Apple has released emergency security updates to fix two critical iOS zero-day vulnerabilities that cyberattackers are actively using to compromise iPhone users at the kernel level.
According to Apple’s security …
Apple has released emergency security updates to fix two critical iOS zero-day vulnerabilities that cyberattackers are actively using to compromise iPhone users at the kernel level.
According to Apple’s security …
The US cybersecurity agency CISA on Tuesday added flaws impacting Pixel phones and Sunhillo software to its Known Exploited Vulnerabilities (KEV) catalog.
The exploited Pixel vulnerability is tracked as CVE-2023-21237. …
Mar 06, 2024NewsroomPrivacy / Spyware
The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two individuals and five entities associated with the Intellexa Alliance for their role …
Two individuals and five entities have been sanctioned by the US government for their role in the development and spread of Predator mobile spyware, which is viewed as a threat …
Apple released emergency security updates to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones.
“Apple is aware of a report that this issue may have been …
The Treasury Department announced Tuesday it has sanctioned two people and a Greece-based commercial spyware company headed by a former Israeli military officer that developed, operated and distributed technology used …
The U.S. has imposed sanctions on two individuals and five entities linked to the development and distribution of the Predator commercial spyware used to target Americans, including government officials and …
The infamous Predator mobile spyware operation publicly exposed in an eye-popping report last year by Amnesty International has revamped its malware delivery network and expanded its reach into Botswana and …
Mar 02, 2024NewsroomSpyware / Privacy
A U.S. judge has ordered NSO Group to hand over its source code for Pegasus and other products to Meta as part of the social …
New research from Recorded Future’s Insikt Group examines newly discovered infrastructure related to the operators of Predator, a mercenary mobile spyware. This infrastructure is believed to be in use in …
In September and October 2023, several open source publications, part of the Predator Files project coordinated by the European Investigative Collaborations, exposed the use of the Predator spyware by …
When we talk about the term “fake news,” most people likely picture a certain person who made the term infamous.
And when we talk about misinformation and disinformation, many will …
This blog was authored by Tomas Nieponice on February 23, 2024
This work was made in the context of a 3-week winter cybersecurity internship by the author at the Stratosphere …
While furiously trying to put out one fire — fake news — the social media giant is dealing with another growing threat: spies for hire. Read More
darkreading…
Cybernews reports that several documents leaked on GitHub have revealed the Chinese government’s utilization of spyware developed by homegrown information security firm I-Soon in its offensive cyber operations. Read More…
Novel MMS Fingerprint attack used by NSO Group against WhatsApp WhatsApp users have been targeted by Israeli spyware firm NSO Group through the new MMS Fingerprint attack that involved the …
The purveyor of the infamous Pegasus mobile spyware now has a new method for obtaining critical information from target iPhones and other mobile devices. Read More
darkreading…
Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the …
Today’s attackers are taking advantage of changing business dynamics to target people everywhere they work. Staying current on the latest cybersecurity attack vectors and threats is an essential part of …
The existence of a previously unknown infection technique used by spyware firm NSO Group is suggested by a single line in a contract between NSO and the telecom regulator of …
Published On : 2024-02-13
EXECUTIVE SUMMARYIn this report, we discuss the recently observed XSSLite Stealer that is being discussed within multiple hacking communities. It was released as part of …
This post is also available in: 日本語 (Japanese)
Executive SummaryGlupteba is advanced, modular and multipurpose malware that, for over a decade, has mostly been seen in financially driven cybercrime …
Welcome to the new edition of our report. As we bid farewell to the year 2023, let’s …
A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to …
Last updated at Tue, 27 Feb 2024 16:15:20 GMT
It seems like every week, the cybersecurity landscape sees the emergence of yet another ransomware variant, with Black Hunt being one …
Hackers tried to trick iPhone users into installing a fake version of WhatsApp in a potential attempt to gather information about them. Technical analyses by both researchers from digital rights …
If you have anything to do with cyber security, you know it employs its own unique and ever-evolving language. Jargon and acronyms are the enemies of clear writing—and are beloved …
The U.S. State Department said it’s implementing a new policy that imposes visa restrictions on individuals who are linked to the illegal use of commercial spyware to surveil civil society …
The iPhones belonging to nearly three dozen journalists, activists, human rights lawyers, and civil society members in Jordan have been targeted with NSO Group’s Pegasus spyware, according to joint findings …
Lena aka LambdaMamba
I am a Cybersecurity Analyst, Researcher, and ANY.RUN Ambassador. My passions include investigations, experimentations, gaming, writing, and drawing. …
While cybercriminals are often portrayed as gangs of hackers or lone brilliant coders, more often they buy and sell goods and services as …
Infamous Chisel is a collection of surveillance tooling used to target Android devices. It was first reported by the Ukrainian Security Service (SBU) in early August …
Authored by Fernando Ruiz
McAfee Mobile Research Team identified an Android backdoor implemented with Xamarin, an open-source framework that allows building Android and iOS apps with .NET and C#. Dubbed …
Research by: hasherezade
Highlights The Rhadamanthys stealer is a multi-layer malware, sold on the black market, and frequently updated. Recently the author released a new major version, 0.5.0. In the…Estimated reading time: 6 minutes
Cerber is a strain of ransomware that was first identified in early 2016. It is a type of malware that encrypts a victim’s files and …
Since the beginning of 2023, ESET researchers have observed an alarming growth of deceptive Android loan apps, which present themselves as legitimate personal loan services, promising quick and easy access …
Earlier this year, we reported on a new variant of SystemBC called DroxiDat that was deployed against …
In 2022, NSFOCUS Research Labs revealed a large-scale APT attack campaign called DarkCasino and identified an active and dangerous aggressive threat actor. By continuously tracking and in-depth study of …
UPDATE (November 13th, 2023): The website has removed the “DOWNLOAD APP” button, although the malicious app is still hosted on its servers.
ESET researchers have identified what appears to be …
It is not rare that users of popular instant messaging services find the official client apps to be lacking in functionality. To address that problem, third-party developers come up with …
A previously unknown advanced persistent threat (APT) group used custom malware and multiple publicly available tools to target a number of organizations in the manufacturing, IT, and biomedical sectors in …
Volexity has identified several long-running and currently active campaigns undertaken by the threat actor Volexity tracks as EvilBamboo (formerly named Evil Eye) targeting Tibetan, Uyghur, and Taiwanese individuals and organizations. …
UPDATE 11.09.2023. Google has informed us that all the apps were deleted from the Google Play store
A while ago we discovered a bunch of Telegram mods on Google Play …
Earlier this year, a Trojanized version of the 3CXDesktopApp, a popular VoIP program, was used in a high-supply-chain attack. The attackers …
Welcome to this week’s edition of the Threat Source newsletter.
I’m covering for Jon this week whilst he takes some well-deserved holiday. What’s on my mind this week? Well, apart …
Published On : 2023-08-23
EXECUTIVE SUMMARYAt Cyfirma, we are dedicated to providing you with up-to-date information on the most prevalent threats and tactics used by malicious actors to target …