Security Boulevard

SEPTEMBER 25, 2023

The post More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator appeared first on Security Boulevard. Apple Scrambled to Fix 3 More CVEs: Egyptian opposition presidential candidate Ahmed Eltantawy targeted “by the government.

Spyware 125

Spyware Government Security Awareness Social Engineering 125

Schneier on Security

DECEMBER 13, 2021

Its Pegasus spyware was used against nine US State Department employees. We don’t know which NSO Group customer trained the spyware on the US. NSO Group’s descent into Internet pariah status continues. ”

Spyware 304

Spyware Internet Internet Government 304

Security Boulevard

MAY 30, 2023

Intellexa mercenary spyware chains five unpatched bugs—plus ‘Alien’ technology The post ‘Predator’ — Nasty Android Spyware Revealed appeared first on Security Boulevard.

Spyware 120

Spyware Technology Security Awareness Social Engineering 120

Bleeping Computer

SEPTEMBER 22, 2023

Security researchers with the Citizen Lab and Google's Threat Analysis Group (TAG) revealed today that three zero-days patched by Apple on Thursday were abused as part of an exploit chain to install Cytrox's Predator spyware. [.]

Spyware 123

Spyware 123

SecureWorld News

SEPTEMBER 13, 2023

Alarming details have emerged about the exploitation of two Zero-Day vulnerabilities to deploy NSO Group's Pegasus commercial spyware on iPhones. Pegasus spyware and the controversial NSO Group Over the past few years, NSO Group, an Israeli spyware company, has been at the center of numerous controversies.

Spyware 107

Spyware Cybersecurity Government Backups 107

Security Affairs

SEPTEMBER 7, 2023

Citizen Lab reported that the actively exploited zero-days fixed by Apple are being used in Pegasus spyware attacks Researchers at Citizen Lab reported that the actively exploited zero-day flaws (CVE-2023-41064 and CVE-2023-41061) fixed by Apple are being used to infect devices with NSO Group ’s Pegasus spyware.

Spyware 112

Spyware Hacking Accountability Information Security 112

Bleeping Computer

SEPTEMBER 7, 2023

Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain (dubbed BLASTPASS) to deploy NSO Group's Pegasus commercial spyware onto fully patched iPhones. [.]

Spyware 142

Spyware 142

Schneier on Security

DECEMBER 17, 2020

Lots of details in the article. The cyberweapons arms business is immoral in many ways. This is just one of them.

Spyware 315

Spyware Surveillance Hacking Government 315

Bleeping Computer

SEPTEMBER 10, 2023

Several malicious Telegram clones for Android on Google Play were installed over 60,000 times, infecting people with spyware that steals user messages, contacts lists, and other data. [.]

Spyware 135

Spyware Mobile 135

Security Affairs

SEPTEMBER 22, 2023

Citizen Lab and Google’s TAG revealed that the three recently patched Apple zero-days were used to install Cytrox Predator spyware. citizenlab in coordination with @Google ’s TAG team found that former Egyptian MP Ahmed Eltantawy was targeted with Cytrox’s #Predator #spyware through links sent via SMS and WhatsApp.

Spyware 105

Spyware Surveillance Hacking Mobile 105

Security Affairs

SEPTEMBER 14, 2023

The iPhone of a prominent Russian journalist, who is at odds with Moscow, was infected with NSO Group’s Pegasus spyware. The iPhone of the Russian journalist Galina Timchenko was compromised with NSO Group’s Pegasus spyware. The threat actors used a zero-click exploit, likely the PWNYOURHOME. ” reported Citizen Lab.

Spyware 92

Spyware Surveillance Hacking Government 92

Schneier on Security

APRIL 11, 2019

Kaspersky has released details about a sophisticated nation-state spyware it calls TajMahal: The TajMahal framework's 80 modules, Shulmin says, comprise not only the typical keylogging and screengrabbing features of spyware, but also never-before-seen and obscure tricks. No speculation on who wrote and controls it. More details.

Spyware 219

Spyware Malware 219

The Hacker News

SEPTEMBER 22, 2023

The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023.

Spyware 126

Spyware 126

Graham Cluley

SEPTEMBER 14, 2023

CISA, the United States's Cybersecurity and Infrastructure Security Agency, has ordered federal agencies to patch their iPhones against vulnerabilities that can be used as part of a zero-click attack to install spyware from the notorious NSO Group. Read more in my article on the Tripwire State of Security blog.

Spyware 103

Spyware Government Cybersecurity Malware 103

The Hacker News

SEPTEMBER 9, 2023

Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that’s designed to harvest sensitive information from compromised Android devices.

Spyware 135

Spyware 135

The Hacker News

SEPTEMBER 14, 2023

The iPhone belonging to Galina Timchenko, a prominent Russian journalist and critic of the government, was compromised with NSO Group's Pegasus spyware, a new collaborative investigation from Access Now and the Citizen Lab has revealed. The infiltration is said to have happened on or around February 10, 2023.

Spyware 114

Spyware Government 114

The Hacker News

SEPTEMBER 8, 2023

Apple on Thursday released emergency security updates for iOS, iPadOS, macOS, and watchOS to address two zero-day flaws that have been exploited in the wild to deliver NSO Group's Pegasus mercenary spyware.

Spyware 139

Spyware 139

The Hacker News

AUGUST 30, 2023

Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy Store that are engineered to deliver the BadBazaar spyware on infected devices. Slovakian company ESET attributed the campaign to a China-linked actor called GREF.

Spyware 124

Spyware Cybersecurity Engineering 124

Malwarebytes

AUGUST 30, 2023

Anonymous hackers have breached the servers of spyware app “WebDetetive ” , accessing the user database. Spyware apps are installed on a potential victim’s phone without permission and lurk invisibly, collecting data and sending it back to the app operator. Use an antivirus on your phone.

