Information Security, Internet, Spyware and Surveillance

Commercial spyware vendors are behind most zero-day exploits discovered by Google TAG

Security Affairs

FEBRUARY 6, 2024

Google’s TAG revealed that Commercial spyware vendors (CSV) were behind most of the zero-day vulnerabilities discovered in 2023. Surveillance software is used to spy on high-risk users, including journalists, human rights defenders, dissidents and opposition party politicians. ” concludes Google.

Spyware

Spyware Surveillance Government Software

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 1, 2023

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. Cybersecurity and Infrastructure Security Agency (CISA) has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Spyware

Spyware Surveillance Mobile Education

Pegasus spyware used to spy on a Polish mayor

Security Affairs

MARCH 3, 2023

The phone of an opposition-linked Polish mayor was infected with the powerful Pegasus spyware, local media reported. Reuters reported that the phone of an opposition-linked Polish mayor was infected with the Pegasus spyware. According to rumors, the Polish special services are using surveillance software to spy on government opponents.

Spyware

Spyware Surveillance Hacking Government

Google links three exploitation frameworks to Spanish commercial spyware vendor Variston

Security Affairs

NOVEMBER 30, 2022

Google’s Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. While tracking the activities of commercial spyware vendors, Threat Analysis Group (TAG) spotted an exploitation framework likely linked Variston IT, a Spanish firm. ” TAG concludes.

Spyware

Spyware Surveillance Risk Internet

Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit?

Security Affairs

AUGUST 28, 2022

Leaked documents show the surveillance firm Intellexa offering exploits for iOS and Android devices for $8 Million. Intellexa is an Israeli surveillance firm founded by Israeli entrepreneur Tal Dilian, it offers surveillance and hacking solution to law enforcement and intelligence agencies. appeared first on Security Affairs.

Surveillance

Surveillance Spyware Mobile Hacking

Austria investigates DSIRF firm for allegedly developing Subzero spyware

Security Affairs

AUGUST 2, 2022

Austria is investigating a report that an Austrian firm DSIRF developed spyware targeting law firms, banks and consultancies. The group targets entities in Europe and Central America with a surveillance tool dubbed Subzero. “Of course, DSN (the National Security and Intelligence Directorate) checks the allegations.

Spyware

Spyware Surveillance Banking Hacking

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Security Affairs

JUNE 24, 2022

Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. TAG researchers tracked more than 30 vendors selling exploits or surveillance capabilities to nation-state actors. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Surveillance

Surveillance Mobile Spyware Telecommunications

Spyware, ransomware and Nation-state hacking: Q&A from a recent interview

Security Affairs

FEBRUARY 10, 2022

I transcribed a recent interview, here some questions and answers about nation-state hacking, spyware, and cyber warfare. Enjoy” How has spyware changed the rules of cyber security in recent years? What will cyber security look like now that those tools are all over the internet?

Spyware

Spyware Hacking Ransomware Surveillance

Google TAG shares details about exploit chains used to install commercial spyware

Security Affairs

MARCH 29, 2023

Google’s Threat Analysis Group (TAG) discovered several exploit chains targeting Android, iOS, and Chrome to install commercial spyware. The exploit chains were used to install commercial spyware and malicious apps on targets’ devices. The experts pointed out that both campaigns were limited and highly targeted.

Spyware

Spyware Surveillance Firmware Internet

APT C-23 group targets Middle East with an enhanced Android spyware variant

Security Affairs

NOVEMBER 26, 2021

A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e.

Spyware

Spyware Social Engineering Surveillance Engineering

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. “Through our investigation we were able to confirm that his phone was targeted and put under surveillance during the same period he was prosecuted.”

Spyware

Spyware Surveillance Mobile Advertising

UN approves Russia-Cina sponsored resolution on new cybercrime convention

Security Affairs

DECEMBER 30, 2019

Many governments worldwide persecute their internal oppositions charging them with criminal activities and use strict online surveillance to track them. The surveillance software developed by NSO Group was used by government organizations worldwide to spy on human rights groups , activists, journalists, lawyers, and dissidents.

Cybercrime

Cybercrime Surveillance Spyware Government

Security Affairs newsletter Round 429 by Pierluigi Paganini – International edition

Security Affairs

JULY 23, 2023

Multiple DDoS botnets were observed targeting Zyxel devices CISA warns of attacks against Citrix NetScaler ADC and Gateway Devices Experts believe North Korea behind JumpCloud supply chain attack Nice Suzuki, sport: shame dealer left your data up for grabs Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group ALPHV/BlackCat and (..)

