spyware Archives - Cyber Security Minute

A renewed espionage campaign targets South Asia with iOS spyware LightSpy

Issued by: Security Affairs

Blackberry researchers discovered a renewed cyber espionage campaign targeting South Asia with an Apple iOS spyware called LightSpy. The sophisticated mobile spyware has resurfaced after several months of inactivity, the new version of LightSpy, dubbed “F_Warehouse”, supports a modular framework with extensive spying capabilities.

Mobile Security

‘Evil Telegram’ Spyware Campaign Infects 60K+ Mobile Users

Issued by: Dark Reading

Dangerous spyware masquerading as a set of legitimate Telegram “mods” inside the official Google Play app store has been downloaded tens of thousands of times — and its existence poses serious ramifications for business users. Modified applications (“mods”) for the popular messaging client are a well-known part of the Telegram ecosystem. Mods are apps that…

Mobile Security

Samsung Patches Memory Address Randomization Bypass Flaw

Issued by: DataBreach Today

Android smartphone device manufacturer Samsung has a patch for a flaw used by commercial surveillance hackers to implant malware in the United Arab Emirates. Security researchers at Google and Amnesty International in March reported an exploit chain apparently developed by Barcelona spyware vendor Variston to deploy a surveillance malware to devices located in the UAE….

Malware & Threats

PEGA Committee Calls for Limits on Commercial Spyware

Issued by: DataBreach Today

A European Parliament committee investigating the abuse of commercial spyware tools such as Pegasus recommended a slew of new regulatory safeguards but dropped a preliminary call for a moratorium. In place of a continental pause on European Union member governments’ deployment of spyware that can surreptitiously infect smartphones to record the location, telephone calls and…

Network Security

Commercial Surveillance Industry Set for Growth, Says NCSC

Issued by: DataBreach Today

The global commercial spyware market will expand over the next five years as demand for advanced surveillance tools by governments surges, says a new report from the U.K’s National Cyber Security Centre. The NCSC report, which defines the proliferation of surveillance tools such as NSO Group’s Pegasus as a threat, assesses that at least 80…

Vulnerabilities

Apple zero-day spyware patches extended to cover older Macs, iPhones and iPads

Issued by: Naked Security

Last week, we warned about the appearance of two critical zero-day bugs that were patched in the very latest versions of macOS (version 13, also known as Ventura), iOS (version 16), and iPadOS (version 16). Zero-days, as the name suggests, are security vulnerabilities that were found by attackers, and put to real-life use for cybercriminal…

Mobile Security

Spyware vendors use exploit chains to take advantage of patch delays in mobile ecosystem

Issued by: CSO Online

Several commercial spyware vendors developed and used zero-day exploits against iOS and Android users last year. However, their exploit chains also relied on known vulnerabilities to work, highlighting the importance of both users and device manufacturers to speed up the adoption of security patches. “The zero-day exploits were used alongside n-day exploits and took advantage…

News

Pegasus spyware used to spy on a Polish mayor

Issued by: Security Affairs

Reuters reported that the phone of an opposition-linked Polish mayor was infected with the Pegasus spyware. According to rumors, the Polish special services are using surveillance software to spy on government opponents. The news of the hack was reported by the Gazeta Wyborcza daily, and unfortunately, it isn’t the first time that the Pegasus spyware…

Mobile Security

New York Attorney General Fines Vendor for Illegally Promoting Spyware

Issued by: Security Week

Since 2011, Hinchy has owned and operated numerous companies, including the 16 investigated by the New York OAG, for selling and promoting spyware targeting Android and iOS devices, including Auto Forward, Easy Spy, DDI Utilities, Highster Mobile, PhoneSpector, Surepoint, and TurboSpy. Once installed on victim devices, the spyware would collect and exfiltrate data such as…

Malware & Threats

Newsroom Sues NSO Group for Pegasus Spyware Compromise

Issued by: Dark Reading

Nearly two dozen journalists and other staffers working for El Faro, a digital newspaper based in El Salvador, are suing NSO Group for unleashing Pegasus spyware — malware they say was used to steal their most sensitive information, putting their safety in danger. Along with ASO Group Technologies, its Israeli parent company, Q Cyber Technologies…