Information Security, Internet, Mobile and Spyware

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 1, 2023

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. Cybersecurity and Infrastructure Security Agency (CISA) has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Spyware

Spyware Surveillance Mobile Education

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Security Affairs

JUNE 24, 2022

Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. “In some cases, we believe the actors worked with the target’s ISP to disable the target’s mobile data connectivity. ” reads the report published by Google. Pierluigi Paganini.

Surveillance

Surveillance Mobile Spyware Telecommunications

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. This attack scenario sees attackers monitoring and manipulating the Internet traffic of the target. reads the analysis published by Amnesty International in October.

Spyware

Spyware Surveillance Mobile Advertising

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

APT C-23 group targets Middle East with an enhanced Android spyware variant

Security Affairs

NOVEMBER 26, 2021

A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e.

Spyware

Spyware Social Engineering Surveillance Engineering

Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit?

Security Affairs

AUGUST 28, 2022

The offer includes remote, one-click browser-based exploits that allow threat actors to compromise both Android and iOS mobile devices. The leaked documentation demonstrates that the company offers services for remote data extraction from Android and iOS devices. Follow me on Twitter: @securityaffairs and Facebook.

Surveillance

Surveillance Spyware Mobile Hacking

Security Affairs newsletter Round 269

Security Affairs

JUNE 21, 2020

Maze ransomware gang hacked M&A firm Threadstone Advisors LLP Ransomware attack disrupts operations at Australian beverage company Lion Tech firms suspend use of ‘biased facial recognition technology Accessories giant Claires is the victim of a Magecart attack, credit card data exposed Black Kingdom ransomware operators exploit Pulse VPN flaws (..)

DDOS

DDOS Spyware Mobile Advertising

UN approves Russia-Cina sponsored resolution on new cybercrime convention

Security Affairs

DECEMBER 30, 2019

Security experts have detected and analyzed some of the tools in its arsenals, such as the popular Pegasus spyware (for iOS) and Chrysaor (for Android). In September 2018, a report published by Citizen Lab revealed that the NSO Pegasus spyware was used against targets across 45 countries worldwide.

Cybercrime

Cybercrime Surveillance Spyware Government

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

JANUARY 28, 2019

Consider that most of us spend more time navigating the Internet on our laptops and smartphones than we do behind the wheel of a car. But the larger point is that Xbash is just one of dozens of malware families circulating far and wide across the Internet. Credential stuffing campaigns have become part of the fabric of the Internet.

Passwords

Passwords Password Management Antivirus Internet

After SIMJacker, WIBattack hacking technique disclosed. Billions of users at risk

Security Affairs

SEPTEMBER 28, 2019

Researchers are warning of a new variant of recently disclosed SimJacker attack, dubbed WIBattack , that could expose millions of mobile phones to remote hacking. WIBattack is a new variant of the recently discovered Simjacker attack method that could expose millions of mobile phones to remote hacking.

Hacking

Hacking Mobile Risk Advertising

Security Affairs newsletter Round 222 – News of the week

Security Affairs

JULY 13, 2019

Customers of 7-Eleven Japan lost $500,000 due to a flaw in the mobile app. Microsoft released Patch Tuesday security updates for July 2019. Parents Guide for Safe YouTube and Internet Streaming for Kids. New FinFisher spyware used to spy on iOS and Android users in 20 countries. Kindle Edition. Paper Copy.

Data breaches

Data breaches Spyware Advertising Government

NoReboot persistence technique fakes iPhone shutdown

Security Affairs

JANUARY 6, 2022

The experts pointed out that the phone remains fully functional and is still connected to the Internet despite that all physical feedback have been disabled, this means that a spyware can still spy on the users. “Since iOS 15, Apple introduced a new feature allowing users to track their phone even when it’s been turned off.

Spyware

Spyware Malware Internet Internet

Yana Peel, chief executive of London’s Galleries, resigned after discovery of her links with NSO group

Security Affairs

JUNE 18, 2019

The principal product of the NSO Group is a surveillance software called Pegasus , it allows to spy on the most common mobile devices, including iPhones, Androids, and BlackBerry and Symbian systems. Citizen Lab collected evidence of attacks against 175 targets worldwide carried on with the NSO spyware.

