Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 123

Spyware Surveillance DDOS Identity Theft 123

Security Affairs

NOVEMBER 24, 2024

CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)

Cybercrime 69

Cybercrime Artificial Intelligence Hacking VPN 69

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 123

Social Engineering Data breaches Spyware Malware 123

Security Affairs

JULY 24, 2022

released in Dark Web – malicious shortcut-based attacks are on the rise Tor Browser 11.5 is optimized to automatically bypass censorship A massive cyberattack hit Albania Watch out for the CVE-2022-30136 Windows NFS Remote Code Execution flaw Graff paid a $7.5M released in Dark Web – malicious shortcut-based attacks are on the rise Tor Browser 11.5

Spyware 106

Spyware Surveillance Malware Insurance 106

Security Affairs

FEBRUARY 14, 2021

COMB breach: 3.2B COMB breach: 3.2B

Phishing 109

Phishing Spyware Data breaches Ransomware 109

eSecurity Planet

FEBRUARY 22, 2022

NSO Group’s Pegasus software has been routinely in the headlines in recent years for using zero-click attacks to install its spyware. Also read: Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities. Spyware and Zero-Days: A Troubling Market. Pegasus Might Not Be as Stealthy as NSO Claims.

Spyware 125

Spyware Software Government Social Engineering 125

Security Affairs

SEPTEMBER 1, 2024

CISA adds Google Chromium V8 bug to its Known Exploited Vulnerabilities catalog Young Consulting data breach impacts 954,177 individuals BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085 US offers $2.5M reward for Belarusian man involved in mass malware distribution U.S.

Malware 117

Malware Surveillance Firewall Phishing 117

Security Affairs

AUGUST 29, 2021

LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs Memorial Health System forced to cancel surgeries after ransomware attack Google discloses unpatched Microsoft WFP Default Rules AppContainer Bypass EoP. Be sure it is up to date! Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Data breaches 106

Data breaches Spyware Hacking Ransomware 106

Security Affairs

JUNE 20, 2022

US DoJ announced to have shut down the Russian RSOCKS Botnet MaliBot Android Banking Trojan targets Spain and Italy Chinese DriftingCloud APT exploited Sophos Firewall Zero-Day before it was fixed Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould (..)

Spyware 104

Spyware DNS Ransomware Surveillance 104

Security Affairs

FEBRUARY 13, 2022

to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps. US seizes $3.6 US seizes $3.6 Pierluigi Paganini.

Ransomware 98

Ransomware Spyware Surveillance Hacking 98

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 98

Spyware Ransomware Malware Data breaches 98

Security Affairs

JUNE 26, 2022

SecurityAffairs awarded as Best European Personal Cybersecurity Blog 2022 Crooks are using RIG Exploit Kit to push Dridex instead of Raccoon stealer Flagstar Bank discloses a data breach that impacted 1.5 Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Small Business 98

Small Business Spyware Data breaches Surveillance 98

Security Affairs

SEPTEMBER 24, 2023

0-days exploited by commercial surveillance vendor in Egypt PREDATOR IN THE WIRES OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes Cybersecurity Apple and Google Are Introducing New Ways to Defeat Cell Site Simulators, But Is it Enough?

Cyber Attacks 119

Cyber Attacks Firewall Data breaches Telecommunications 119

Security Affairs

APRIL 16, 2023

New Android malicious library Goldoson found in 60 apps +100M downloads Siemens Metaverse exposes sensitive corporate data CISA adds bugs in Android and Novi Survey to its Known Exploited Vulnerabilities catalog Volvo retailer leaks sensitive files A cyberattack on the Cornwall Community Hospital in Ontario is causing treatment delays Google fixed (..)

Data breaches 98

Data breaches Spyware Surveillance Retail 98

Security Affairs

JULY 21, 2019

Emsisoft released a free decryptor for the Ims00rry ransomware. DoppelPaymer, a fork of BitPaymer Ransomware, appeared in the threat landscape. Experts spotted a rare Linux Desktop spyware dubbed EvilGnome. Israel surveillance firm NSO group can mine data from major social media. Scraping the TOR for rare contents.

Small Business 85

Small Business Media Spyware Advertising 85

SecureList

NOVEMBER 28, 2024

Epeius is a commercial spyware tool developed by an Italian company that claims to provide intelligence solutions to law enforcement agencies and governments. The second, an article published in 2024 by the Google Threat Analysis Group, described the business model of various companies that provide commercial surveillance solutions.

Malware 117

Malware Government Software Spyware 117

Security Affairs

JULY 15, 2023

Government agencies SonicWall urges organizations to fix critical flaws in GMS/Analytics products Citrix fixed a critical flaw in Secure Access Client for Ubuntu Cl0p hacker operating from Russia-Ukraine war front line – exclusive Fortinet fixed a critical flaw in FortiOS and FortiProxy Microsoft mitigated an attack by Chinese threat actor Storm-0558 (..)

Spyware 98

Spyware Hacking Data breaches Mobile 98

Security Affairs

DECEMBER 15, 2024

CISA adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog German agency BSI sinkholed a botnet of 30,000 devices infected with BadBox U.S.

Firewall 63

Firewall Spyware Surveillance Cybercrime 63

Security Affairs

DECEMBER 15, 2024

PROXY.AM (..)

Malware 56

Malware IoT Spyware DNS 56

SecureWorld News

AUGUST 8, 2022

Cybercriminals often use malware to gain access to a computer or mobile device to deploy viruses, worms, Trojans, ransomware, spyware, and rootkits. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware. Qakbot can also be used to form botnets.

