Security Affairs

DECEMBER 16, 2024

Researchers warn of previously undetected surveillance spyware, named NoviSpy, that was found infecting a Serbian journalist’s phone. Then he requested help from Amnesty Internationals Security Lab fearing to be the target of surveillance software like other journalists in Serbia. Development traces back to at least 2018.

Spyware

Security Affairs

MAY 28, 2025

It checks the environment to avoid honeypots or restricted systems and looks specifically for the term Pumatronix, a maker of surveillance and traffic cameras, hinting at IoT targeting or an attempt to bypass certain devices. ” states the report.

Surveillance

Malwarebytes

JANUARY 20, 2025

The name for this method is surveillance pricing, and the FTC has just released initial findings of a report looking into that practice. In July 2024, the FTC requested information from eight companies offering surveillance pricing products and services that incorporate data about consumers characteristics and behavior.

Surveillance

Schneier on Security

JUNE 25, 2025

Yes, it will occasionally get things wrong, but LLMs are going to open a whole new world of intimate surveillance. That’s an extraordinary amount of information, organized in human understandable ways.

Architecture

Penetration Testing

JULY 3, 2025

in HIKVISION applyCT allows unauthenticated RCE via Fastjson deserialization, risking surveillance systems. A critical flaw (CVE-2025-34067, CVSS 10.0) Patch immediately!

Surveillance

SecureWorld News

MAY 13, 2025

It's a pivotal moment for digital civil liberties, responsible surveillance governance, and the role of private enterprise in defending the cyber ecosystem. Spyware at scale: inside the surveillance-as-a-service business model The trial unearthed a rare look into NSO's operations. This is more than a courtroom win.

Spyware

Penetration Testing

JUNE 7, 2025

Learn how this sophisticated attack works and if your surveillance system is at risk. A new Mirai botnet variant is exploiting CVE-2024-3721 to infect vulnerable DVRs.

Surveillance

Security Affairs

JUNE 7, 2025

Over 4 billion user records were found exposed online in a massive breach, possibly linked to the surveillance of Chinese citizens. ” They suggest the scale and variety of the information point to a centralized system, possibly used for surveillance, profiling, or enriching existing data. ” reads the post.

Surveillance

Security Affairs

FEBRUARY 2, 2025

WhatsApp linked the hacking campaign to Paragon, an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024. The WIS, among other things, allows defendants clients to send cipher files with installation vectors that ultimately allow the clients to surveil target users.

Spyware

Schneier on Security

JULY 14, 2025

Related Entries Surveillance Used by a Drug Cartel Chinese-Owned VPNs The NSA's "Fifty Years of Mathematical Cryptanalysis (1937–1987)" NCSC Guidance on "Advanced Cryptography" Cryptocurrency Thefts Get Physical Featured Essays The Value of Encryption Data Is a Toxic Asset, So Why Not Throw It Out?

Cybercrime

Security Affairs

DECEMBER 3, 2024

According to rumors, the Polish special services are using surveillance software to spy on government opponents. In June 2022, the controversial Israeli surveillance vendor NSO Group told the European Union lawmakers that its Pegasus spyware was used by at least five countries in the region.

Spyware

Security Affairs

JANUARY 27, 2025

Usually, such kinds of vulnerabilities are exploited by nation-state actors or commercial surveillance spyware vendors in targeted attacks. As usual, the company did not share details regarding the attacks exploiting the flaw. Customers are recommended to install the security updates released by the company.

Spyware

Security Affairs

AUGUST 9, 2025

It determined that such tools are only appropriate for investigating serious crimes, and could expose citizens to surveillance activities posing a “very severe” intrusion into privacy. The decision limits the use of surveillance software , which can monitor encrypted communications, for cases meeting a high threshold of criminal severity.

Spyware

Schneier on Security

JULY 24, 2025

Developers no longer need to build and maintain extensive data storage systems, surveillance infrastructure, or analytics pipelines. pushed us toward centralized platforms and surveillance capitalism, but there has always been a better way. Unlike Web 2.0 The economics of Web 2.0

Architecture

Krebs on Security

DECEMBER 29, 2024

A surveillance photo of Connor Riley Moucka, a.k.a. That story withheld Judische’s real name, but the reporting came in handy in late October when a 25-year-old Canadian man named Connor Riley Moucka was arrested and charged with 20 criminal counts connected to the Snowflake data extortions.

Scams

Security Affairs

APRIL 29, 2025

The report published by GTIG highlights evolving attacker tactics, better vendor defenses, and growing challenges in detecting commercial surveillance activity. Google attributed 34 cases, with 53% tied to cyber espionage groups, mainly nation-state or commercial surveillance vendors. ” reads the report published GTIG.

Surveillance

Schneier on Security

MAY 29, 2025

The only links are from The Daily Mail and The Mirror , but a marital affair was discovered because the cheater was recorded using his smart toothbrush at home when he was supposed to be at work.

Surveillance

The Last Watchdog

DECEMBER 16, 2024

Hurd Wayne Hurd , VP of Sales, Luminys Video Surveillance as a Service (VSaaS) advancements will provide more accurate threat detection that allows security teams to focus on real risks, minimizing false alarms. Security teams will need to address the unique risks posed using LLMs in mission critical environments.

Cyber threats

WIRED Threat Level

MAY 26, 2025

Government surveillance. AI data scrapes. Thinking about where to start when it comes to protecting your online privacy can be overwhelming. Heres a simple guide for youand anyone who claims they have nothing to hide.