Spyware 88

Spyware Antivirus Mobile Cybersecurity 88

Security Boulevard

JUNE 28, 2023

The post Ironic: LetMeSpy Spyware Hackers Were Hacked (by Hackers) appeared first on Security Boulevard. Content warning: Abuse, stalking, controlling behavior, Schadenfreude, irony, doxxing.

Spyware 109

Spyware Hacking Security Awareness Data breaches 109

Security Affairs

MAY 29, 2023

Cisco Talos and the Citizen Lab researchers have published a technical analysis of the powerful Android spyware Predator. Security researchers at Cisco Talos and the Citizen Lab have shared technical details about a commercial Android spyware named Predator that is sold by the surveillance firm Intellexa (formerly known as Cytrox).

Spyware 94

Spyware Surveillance Malware Hacking 94

Bleeping Computer

JUNE 21, 2023

Apple addressed three new zero-day vulnerabilities exploited in attacks installing Triangulation spyware on iPhones via iMessage zero-click exploits. [.]

Spyware 145

Spyware 145

Security Boulevard

JULY 19, 2023

Adds ‘Mercenary Spyware’ Firms to Ban List appeared first on Security Boulevard. European cousins Intellexa and Cytrox essentially banned by Commerce Dept. Predator/ALIEN not welcome in U.S. The post Biden Admin.

Spyware 98

Spyware Security Awareness Social Engineering Network Security 98

Schneier on Security

OCTOBER 25, 2021

Citizen Lab is that a New York Times journalist was hacked with the NSO Group’s spyware Pegasus, probably by the Saudis. The world needs to do something about these cyberweapons arms manufacturers. This kind of thing isn’t enough; NSO Group is an Israeli company.

Spyware 211

Spyware Hacking Manufacturing 211

Graham Cluley

SEPTEMBER 26, 2023

The founder of a news outlet outlawed in Russia for its independent reporting and stance on the war in Ukraine, believes that a country in the European Union was behind the hacking of her iPhone with military-grade spyware. Read more in my article on the Hot for Security blog.

Spyware 84

Spyware Hacking 84

The Hacker News

MAY 26, 2023

Security researchers have shared a deep dive into the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa (previously Cytrox). The spyware, which is delivered by means of

Spyware 119

Spyware Marketing 119

SecureList

JUNE 21, 2023

Over the years, there have been multiple cases when iOS devices were infected with targeted spyware such as Pegasus, Predator, Reign and others. Due to this granularity, discovering one exploit in the chain often does not result in retrieving the rest of the chain and obtaining the final spyware payload.

Spyware 133

Spyware Encryption Passwords Backups 133

Bleeping Computer

APRIL 11, 2023

Microsoft and Citizen Lab discovered commercial spyware made by an Israel-based company QuaDream used to compromise the iPhones of high-risk individuals using a zero-click exploit named ENDOFDAYS. [.]

Spyware 145

Spyware Hacking Risk 145

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Upon installing the two spyware, they request extensive device permissions.

Spyware 87

Spyware Malware Surveillance Hacking 87

Adam Levin

MAY 15, 2019

WhatsApp disclosed a major security vulnerability that allowed hackers to remotely install spyware on mobile devices. The spyware deployed has been traced back to NSO Group, an Israeli cyber company alleged to have enabled Middle East governments to surveil its citizens. NSO Group has denied involvement.

Spyware 200

Spyware Surveillance Encryption Mobile 200

Security Boulevard

JULY 29, 2022

The post Solved: Subzero Spyware Secret — Austrian Firm Fingered appeared first on Security Boulevard. DSIRF GmbH codenamed ‘Knotweed’ by Microsoft and RiskIQ.

Spyware 144

Spyware Security Awareness Social Engineering Malware 144

Bleeping Computer

JUNE 23, 2023

Today, CISA ordered federal agencies to patch recently patched security vulnerabilities exploited as zero-days to deploy Triangulation spyware on iPhones via iMessage zero-click exploits. [.]

Spyware 122

Spyware 122

Security Affairs

MARCH 3, 2023

The phone of an opposition-linked Polish mayor was infected with the powerful Pegasus spyware, local media reported. Reuters reported that the phone of an opposition-linked Polish mayor was infected with the Pegasus spyware. According to rumors, the Polish special services are using surveillance software to spy on government opponents.

Spyware 94

Spyware Surveillance Hacking Government 94

The Last Watchdog

SEPTEMBER 27, 2023

27, 2023 — Citing organized crime statutes, attorneys with Wisner Baum have filed the first RICO class action alleging that H&R Block, Meta, and Google jointly schemed to install spyware on the H&R Block site, scraping customers’ private tax return information for profit. Los Angeles, Calif.,

Spyware 100

Spyware Identity Theft Data privacy Banking 100

Naked Security

APRIL 10, 2023

That double-whammy Apple browser-to-kernel spyware bug combo we wrote up last week? Turns out it applies to all supported Macs and iDevices - patch now!

Spyware 143

Spyware 143

Bleeping Computer

JULY 19, 2023

government has banned European commercial spyware manufacturers Intellexa and Cytrox, citing risks to U.S. national security and foreign policy interests. [.]

Spyware 98

Spyware Manufacturing Government Risk 98

SecureWorld News

JULY 20, 2023

The Commerce Department recently added four spyware vendors to its Entity List for their involvement in trafficking cyber exploits used to gain unauthorized access to information systems. This move targets the activities of spyware vendors that pose a serious threat to the privacy and security of individuals and organizations worldwide.

Spyware 78

Spyware Surveillance Data privacy Government 78