Tag: SPYWARE

Serbian police used Cellebrite zero-day hack to unlock Android phones
Summary: Serbian authorities utilized a zero-day exploit chain by Cellebrite to unlock a student activist’s device and install spyware. This incident has raised concerns over privacy rights, prompting Cellebrite to restrict access to its tools for Serbian security services. Meanwhile, vulnerabilities identified in the Android kernel remain partially unaddressed, posing ongoing risks.…
Read More
Cellebrite zero-day exploit used to target phone of Serbian student activist – Amnesty International Security Lab
Amnesty International’s Security Lab revealed a case of Cellebrite’s forensic tools being misused to surveil a youth activist in Serbia. Subsequent investigations indicated that the Serbian authorities continue to exploit such tools for illegitimate surveillance of civil society despite international criticism. Further research highlighted zero-day vulnerabilities in Android USB drivers potentially affecting over a billion devices.…
Read More
Cellebrite cuts off Serbia over abuse of phone-cracking software against civil society
Summary: Cellebrite, an Israeli company, has decided to cease licensing its mobile unlocking software to Serbia after allegations of misuse by Serbian authorities, including the illegal break-in of citizens’ phones. This decision follows an Amnesty International report that highlighted the use of Cellebrite’s technology to install spyware on civilians.…
Read More
Attacks Against Government Entities, Defense Sector, and Human Targets
This article discusses the ongoing cyber warfare between Russia and Ukraine, highlighting various attacks perpetrated by both sides against government entities, military targets, and human resources. It details significant events, cyber techniques, and implications for future warfare. Affected: Ukrainian Government, Defense Sector, Russian Government, Civilian Targets

Keypoints :

Russian XakNet hackers targeted Ukrainian government entities, erasing records from the Ministry of Justice.…
Read More
LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile
Summary: Cybersecurity researchers have identified updates to the LightSpy implant, a modular spyware with expanded capabilities for data extraction from social media platforms like Facebook and Instagram. This updated version supports an extensive range of commands across multiple operating systems and has introduced new Windows-specific plugins for data collection and surveillance.…
Read More
⚡ THN Weekly Recap: From .5B Crypto Heist to AI Misuse & Apple’s Data Dilemma
Summary: This week’s cyber news highlights a record-breaking .5 billion crypto theft linked to the Lazarus Group, the banning of ChatGPT accounts for malicious activities by OpenAI, and Apple’s withdrawal of its Advanced Data Protection feature in the UK. These incidents underscore the evolving landscape of cyber threats and their impact on organizations and users alike.…
Read More
Top Polish anti-corruption official resigns amid spyware probe
Summary: The head of Poland’s Central Anti-Corruption Bureau, Agnieszka Kwiatkowska-Gurdak, resigned amid criticism for allegedly withholding information during an investigation into widespread spyware abuse. The resignation follows accusations from the commission investigating these abuses that she misinterpreted her obligation to confidential information. The controversy arises during a political climate where the new government seeks accountability for the misuse of surveillance tools like Pegasus against opposition figures.…
Read More
Cyber threats impacting the financial sector in 2024 – focus on the main actors
This report discusses the evolving landscape of cybercrime and state-sponsored threats targeting the financial sector, focusing on Initial Access Brokers (IABs), ransomware groups, and Trojan operators. It highlights the roles of various actors and techniques, showcasing the persistent threat posed by these entities through sophisticated malware, exploitation of vulnerabilities, and collaborative tactics.…
Read More
China-linked hackers target European healthcare orgs in suspected espionage campaign
Summary: Researchers have uncovered a hacking group, dubbed Green Nailao, targeting European healthcare organizations with spyware and ransomware, potentially linked to state-backed Chinese hackers. The campaign exploited a vulnerability in cybersecurity products, enabling unauthorized access to sensitive data. Identified malware includes ShadowPad, PlugX, and a new strain, NailaoLocker, raising questions about the motivations behind the attacks.…
Read More
DeceptiveDevelopment targets freelance developers
Cybercriminals, under the guise of recruiters, have targeted freelance software developers in a deceptive malware campaign named DeceptiveDevelopment. This campaign, linked to North Korea, has been promoting fake job offers that lead to the installation of malware during the application process. The operators primarily utilize two malware families — BeaverTail and InvisibleFerret — to steal sensitive information and cryptocurrency.…
Read More
Pegasus spyware infections found on several private sector phones
Summary: New findings by iVerify reveal that zero-click Pegasus spyware is affecting a broader range of individuals, including business executives, not just members of civil society. During December alone, Pegasus was detected on 11 out of 18,000 tested devices. This alarming trend increases concerns about corporate and personal security amidst a growing spyware crisis.…
Read More
Zero-Click Hacking
Zero-click exploits represent a dangerous form of cyberattack that allows hackers to infiltrate devices without any user interaction, posing significant threats to personal privacy and security. These attacks exploit vulnerabilities in various messaging apps and wireless networks, enabling unauthorized access to sensitive data. Major examples include Pegasus spyware targeting iPhones and various flaws related to WhatsApp and Android vulnerabilities.…
Read More
South Korean CSOs Under Cyberattack: 3-Year Study
Summary: A comprehensive study by independent researcher Ovie reveals the significant and targeted cyber threats aimed at civil society organizations (CSOs) in South Korea, particularly those advocating for human rights and North Korean issues. The research highlights the sophisticated methods employed by North Korean and Chinese-backed threat actors, including spear-phishing and advanced malware.…
Read More
NanoCore RAT Malware Analysis
This article provides an in-depth analysis of a NanoCore Remote Access Trojan (RAT) sample identified by the hash 18B476D37244CB0B435D7B06912E9193, highlighting its behavior, obfuscation techniques, persistence methods, and communication with command-and-control (C2) servers. Affected: Cybersecurity, Victims of Data Theft

Keypoints :

NanoCore is a Remote Access Trojan used for espionage and data theft.…
Read More
Ex-NSO Group CEO’s Security Firm Dream Raises 0M at .1B Valuation
Summary: The Italian government faced allegations of spying on journalists and activists using military-grade spyware, which was reportedly supplied by Israeli firm Paragon Solutions. While the government denied these claims and emphasized compliance with the law, it initiated an investigation into the purported hacking of at least seven Italian cellphones.…
Read More