Surveillance

Surveillance Spyware Software Advertising

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Last Watchdog

FEBRUARY 28, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Cyber threats

Cyber threats Computers and Electronics Adware Spyware

The Most Common Types of Malware in 2021

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware

Malware Computers and Electronics Adware Spyware

MI5 seized Boris Johnson’s phone over security risk fears

Security Affairs

JUNE 21, 2021

The British Security Service, also known as MI5, has seized the mobile devices used by PM Boris Johnson over concerns that were raised after the discovery of the availability of its number online for the last 15 years. ” The case raises the importance of a good cyber security posture for politicians and government officials.

Risk

Risk Mobile Spyware Hacking

US NCSC and DoS share best practices against surveillance tools

Security Affairs

JANUARY 9, 2022

“Journalists, dissidents, and other persons around the world have been targeted and tracked using these tools, which allow malign actors to infect mobile and internet-connected devices with malware over both WiFi and cellular data connections.” ” reads the guidance.

Surveillance

Surveillance Mobile Spyware Malware

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

Joseph Steinberg

JULY 13, 2022

Apple last week announced new security features specifically intended to offer “specialized additional protection to users who may be at risk of highly targeted cyberattacks from private companies developing state-sponsored mercenary spyware.”. Also concerning is the fact that in Apple’s Lockdown announcement, Ivan Krsti?,

Cybersecurity

Cybersecurity Artificial Intelligence Government Social Engineering

Phishers turning hard-working: CERT-GIB records upsurge of phishing resource blockages as duration of attacks grows

Security Affairs

MAY 8, 2020

This sharp upsurge in the number of blockages stems from the growing duration of phishing attacks: cybercriminals used to stop their fraudulent campaign as soon as their web pages were blocked, quickly mobilizing efforts for attacks on other brands. Today, they no longer dwell on it and continue replacing removed pages with new ones.

Phishing

Phishing Spyware Banking Malware

Security Affairs newsletter Round 277

Security Affairs

AUGUST 16, 2020

gun exchange site on hacking forum Threat Report Portugal: Q2 2020 Emotet malware employed in fresh COVID19-themed spam campaign PoC exploit code for two Apache Struts 2 flaws available online XCSSET Mac spyware spreads via Xcode Projects. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Hacking Advertising Passwords

Who Wants to Support My Work Commercially?

Security Boulevard

JANUARY 25, 2022

Dancho Danchev’s “Astalavista Security Group – Investment Proposal” Presentation – A Photos Compilation. Dancho Danchev’s “Building and Implementing a Successful Information Security Policy” White Paper – [PDF]. Exposing a Currently Active NSO Spyware Group’s Domain Portfolio – WhoisXML API Analysis. Person on the U.S

Cybercrime

Cybercrime Hacking Scams Ransomware

How to Track Your Kids (and Other People's Kids) With the TicTocTrack Watch

Troy Hunt

APRIL 15, 2019

I've been involved with a bunch of really poorly implemented "Internet of Things" things in the past that presented serious privacy risks to those who used them. Not to mention the various spyware apps often installed on kids' phones to track them which then subsequently leak their data all over the internet. mSpy leaked data.

Spyware

Spyware Passwords Manufacturing Marketing

Security Affairs newsletter Round 444 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 5, 2023

Kinsing threat actors probed the Looney Tunables flaws in recent attacks ZDI discloses four zero-day flaws in Microsoft Exchange Okta customer support system breach impacted 134 customers Multiple WhatsApp mods spotted containing the CanesSpy Spyware Russian FSB arrested Russian hackers who supported Ukrainian cyber operations MuddyWater has been spotted (..)

Cyber Insurance

Cyber Insurance Cryptocurrency Internet Internet

Cyber Security Informer

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Webinars

Trending Sources

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Webinars

APT C-23 group targets Middle East with an enhanced Android spyware variant

Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit?

Security Affairs newsletter Round 269

UN approves Russia-Cina sponsored resolution on new cybercrime convention

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

After SIMJacker, WIBattack hacking technique disclosed. Billions of users at risk

Security Affairs newsletter Round 222 – News of the week

NoReboot persistence technique fakes iPhone shutdown

Yana Peel, chief executive of London’s Galleries, resigned after discovery of her links with NSO group

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Most Common Types of Malware in 2021

MI5 seized Boris Johnson’s phone over security risk fears

US NCSC and DoS share best practices against surveillance tools

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

Phishers turning hard-working: CERT-GIB records upsurge of phishing resource blockages as duration of attacks grows

Security Affairs newsletter Round 277

Who Wants to Support My Work Commercially?

How to Track Your Kids (and Other People's Kids) With the TicTocTrack Watch

Security Affairs newsletter Round 444 by Pierluigi Paganini – INTERNATIONAL EDITION

Stay Connected