DDOS

DDOS Hacking Spyware Surveillance

Yana Peel, chief executive of London’s Galleries, resigned after discovery of her links with NSO group

Security Affairs

JUNE 18, 2019

The head of London’s Serpentine Galleries resigned on Tuesday following a Guardian report about her links to the Israeli surveillance firm NSO Group. Pegasus is a perfect tool for surveillance, it is able to steal any kind of data from smartphones and use them to spy on the surrounding environment through their camera and microphone.

Surveillance

Surveillance Spyware Software Advertising

US NCSC and DoS share best practices against surveillance tools

Security Affairs

JANUARY 9, 2022

The US NCSC and the Department of State published joint guidance on defending against attacks using commercial surveillance tools. In the last years, we have reported several cases of companies selling commercial surveillance tools to governments and other entities that have used them for malicious purposes. Pierluigi Paganini.

Surveillance

Surveillance Mobile Spyware Malware

After SIMJacker, WIBattack hacking technique disclosed. Billions of users at risk

Security Affairs

SEPTEMBER 28, 2019

The scary part of the story is that a private surveillance firm was aware of the zero-day flaw since at least two years and is actively exploiting the SimJacker vulnerability to spy on mobile users in several countries.

Hacking

Hacking Mobile Risk Advertising

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

Joseph Steinberg

JULY 13, 2022

Apple last week announced new security features specifically intended to offer “specialized additional protection to users who may be at risk of highly targeted cyberattacks from private companies developing state-sponsored mercenary spyware.”. Flip phones are not totally immune from government surveillance and action either.).

Cybersecurity

Cybersecurity Artificial Intelligence Government Social Engineering

MoonBounce UEFI implant spotted in a targeted APT41 attack

Security Affairs

JANUARY 21, 2022

“The purpose of the implant is to facilitate the deployment of user-mode malware that stages execution of further payloads downloaded from the internet;” reads the analysis published by Kaspersky. A UEFI bootkit implanted in the firmware could not be detected by AVs and any defense solution running on the OS level.

Firmware

Firmware Malware Spyware Surveillance

Security Affairs newsletter Round 221 – News of the week

Security Affairs

JULY 7, 2019

Germany and the Netherlands agreded to build TEN, the first ever joint military internet. Germany and the Netherlands agreed to build TEN, the first ever joint military internet. Is Your Browser Secure? Heres How to Secure Your Web Browser Against Attacks! ViceLeaker Android spyware targets users in the Middle East.

Scams

Scams Spyware DNS Advertising

Israeli surveillance firm Candiru used Windows zero-days to deploy spyware

Security Affairs

JULY 15, 2021

Experts said that Israeli surveillance firm Candiru, tracked as Sourgum, exploited zero-days to deliver a new Windows spyware. Microsoft and Citizen Lab believe that the secretive Israel-based Israeli surveillance firm Candiru, tracked as Sourgum, used Windows zero-day exploits to deliver a new Windows spyware dubbed DevilsTongue.

Spyware

Spyware Surveillance Manufacturing Government

Cyber Security Informer

Commercial spyware vendors are behind most zero-day exploits discovered by Google TAG

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Trending Sources

Pegasus spyware used to spy on a Polish mayor

Google links three exploitation frameworks to Spanish commercial spyware vendor Variston

Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit?

Austria investigates DSIRF firm for allegedly developing Subzero spyware

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Spyware, ransomware and Nation-state hacking: Q&A from a recent interview

Google TAG shares details about exploit chains used to install commercial spyware

APT C-23 group targets Middle East with an enhanced Android spyware variant

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

UN approves Russia-Cina sponsored resolution on new cybercrime convention

Security Affairs newsletter Round 429 by Pierluigi Paganini – International edition

Yana Peel, chief executive of London’s Galleries, resigned after discovery of her links with NSO group

US NCSC and DoS share best practices against surveillance tools

After SIMJacker, WIBattack hacking technique disclosed. Billions of users at risk

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

MoonBounce UEFI implant spotted in a targeted APT41 attack

Security Affairs newsletter Round 221 – News of the week

Israeli surveillance firm Candiru used Windows zero-days to deploy spyware

Stay Connected