Summary: The report warns of a resurgence of CapraRAT spyware targeting mobile gamers and weapons enthusiasts through malicious Android applications.
Threat Actor: Transparent Tribe, also known as APT36 | Transparent …
Summary: The report warns of a resurgence of CapraRAT spyware targeting mobile gamers and weapons enthusiasts through malicious Android applications.
Threat Actor: Transparent Tribe, also known as APT36 | Transparent …
Summary: The content discusses the decline in activity of the Predator spyware group, indicating that sanctions and exposure have impacted their operations.
Threat Actor: Predator spyware group | Predator spyware …
Affected Platforms: Microsoft WindowsImpacted Users: Microsoft WindowsImpact: The stolen information can be used for future attackSeverity Level: High
Spyware is malicious software engineered to covertly monitor and gather information from …
Summary: Polish prosecutors have seized Pegasus spyware systems from a government agency in Warsaw as part of an investigation into the alleged abuse of the surveillance tool by the previous …
Summary: The Security Service of Ukraine (SSU) has dismantled the infrastructure used by pro-Russia Ukraine residents to break into soldiers’ devices and deploy spyware. The infrastructure included bot farms and …
The Hi-Tech Crime Trends report by Group-IB highlights a growing cybercriminal focus on Apple devices due to their increasing popularity. This shift has led to a rise in malware …
ESET researchers have identified five campaigns targeting Android users with trojanized apps. Most probably carried out by the Arid Viper APT group, these campaigns started in 2022 and three of …
Summary: This content discusses five cyber espionage campaigns targeting Android users in Egypt and Palestine, attributed to the Arid Viper hacking group.
Threat Actor: Arid Viper | Arid Viper Victim: …
By Gi7w0rm, Asheer Malhotra and Vitor Ventura.
Cisco Talos is disclosing a new malware campaign called “Operation Celestial Force” running since at least 2018. It is still active today, employing…An AI illustration of the malvertising campaign using PuTTy and WinSCP
In the ever-evolving landscape of digital security, cyber threats are continually adapting and becoming more sophisticated. Among these threats, …
In the ever-evolving cybersecurity landscape, staying informed with the latest statistics and trends is not just beneficial—it’s imperative. The year 2024 is shaping up to be pivotal, with threats becoming …
Summary: Independent journalists and opposition activists in Europe, who have faced threats from Russia or Belarus, have been targeted or infected with the Pegasus spyware.
Threat Actor: NSO Group | …
Summary: Researchers have discovered a macOS version of the LightSpy spyware that has been active since January 2024, with threat actors using publicly available exploits to deliver the spyware and …
Summary: Sonatype has discovered a malicious PyPI package called ‘pytoileur’ that downloads and installs trojanized Windows binaries capable of surveillance, achieving persistence, and crypto-theft. This discovery led to an investigation …
In October 2023 we posted our research about the notorious surveillance framework LightSpy2. In our research, we proved with a high degree of confidence that both implants for Android and …
A stalkerware company with poor security practices is exposing victims’ data as the software, designed for unauthorized device monitoring, leaked victims’ phone screenshots through a publicly accessible URL.
The incident …
As organizations prepare for the challenges and opportunities of 2024, the critical importance of cybersecurity preparedness is increasingly apparent. In an era characterized by rapid digital transformation and continuous innovation, …
Summary: Microsoft’s new automatic screenshot retrieval feature, Recall, has raised security and privacy concerns as experts warn that it could enable hackers to steal sensitive information.
Threat Actor: Hackers | …
Summary: A consumer-grade spyware app called pcTattletale has been found running on the check-in systems of Wyndham hotels, capturing screenshots of guest details and customer information, which are available to …
Summary: Scammers are selling counterfeit code of the NSO Group’s Pegasus spyware, taking advantage of its notoriety for financial gain.
Threat Actor: Scammers selling counterfeit code advertised as the NSO …
On May 10, 2024, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and Multi-State Information Sharing and Analysis …
Summary: Google is introducing new anti-theft and data protection features for Android devices, including a Theft Detection Lock, Offline Device Lock, and Remote Lock.
Threat Actor: N/A
Victim: N/A
Key …
Summary: The US Cybersecurity and Infrastructure Security Agency (CISA) has released a guide to help civil society organizations mitigate cyber threats, particularly those posed by state-sponsored actors from nations like …
Summary: Apple has backported security patches to older iPhones and iPads, fixing an iOS zero-day vulnerability that was actively exploited in attacks.