Surveillance

Security Affairs

NOVEMBER 14, 2024

The Salt Typhoon group targeted surveillance systems used by the US government to investigate crimes and threats to national security, including activities carried out by nation-state actors. “For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S.

Government

SecureWorld News

NOVEMBER 15, 2024

officials believe that Salt Typhoon's main objectives are to gather intelligence on government-related communications and to track PRC surveillance efforts within the U.S.​ The espionage campaign comes amid growing concerns over Chinese cyber activities targeting critical infrastructure globally.

Telecommunications

Security Affairs

APRIL 8, 2025

The Meta-owned company linked the hacking campaign to Paragon , an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024. The hacking campaign targeted 90 users and was disrupted in December, WhatsApp immediately alerted targeted users of a possible compromise of their devices.

Spyware

Malwarebytes

APRIL 11, 2025

The goal of the Pall Mall Pact is to regulate Commercial Cyber Intrusion Capabilities (CCICs), or what we usually refer to as spyware and surveillance tools. Commercial hacking tools have enabled intrusive surveillance practices that undermine fundamental freedom and human rights. Privacy is more than a personal concern.

Spyware

Security Boulevard

JANUARY 20, 2025

Inside the Black Box of Predictive Travel Surveillance Wired Covers the use of powerful surveillance technology in predicting who might be a "threat."

Surveillance

Malwarebytes

JULY 3, 2025

And seven years on, the Bureau’s defenses against this kind of surveillance are still inadequate. It identifies a threat that it calls ubiquitous technical surveillance (UTS), in which an attacker combines different kinds of data to build up a detailed profile of a subject.

Hacking

Security Affairs

APRIL 17, 2025

However, the limited, targeted nature of these attacks against iOS users suggests that commercial surveillance vendors or a nation-state actor likely exploited the flaws. Security patches are available for the following devices: iPhone XS and later, iPad Pro 13-inch, iPad Pro 13.9-inch

Surveillance

Security Affairs

FEBRUARY 26, 2025

” LightSpy now targets social media platforms like Facebook and Instagram from Android, extracting messages, contacts, and metadata, enhancing surveillance and exploitation potential. “This is the first reference we are aware of Facebook and Instagram database targeting within LightSpy’s command structure. ” Hunt.io

Data collection

Security Affairs

NOVEMBER 16, 2024

Court filing revealed that NSO Group used WhatsApp exploits after the instant messaging firm sued the surveillance company. NSO Group developed malware that relied on WhatsApp exploits to infect target individuals even after the Meta-owned instant messaging company sued the surveillance firm. from April 29, 2018, to May 10, 2020).

Spyware

Security Affairs

MARCH 20, 2025

The modular architecture of the malware allows to extend its functionalities for multiple malicious purposes, including surveillance, reconnaissance, information theft, DDoS attacks, and arbitrary code execution.

Computers and Electronics

Malwarebytes

JUNE 19, 2025

Non-profit group Fairplay, which advocates for protecting children from inappropriate technology and brand marketing, launched a campaign protesting child surveillance. Subsequently, investigators found vulnerabilities that would allow intruders to eavesdrop on that audio. Mattel pulled the toy from shelves in 2017.

Surveillance

Security Affairs

NOVEMBER 14, 2024

The Salt Typhoon group targeted surveillance systems used by the US government to investigate crimes and threats to national security, including activities carried out by nation-state actors. “For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S.

Government

SecureWorld News

JUNE 24, 2025

That warning has prompted discussion across the cybersecurity community, including from former CISA Director Jen Easterly , who emphasized vigilance and resilience in the face of global instability in this LinkedIn post: Destructive malware and mobile surveillance: Iran's capabilities Iran's cyber arsenal includes more than basic espionage.

Cyber threats

Security Affairs

JANUARY 19, 2025

The Planet WGS-804HPT industrial switch is used in building and home automation networks to provide connectivity of Internet of things (IoT) devices, IP surveillance cameras, and wireless LAN network applications. This switch family is equipped with a web service and SNMP management interface. ” reads the advisory published by Claroty.

Firmware

Schneier on Security

JULY 18, 2025

Meiya Pico maintains partnerships with domestic and international law enforcement partners, both as a surveillance hardware and software provider, as well as through training programs for law enforcement personnel. Massistant gains access to device GPS location data, SMS messages, images, audio, contacts and phone services.

Mobile

Security Affairs

FEBRUARY 13, 2025

Unmanned Aerial Vehicles (UAVs), commonly known as drones, have become integral to modern military operations, particularly for intelligence, surveillance, and reconnaissance (ISR) missions. The trend of malicious targeting in the drone manufacturing segment increased during Q3-Q4 2024 and continued into Q1 2025.

Technology

Malwarebytes

JANUARY 21, 2025

Aside from the contribution towards a surveillance society, the risks of such a tool are obvious. The companys founder says he has pushed back against requests from people asking to track particular women. Now GeoSpy has closed off public access to the tool, after 404 Media asked him for a comment.

Identity Theft

Security Affairs

APRIL 5, 2025

Call metadata can enable real-time surveillance if misused. The issue likely affected most Verizon Wireless users, as the service is often enabled by default. Connelly explained that an attacker can retrieve timestamps associated with incoming calls, exploiting this vulnerability. Repeated numbers may reveal private or burner lines.

Wireless