Penetration Testing

NOVEMBER 29, 2023

In an era increasingly defined by digital surveillance, a recent incident in Serbia has thrown a stark light on the use of invasive spyware to suppress civil society. Access Now, SHARE Foundation, the Citizen... The post Serbian Spyware Scandal: Civil Society Under Siege appeared first on Penetration Testing.

Spyware 83

Spyware Penetration Testing Surveillance Malware 83

Penetration Testing

APRIL 25, 2024

SonicWall Capture Labs threat research team has recently uncovered sophisticated.NET managed code injection methods employed by the notorious AgentTesla malware, marking a significant advancement in malware delivery tactics.

Malware 117

Malware Penetration Testing Spyware 117

Penetration Testing

MAY 7, 2024

Security researchers at Kandji have found a dangerous new strain of macOS malware.

Penetration Testing 88

Penetration Testing Malware Spyware 88

Penetration Testing

APRIL 14, 2024

The resurgence of the LightSpy mobile spyware campaign poses a renewed and alarming threat to individuals and organizations in Southern Asia, particularly those potentially connected to India.

Penetration Testing 109

Penetration Testing Spyware Mobile Malware 109

Penetration Testing

JUNE 28, 2024

Cybersecurity researchers at FortiGuard Labs have uncovered a sophisticated cyberattack that leverages a known vulnerability in Microsoft Office to deliver a potent spyware payload known as MerkSpy.

Spyware 70

Spyware Malware Cybersecurity 70

Penetration Testing

APRIL 9, 2025

A recent advisory from the National Cyber Security Centre (NCSC UK) and its international partners has shed light on the activities of malicious cyber actors using sophisticated spyware to target specific groups of people.

Spyware 80

Spyware Cybersecurity Surveillance Mobile 80

Penetration Testing

DECEMBER 21, 2023

Born from the remnants of Cytrox, this spyware vendor has ascended to the echelons of intelligence agency-grade espionage tools. Cisco Talos’s... The post Unmasking Predator: Cisco Talos Exposes Spyware’s Hidden Depths appeared first on Penetration Testing.

Penetration Testing 84

Penetration Testing Spyware Malware 84

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware 98

Malware Banking Penetration Testing Healthcare 98

Penetration Testing

FEBRUARY 20, 2025

The Pegasus spyware, developed by Israeli commercial surveillance firm NSO Group, remains one of the most formidable threats The post Apple’s Spyware Detection: Only 50% Effective? appeared first on Cybersecurity News.

Spyware 67

Spyware Surveillance Cybersecurity Malware 67

Penetration Testing

DECEMBER 5, 2024

In an investigation, iVerify has revealed the pervasive presence of the notorious Pegasus spyware in mobile devices, uncovering seven infections in a sample of 2,500 user-scanned devices.

Spyware 70

Spyware Mobile Cybersecurity Malware 70

Penetration Testing

MARCH 15, 2025

A new Android surveillance tool, dubbed KoSpy, has been discovered by Lookout Threat Lab researchers, with evidence suggesting The post North Korean ScarCruft APT Targets Users with Novel KoSpy Android Spyware appeared first on Cybersecurity News.

Spyware 73

Spyware Surveillance Cybersecurity Malware 73

Penetration Testing

OCTOBER 29, 2024

ThreatFabric released a report detailing advancements in the LightSpy implant, an iOS spyware first identified in 2020, which has evolved into a more complex and damaging tool.

Spyware 67

Spyware Cybersecurity Malware 67

Penetration Testing

DECEMBER 12, 2024

Researchers at the Lookout Threat Lab have uncovered two sophisticated Android spyware families, BoneSpy and PlainGnome, attributed to the Russian-aligned Advanced Persistent Threat (APT) group Gamaredon.

Spyware 62

Spyware Cybersecurity Malware 62

Penetration Testing

DECEMBER 7, 2024

A joint investigation by the First Department and cybersecurity researchers has exposed the covert implantation of spyware resembling the Monokle family on a confiscated device returned to a Russian programmer....