Threat Actor: Unknown | Unknown Victim: Apple | …
Infostealers targeting macOS devices have been on the rise for well over a year now, with variants such as Atomic Stealer (Amos), RealStealer (Realst), MetaStealer and others widely distributed in …
Summary: The U.S. State Department will announce a new strategy to combat nation-state cyberthreats and promote international cooperation in cyberspace, while also addressing the risks of generative artificial intelligence systems.…
Summary: A new malware called “Cuckoo” has been discovered, targeting macOS users by disguising itself as a music converter app like Spotify.
Threat Actor: Cuckoo | Cuckoo Victim: macOS users …
Summary: The content highlights the procurement and deployment of powerful foreign commercial spyware and surveillance products in Indonesia, with the country’s national police and cyber agency being among the top …
On April 24, 2024, we found a previously undetected malicious Mach-O binary programmed to behave like a cross between spyware and an infostealer. We have named the malware Cuckoo, after …
Summary: The UK’s National Cyber Security Centre (NCSC) has launched a new initiative called Advanced Mobile Solutions (AMS) to enhance cyber-resilience for organizations targeted by nation-state threats on their mobile …
On April 11, 2024, BlackBerry released a new blog detailing a new VirusTotal upload of the LightSpy mobile spyware framework. BlackBerry stated that this malware was an iOS implant, yet …
A sophisticated cyberattack campaign leveraging Agent Tesla and Taskun malware has been actively targeting the education and government sectors in the U.S. This blog post delves into the intricacies of …
Summary: Google blocked millions of Android apps and suspended thousands of developer accounts in an effort to protect users and maintain the security of its official app store.
Threat Actor: …
Summary: The US State Department is imposing visa restrictions on individuals involved in the development and sale of commercial spyware, targeting those who have targeted journalists, academics, human rights defenders, …
Threat Actor: GhostR | GhostR Victim: World-Check | World-Check Price: Not mentioned Exfiltrated Data Type: Confidential database containing 5.3 million records
Additional Information:
World-Check is a global database used by…New research from Recorded Futures Insikt Group focuses on the growing threat of a possible "mobile NotPetya" event. Through zero-click exploits, a self-propagating mobile malware could infiltrate smartphones at scale. …
The creators of widespread malware programs often employ various tools that hinder code detection and analysis, and Android malware is no exception. As an example of this, droppers, such as …
This report details the resurgence of the LightSpy mobile espionage campaign, which focuses on targets in Southern Asia and probably India, potentially indicating a renewed focus on political targets and tensions …
Summary: A new campaign conducted by the TA558 hacking group is using steganography to hide malicious code inside images and deliver various malware tools onto targeted systems.
Threat Actor: TA558 …
Summary: Cybersecurity researchers have discovered a renewed cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy.
Threat Actor: LightSpy …
Summary: Apple has updated its warning system to alert users when they may have been individually targeted by mercenary spyware threats, such as the surveillance tools developed by NSO Group.…
Research by: Antonis Terefos, Raman Ladutska
Part I from the series E-Crime & Punishment
When considering a notoriously famous topic known for quite a long time, it may feel like …
Threat Actor: Black Shadow (originated from Iran), Russian hacker Victim: Atraf (Israeli LGBTQ dating app) users
Information: – Atraf, a popular Israeli LGBTQ dating app, has suffered a major data …
By Oleg Zaytsev (Guardio Labs)
Guardio Labs discovered a vulnerability in the Microsoft Edge browser, designated CVE-2024–21388. This flaw could have allowed an attacker to exploit a private API, initially intended …
Summary : The leaked data trove belonging to the Chinese hacking contractor iSoon reveals its links to Chinese APT groups, showcasing its involvement in cyberespionage operations on behalf of Beijing.…
__________________________________________________ Summary : The GEOBOX tool on the Dark Web allows hackers to manipulate GPS, simulate networks, mimic Wi-Fi, and evade anti-fraud filters using Raspberry Pi devices.
Key Point : …
Malware for mobile devices is something we come across very often. In 2023, our technologies blocked 33.8 million malware, adware, and riskware attacks on mobile devices. One of 2023’s …
Six new countries have joined an international effort to counter the proliferation and misuse of commercial spyware.
Finland, Germany, Ireland, Japan, Poland and South Korea were added to a previously …
A group of 40 state attorneys general have sent a letter to Instagram and Facebook parent company Meta expressing “deep concern” over what they say is dramatic uptick of consumer …