Security Affairs

FEBRUARY 2, 2025

WhatsApp linked the hacking campaign to Paragon, an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024. The WIS, among other things, allows defendants clients to send cipher files with installation vectors that ultimately allow the clients to surveil target users.

Spyware

Security Affairs

APRIL 29, 2025

The report published by GTIG highlights evolving attacker tactics, better vendor defenses, and growing challenges in detecting commercial surveillance activity. GTIG experts reported that in 2024, zero-day attacks targeting enterprise tech grew, while browser and mobile exploits dropped. ” reads the report published GTIG.

Surveillance

Schneier on Security

JULY 24, 2025

For example, imagine digital verification that works like a locked mobile phone—it works when you’re the one who can unlock and use it, but not if someone else grabs it from you. Developers no longer need to build and maintain extensive data storage systems, surveillance infrastructure, or analytics pipelines. Unlike Web 2.0

Architecture

Security Affairs

APRIL 8, 2025

The Meta-owned company linked the hacking campaign to Paragon , an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,mobile)

Spyware

SecureWorld News

JUNE 24, 2025

That warning has prompted discussion across the cybersecurity community, including from former CISA Director Jen Easterly , who emphasized vigilance and resilience in the face of global instability in this LinkedIn post: Destructive malware and mobile surveillance: Iran's capabilities Iran's cyber arsenal includes more than basic espionage.

Cyber threats

Security Affairs

MARCH 20, 2025

The use of popular instant messaging apps on both mobile and desktop devices broadens the attack surface, creating uncontrolled information exchange channels that bypass security measures. DCRat first appeared in the threat landscape in 2018, but a year later it was redesigned and relaunched.

Computers and Electronics

Security Affairs

FEBRUARY 26, 2025

A recent analysis of LightSpy servers reveals expanded command capabilities, growing from 55 to over 100 commands across multiple platforms, including mobile and desktop. Command set modifications and Windows-targeted plugins suggest that operators continue to refine their data collection and surveillance approach across multiple platforms.”

Data collection

Malwarebytes

JULY 3, 2025

And seven years on, the Bureau’s defenses against this kind of surveillance are still inadequate. It identifies a threat that it calls ubiquitous technical surveillance (UTS), in which an attacker combines different kinds of data to build up a detailed profile of a subject.

Hacking

Security Affairs

DECEMBER 4, 2024

The Salt Typhoon group targeted surveillance systems used by the US government to investigate crimes and threats to national security, including activities carried out by nation-state actors. T-Mobile detected recent infiltration attempts but confirmed no unauthorized system access occurred, and no sensitive data was compromised.

Telecommunications

Security Affairs

MARCH 21, 2025

Russian intelligence agencies could use these exploits for surveillance and espionage purposes. Zero-day prices have risen as the level of security of messaging apps and mobile devices becomes harder to hack. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,zero-day)

Government

Malwarebytes

MARCH 20, 2025

Paragon Solutions is an Israeli company which sells high-end surveillance technology primarily to government clients, positioning its products as essential for combating crime and national security. The work done by CitizenLab has led to greater understanding of the global digital surveillance landscape and its implications for human rights.

Spyware

Malwarebytes

MAY 1, 2025

Government-backed groups and customers of commercial surveillance vendors (that’s sanitized corporate-speak for spyware) were responsible for over half the attacks that the researchers were able to attribute. Google said attackers are having less success targeting browsers and mobile operating systems.

Spyware

Malwarebytes

APRIL 3, 2025

Not one but several worried parents that tracked their children by using T-Mobile tracking devices suddenly found that they were looking at the location of random other children. T-Mobile sells a small GPS tracker called SyncUP , which can be used to track, among others, the locations of young children who dont have cell phones yet.

Mobile

Malwarebytes

MAY 8, 2025

According to the original complaint against NSO Group, filed in October 2019, the spyware vendor used WhatsApp servers to send malware to around 1400 mobile phones. Keep threats off your mobile devices by downloading Malwarebytes for iOS , and Malwarebytes for Android today. Facebook has its own initiative.

Spyware

Security Affairs

JUNE 24, 2025

” “House staff are NOT allowed to download or keep the WhatsApp application on any House device, including any mobile, desktop, or web browser versions of its products.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, mobile)

Government

SecureWorld News

APRIL 28, 2025

Open on mobile? It shifts to a mobile-friendly layout. These attacks don't just target specific bits of informationtheir goal are entire surveillance systems , production workflows, and collections of trade secrets. Click a link? The landing page adapts to your browser type. Report the email? What are we doing about it?

Phishing

Zero Day

JUNE 17, 2025

"The company and its founder have worked with government spy agencies and surveillance industry contractors to surveil mobile phones and track user location," Bloomberg reported. This past April, UK phone regulator Ofcom banned global title leasing for UK carriers , citing the threat to mobile phone users.

Authentication

Security Affairs

NOVEMBER 18, 2024

government surveillance. Meni has over 15 years of expertise in various industries such as cloud management, dev tools, e-commerce, mobile games, and more. After the invalidation of the EU-U.S. Privacy Shield in 2020, Meta continued transferring data under a framework that was deemed insufficient to protect European citizens from U.S.