Spyware 56

Spyware Cybersecurity Malware 56

Penetration Testing

JULY 1, 2024

The group is deploying a malicious Google Chrome extension called “TRANSLATEXT” to... The post North Korean Hackers Target South Korean Academics with New Chrome Extension Spyware appeared first on Cybersecurity News.

Spyware 65

Spyware Hacking Cybersecurity Malware 65

Penetration Testing

AUGUST 6, 2024

This spyware, named LianSpy, may have been active since mid-2021. Its detection difficulty is attributed to the attackers’ efforts to... The post New Android Spyware LianSpy Evade Detection for Years appeared first on Cybersecurity News.

Spyware 51

Spyware Cybersecurity Malware 51

Penetration Testing

DECEMBER 22, 2024

A California court has ruled that Israeli firm NSO Group is liable for hacking into WhatsApp and deploying its notorious Pegasus spyware. The ruling, delivered by Judge Phyllis Hamilton in... The post Pegasus Spyware: Court Finds NSO Group Liable for 1,400 Infections appeared first on Cybersecurity News.

Spyware 51

Spyware Hacking Cybersecurity Malware 51

SecureList

NOVEMBER 30, 2021

In November, Apple announced that it was taking legal action against NSO Group for developing software that targets its users with “malicious malware and spyware” Detecting infection traces from Pegasus and other advanced mobile malware is very tricky, and complicated by the security features of modern OSs such as iOS and Android.

Malware 139

Malware Mobile Spyware Surveillance 139

Penetration Testing

DECEMBER 20, 2023

The period from June to November has been marked by... The post From Magecart Mayhem to Ransomware Revamp: Inside ESET’s H2 2023 Cyber Threatscape appeared first on Penetration Testing.

Penetration Testing 90

Penetration Testing Ransomware Threat Reports Cybersecurity 90

eSecurity Planet

MAY 2, 2024

The vendor reports show that most attackers want credentials, most malware development is in credential-stealing software, and the market for stolen credentials is booming: Cisco: Found 54% of organizations experienced a cybersecurity incident; and of those incidents, 54% involved phishing and 37% involved credentials stuffing.

Cybersecurity 121

Cybersecurity DDOS Penetration Testing Passwords 121

Penetration Testing

JULY 29, 2024

Kaspersky researchers revealed the return of the Mandrake Android spyware, which has been discovered lurking on the Google Play Store for two years, amassing over 32,000 downloads across five different apps.

Spyware 70

Spyware Cybersecurity Malware 70

SecureList

NOVEMBER 22, 2022

Unlike common stealers, this malware gathered data that can be used to identify the victims, such as browsing histories, social networking account IDs and Wi-Fi networks. This has become a real stand-alone business in the dark web ( Malware-as-a-Service , MaaS). ATM and PoS malware to return with a vengeance.

Cryptocurrency 106

Cryptocurrency Mobile Ransomware Banking 106

Security Boulevard

MAY 3, 2021

Millions in the UK Targeted by Malware via a DHL Scam Text Message. That link would attempt to install spyware called Flubot, malware designed to steal online banking data from Andriod devices. . That link would attempt to install spyware called Flubot, malware designed to steal online banking data from Andriod devices. .

Ransomware 124

Ransomware Passwords Scams Government 124

Security Affairs

NOVEMBER 8, 2019

BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities. ” A new wave of attacks could exploit the vulnerability to spread more dangerous and destructive malware, like ransomware or spyware. . SecurityAffairs – Bluekeep, malware). Pierluigi Paganini.

Malware 75

Malware Penetration Testing Advertising Spyware 75

Penetration Testing

DECEMBER 16, 2024

A new report by Amnesty International reveals that NSO Group’s Pegasus spyware was used to target iPhones belonging to Serbian journalists and activists. The attacks were conducted using a zero-click... The post Zero-Click HomeKit Exploit Used to Spy on Serbian Journalists appeared first on Cybersecurity News.