Malware 98

Malware Banking Penetration Testing Healthcare 98

Security Affairs

JANUARY 10, 2021

At the end of November the company announced that it suffered a ransomware cyber-attack resulting in the disclosure of data “attributed to the company”. In December 2020, Symrise AG confirmed that they were the target of Clop Ransomware attack, when 500GB of their data from over 1000 infected devices was encrypted by cyber criminals.

Cyber Attacks 123

Cyber Attacks Government Software Surveillance 123

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 98

Data breaches Malware Mobile Spyware 98

Security Affairs

JULY 7, 2019

ViceLeaker Android spyware targets users in the Middle East. LooCipher: The New Infernal Ransomware. China installs a surveillance app on tourists phones while crossing in the Xinjiang. Sodin Ransomware includes exploit for Windows CVE-2018-8453 bug. A cyberattack took offline websites of the Georgia agency.

Scams 68

Scams Advertising Spyware DNS 68

eSecurity Planet

MARCH 27, 2023

A quarter were financially motivated, and three of those were linked to ransomware operations. Exploitation of enterprise IT zero-day vulnerabilities are continuing into 2023, led by a Fortra GoAnywhere zero-day that has been behind more than a hundred attacks by the Clop ransomware group.

Firewall 104

Firewall Internet Internet Ransomware 104

Security Affairs

AUGUST 4, 2018

Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . · Reddit discloses a data breach, a hacker accessed user data. · SamSam Ransomware operators earned more than US$5.9 Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency 57

Cryptocurrency Data breaches Spyware Advertising 57

SecureList

NOVEMBER 14, 2022

The cyber-offense ecosystem still appears to be shaken by the sudden demise of NSO Group; at the same time, these activities indicate to us that we’ve only seen the tip of the iceberg when it comes to commercial-grade mobile surveillance tooling. The next WannaCry.

Firmware 126

Firmware Surveillance Mobile Telecommunications 126

Security Boulevard

SEPTEMBER 30, 2021

A look at the nature and effects of legal, advanced spyware on application security. While multimillion-dollar ransomware demands are shocking, they can be quickly forgotten. Pegasus is an advanced spyware that exploits vulnerable mobile apps to gain a foothold on iPhone and Android devices. What is Pegasus?

Spyware 52

Spyware Government Surveillance Mobile 52

Malwarebytes

SEPTEMBER 27, 2021

Uber scam lures victims with alert from a real Uber number Teaching cybersecurity skills to special needs children with Alana Robinson: Lock and Code S02E18.

Phishing 67

Phishing Surveillance Malware Backups 67

Pen Test Partners

MAY 26, 2025

iPhone prize scams, ransomware attacks that weren’t, aiding the Steele Dossier case, and even a fraudulent 14 million transfer. Our investigation revealed spyware with call-forwarding and banking credential capture, likely installed via custom firmware on the device. It wasn’t malware it was surveillance.

Banking 59

Banking VPN Ransomware Scams 59

SecureList

NOVEMBER 14, 2023

The malware posed as ransomware, demanding money from the victims for “decrypting” their data. This politician became the target of a previously undiscovered “zero-day” attack aimed at infecting his phone with spyware. However, instead of encrypting the data, it purposefully destroyed it in the affected systems.

Hacking 139

Hacking Energy and Utilities Media Malware 139

Security Affairs

SEPTEMBER 9, 2024

Researchers warn of a fresh cluster of activity associated with the Predator spyware using a new infrastructure, following the U.S. Recorded Future researchers warn that the Predator spyware has resurfaced with fresh infrastructure after a decline caused by US sanctions against Intellexa Consortium.

Spyware 134

Spyware Surveillance Government Risk 134

Security Affairs

MARCH 5, 2024

government sanctioned two individuals and five entities linked to the development and distribution of the Predator spyware used to target Americans. The surveillance software was also used to spy on U.S. The Department of the Treasury warns that the proliferation of commercial spyware poses growing risks to the United States.

Spyware 130

Spyware Surveillance Government Technology 130

SecureWorld News

JANUARY 9, 2025

Protecting military mobile devices Standards and policies will be implemented to secure Department of Defense mobile devices from foreign spyware. Agencies must report any compromises involving foreign spyware over the past two years. Nation-states harboring ransomware actors are now classified as hostile foreign cyber actors.

Cybersecurity 109

Cybersecurity Manufacturing Surveillance Ransomware 109

SecureList

NOVEMBER 17, 2021

Blackberry released a report centered around an entity they call Zebra 2104 and which appears to be an “initial access broker” According to their research, Zebra 2014 has provided ransomware operators with an initial foothold into some of their victims. More disruptive attacks. This prediction proved to be accurate.

Mobile 145

Mobile Surveillance Ransomware Government 145

SecureWorld News

NOVEMBER 4, 2021

The infamous Israel-based NSO Group, known for its hacking spyware Pegasus, was placed on the United States Government's Entity List for engaging in malicious cyber activities, along with three other foreign companies, Candiru, Computer Security Initiative Consultancy PTE (COSEINC), and Positive Technologies.

Spyware 98

Spyware Government Malware Mobile 98

Malwarebytes

JULY 2, 2023

Malwarebytes EDR and MDR removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business?

Spyware 94

Spyware Surveillance IoT Scams 94

Security Affairs

FEBRUARY 20, 2022

Follow me on Twitter: @securityaffairs and Facebook.

Banking 98

Banking Ransomware Spyware Surveillance 98