Data privacy

Malwarebytes

JULY 3, 2025

Stalkerware refers to apps and other monitoring software that enable someone to secretly spy on another person’s private life via their mobile device or computer. Another case involved Spyhide , where a security researcher uncovered a decade of surveillance on tens of thousands of Android devices.

Surveillance

Penetration Testing

MAY 26, 2025

CYFIRMA researchers have uncovered a highly advanced Android remote access trojan (RAT), dubbed GhostSpy, capable of full-spectrum surveillance, The post GhostSpy: Advanced Android RAT Steals Banking Info & Bypasses Security appeared first on Daily CyberSecurity.

Banking

We Live Security

AUGUST 1, 2025

Rather than involving trench coats and secret missions, its now about silent cyberthreats that can turn phones into secret surveillance devices.

Spyware

Security Affairs

MARCH 3, 2025

Any further exports of surveillance or digital forensics technology to Serbia must be stopped until the authorities have implemented an effective and independent system of control and oversight over any measures that could restrict peoples right to privacy, freedom of expression or peaceful assembly. added Donncha Cearbhaill.

Hacking

Penetration Testing

JUNE 5, 2025

iVerify uncovered "NICKNAME," a zero-click iMessage vulnerability linked to state-sponsored surveillance on high-value targets in the US & EU, now patched.

Surveillance

We Live Security

AUGUST 8, 2025

Spyware designed to turn your phone into a secret surveillance device. which falsely claim your device is compromised with malware ) phishing links, either sent via email, text or social media messages Evasion techniques Adware developers also go to some lengths to evade detection by unsuspecting mobile users and security tools.

Adware

Security Affairs

MARCH 19, 2025

The Meta-owned company linked the hacking campaign to Paragon, an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024. The hacking campaign targeted 90 users and was disrupted in December, WhatsApp immediately alerted targeted users of a possible compromise of their devices.

Spyware

Security Affairs

DECEMBER 7, 2024

“The spyware bears many similarities to the Monokle family of spyware, previously reported on by Lookout Mobile Security , which they attribute to the Special Technology Center, a contractor to the Russian government.” These extended capabilities suggest that the malware aims for comprehensive surveillance of the target device.

Spyware

Security Boulevard

MARCH 24, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Cape is a mobile carrier startup claiming to provide a more secure and private service alternative to traditional telecommunications services. They also have appeared to partner with Proton.

Surveillance

Security Boulevard

MARCH 31, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Successful security assessment of our Android app Mullvad Mullvad's Android app has successfully passed the Mobile Application Security Assessment (MASA), conducted by NCC Group.

Surveillance

Security Affairs

OCTOBER 27, 2024

Zero-days Iranian hacker group aims at US election websites and media before vote, Microsoft says Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs Amazon identified internet domains abused by APT29 RDP configuration files as a means of obtaining remote access to a computer or “Rogue RDP” (..)

Data breaches

Security Affairs

AUGUST 1, 2025

ZDI announced the return of the SOHO Smashup category with added difficulty, they also revealed that a new USB attack vector has been added to the mobile category. . “They are so excited for it, we’re putting up $1,000,000 for a 0-click WhatsApp bug that leads to code execution.”

Surveillance

Krebs on Security

NOVEMBER 5, 2024

Department of Justice (DOJ) for a 2021 breach at T-Mobile that exposed the personal information of at least 76.6 However, it is unclear if Binns faces any immediate threat of extradition to the United States, where he is currently wanted on criminal hacking charges tied to the 2021 breach at T-Mobile. million customers.

Cybercrime

SecureWorld News

APRIL 13, 2025

As businesses increasingly seek to integrate robust cybersecurity measures during their app development processes, mobile development consulting can play a vital role in ensuring that security is prioritized from the outset. In addition to these digital measures, robust physical security policies and measures are also crucial.

Cybersecurity

Security Affairs

JULY 4, 2025

As such, these apps are commonly referred to as “stalkerware” (or spouseware) for their propensity to facilitate non-consensual surveillance of spouses and romantic partners, which is illegal.

Spyware

Zero Day

JUNE 22, 2025

The attacker may conduct surveillance first, mapping a network to find the most valuable resources or to discover potential pathways to jump into other systems. You must also inform your bank or financial services provider so they can be on the lookout for suspicious and fraudulent transactions. 

Passwords

eSecurity Planet

JUNE 25, 2025

Briar Briar is built for when traditional networks fail, or surveillance is everywhere. It supports encrypted text, voice, video, and file sharing on mobile and desktop, and the free version already includes E2EE and metadata secrecy. You don’t need to share your phone number, email, or address book.

Encryption

Security Boulevard

APRIL 22, 2025

Your screen is shared throughout the exam, youre under near-continuous video surveillance, and you must perform a 360-degree scan of your workspace to confirm that no unauthorized devices or individuals are present. GitHub , GitLab , or OneNote ) Terminate unnecessary screen-sharing programs (e.g.,

Penetration Testing

Security Boulevard

JULY 1, 2025

In this country, the regime’s surveillance apparatus was sophisticated—watching, listening, inspecting packets of network data for even the faintest whiff of foreign interference. That’s where Dispersive Stealth Networking came in. . - Nothing was stored locally. But that wasn’t enough.

Encryption