malwarebytes

APRIL 30, 2021

Anyone who can convince your ISP to give up that information, either by buying it, issuing a subpoena or by social engineering, can learn your address. As awareness of corporate surveillance and criminal hacking has grown, so have concerns about personal privacy. How to hide your IP address.

VPN 65

VPN Internet Internet Social Engineering 65

Security Affairs

SEPTEMBER 15, 2023

Leading Android health apps expose users to avoidable threats like surveillance and identity theft, due to their risky permissions. Access to Contacts: Apps with access to your contacts may misuse this information for spamming, social engineering, or selling your contact details to third parties without your consent.

Accountability 99

Accountability Mobile Surveillance Information Security 99

SecureList

APRIL 27, 2021

It was first publicly documented in 2014, in the aftermath of the Gamma Group hacking incident. The group’s operations were exposed in 2018, showing that it was conducting surveillance attacks against individuals in the Middle East. This server was disabled a day after our discovery last December. Final thoughts.

Malware 142

Malware Spyware Government Social Engineering 142

SecureList

OCTOBER 17, 2023

This strategic shift signals its intent to intensify its surveillance capabilities and expand its range of targets. These are new variants of the same hacking tools that we first reported in August 2019, and later detailed again in June 2021.

Government 109

Government Malware VPN Manufacturing 109

ForAllSecure

SEPTEMBER 21, 2021

The Federal Trade Commission in the United States, banned an app called SpyPhone, and its CEO Scott Zuckerman, from operating in the surveillance industry. The FTC claims that spy phones secretly harvested and shared data on people's physical movements phone news online activities through a hidden hack. So I hope you'll stick around.

Technology 52

Technology Software Surveillance Media 52