Spyware 62

Spyware Cybersecurity Malware 62

eSecurity Planet

MARCH 14, 2023

Better network security monitors for attempts to exceed permissions, unusual behavior from authorized users, and network activity that may indicate compromise or malware activity. to attacker-controlled endpoint resources in order to steal login information or infect the endpoint with malware. or network traffic.

Network Security 98

Network Security Firewall Penetration Testing Encryption 98

SecureList

AUGUST 15, 2022

New technique for installing fileless malware. Earlier this year, we discovered a malicious campaign that employed a new technique for installing fileless malware on target machines by injecting a shellcode directly into Windows event logs. WinDealer’s man-on-the-side spyware. Other malware. Non-mobile statistics.

Mobile 98

Mobile Ransomware Malware Encryption 98

eSecurity Planet

MARCH 22, 2023

Better network security monitors for authorized, but inappropriate activities or unusual behavior that may indicate compromise, malware activity, or insider threat. Penetration testing and vulnerability scanning should be used to test proper implementation and configuration. and mobile (phones, tablets, etc.)

Firewall 109

Firewall Network Security Penetration Testing Encryption 109

Security Affairs

JANUARY 10, 2021

The Solarwinds Orion Cybersecurity product itself became the target of a Cyber-attack , with the software product updates being infected with the SUNBURST malware which created a backdoor into 18,000 customers who updated their Orion software with the infected updates. For more information on this breach, see SolarWinds Cyber Attack.

Cyber Attacks 127

Cyber Attacks Government Software Surveillance 127

Herjavec Group

AUGUST 26, 2021

After being released in 2003, he uses WiFi to commit attacks, program malware and steal credit card information. 1999 — NASA and Defense Department Hack — Jonathan James, 15, manages to penetrate U.S. The hackers use malware to infiltrate banks’ computer systems and gather personal data, stealing £650 million from global banks.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

Penetration Testing

DECEMBER 11, 2024

Researchers at the Lookout Threat Lab have identified a sophisticated surveillance tool, dubbed EagleMsgSpy, reportedly used by law enforcement agencies in mainland China. The tool, operational since at least 2017,... The post EagleMsgSpy: Unmasking a Sophisticated Chinese Surveillance Tool appeared first on Cybersecurity News.

Surveillance 120

Surveillance Cybersecurity Spyware Malware 120

ForAllSecure

APRIL 26, 2023

In this blog post, we'll explore common techniques used to penetrate systems and how organizations can defend against each type of attack. Common Types of Cyber Attacks Common techniques that criminal hackers use to penetrate systems include social engineering, password attacks, malware, and exploitation of software vulnerabilities.

Social Engineering 40

Social Engineering Passwords Engineering Software 40

Penetration Testing

DECEMBER 19, 2024

McAfee Labs uncovered a malicious app on the Amazon Appstore that disguised itself as a simple health tool while secretly stealing sensitive user data. The app, named BMI CalculationVsn, pretended... The post Malicious App Found on Amazon Appstore Masquerades as Health Tool appeared first on Cybersecurity News.

Cybersecurity 109

Cybersecurity Spyware Malware 109

Cytelligence

FEBRUARY 25, 2023

Ransomware: Ransomware is a type of malware that encrypts data on a victim’s computer and demands payment in exchange for the decryption key. Ensure that your antivirus and anti-malware software is up to date and regularly run scans to detect any potential threats. It includes viruses, worms, and Trojans.

Cyber Attacks 40

Cyber Attacks IoT Authentication Antivirus 40

SecureList

OCTOBER 26, 2021

Following this, they were tricked into downloading previously unknown malware. The backdoor, dubbed Tomiris, bears a number of similarities to the second-stage malware, Sunshuttle (aka GoldMax), used by DarkHalo last year. When victims tried to access their corporate mail, they were redirected to a fake copy of the web interface.

Malware 145

Malware Government Surveillance Spyware 145