Ex-Soldier Tried To Pass Secrets To China After Seeking A Subreddit About Spy Stuff

Predator Files Report Prompts Call For Worldwide Ban On Spyware

School Surveillance Tech Does More Harm Than Good

Researchers Link DragonEgg Android Spyware to LightSpy iOS Surveillanceware

New findings have identified connections between an Android spyware called DragonEgg and another sophisticated modular iOS surveillanceware tool named LightSpy. DragonEgg, alongside WyrmSpy (aka AndroidControl), was first disclosed by Lookout in July 2023 as a strain of malware capable of gathering sensitive data from Android devices. It was attributed to the Chinese nation-state group APT41. On

Russia's APT29 Intensifies Espionage Operations

3 iOS 0-Days, A Cellular Network Compromise, And HTTP Used To Infect An iPhone

From Watering Hole to Spyware: EvilBamboo Targets Tibetans, Uyghurs, and Taiwanese

Tibetan, Uyghur, and Taiwanese individuals and organizations are the targets of a persistent campaign orchestrated by a threat actor codenamed EvilBamboo to gather sensitive information. "The attacker has created fake Tibetan websites, along with social media profiles, likely used to deploy browser-based exploits against targeted users," Volexity security researchers Callum Roxan, Paul

New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware

The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023. "The targeting took place after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian elections," the

US Govt IT Help Desk Techie Leaked Top Secrets To Foreign Nation

Apple Patches 3 Zero Days Likely Exploited By Spyware Vendor To Hack iPhones

China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers

China's Ministry of State Security (MSS) has accused the U.S. of breaking into Huawei's servers, stealing critical data, and implanting backdoors since 2009, amid mounting geopolitical tensions between the two countries. In a message posted on WeChat, the government authority said U.S. intelligence agencies have "done everything possible" to conduct surveillance, secret theft, and intrusions on

Marvell Disputes Claim Cavium Backdoored Chips For Uncle Sam

Exiled Russian Journalist Hacked Using NSO Group Spyware

Russian Journalist's iPhone Compromised by NSO Group's Zero-Click Spyware

The iPhone belonging to Galina Timchenko, a prominent Russian journalist and critic of the government, was compromised with NSO Group's Pegasus spyware, a new collaborative investigation from Access Now and the Citizen Lab has revealed. The infiltration is said to have happened on or around February 10, 2023. Timchenko is the executive editor and owner of Meduza, an independent news publication

Mozilla Patches 0-Day Exploited For Spyware Delivery

Google Patches Chrome 0-Day Reported By Apple, Spyware Hunters

Apple Patches Two Pegasus Spyware Zero Days

Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play

Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that’s designed to harvest sensitive information from compromised Android devices. According to Kaspersky security researcher Igor Golovin, the apps come with nefarious features to capture and exfiltrate names, user IDs, contacts, phone numbers, and chat messages to an actor-controlled server. The

New Flaw In Apple Devices Led To Spyware Infection, Researchers Say

Apple Rushes to Patch Zero-Day Flaws Exploited for Pegasus Spyware on iPhones

Apple on Thursday released emergency security updates for iOS, iPadOS, macOS, and watchOS to address two zero-day flaws that have been exploited in the wild to deliver NSO Group's Pegasus mercenary spyware. The issues are described as below - CVE-2023-41061 - A validation issue in Wallet that could result in arbitrary code execution when handling a maliciously crafted attachment. CVE-2023-41064

China Bans iPhones From More Government Offices

Government Denies U-Turn On Encrypted Messaging Row

Twitter Accused Of Helping Saudi Arabia Commit Human Rights Abuses

Five Eyes Report: New Russian Malware Targeting Ukrainian Military Android Devices

US Spy Satellite Agency Isn't So Silent About New Silent Barker Mission

China-Linked BadBazaar Android Spyware Targeting Signal and Telegram Users

Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy Store that are engineered to deliver the BadBazaar spyware on infected devices. Slovakian company ESET attributed the campaign to a China-linked actor called GREF. "Most likely active since July 2020 and since July 2022, respectively, the campaigns

India Passes Data Protection Law Amid Surveillance Concerns

Stalkerware Slinger LetMeSpy Shuts Down For Good After Database Robbery

Google Fails To End $5 Billion Consumer Privacy Lawsuit

Navy Soldiers Charged With Giving Chinese Spies Secret Military Info

US Military Battling Cyber Threats From Within And Without

UK Spy Agencies Want To Relax Laws On AI Data Use

Instead Of Warrants, The NSA Would Like To Keep Buying Your Data

S3 Ep145: Bugs With Impressive Names!

Fascinating fun (with a serious and educational side) - listen now! Full transcript available inside.

Researchers Find Backdoor In Encrypted Police And Military Radios

Apple Slams UK Surveillance Bill Proposals

US Adds Euro Spyware Makers To Export Naughty List

Chinese APT41 Hackers Target Mobile Devices with New WyrmSpy and DragonEgg Spyware

The prolific China-linked nation-state actor known as APT41 has been linked to two previously undocumented strains of Android spyware called WyrmSpy and DragonEgg. "Known for its exploitation of web-facing applications and infiltration of traditional endpoint devices, an established threat actor like APT 41 including mobile in its arsenal of malware shows how mobile endpoints are high-value

U.S. Government Blacklists Cytrox and Intellexa Spyware Vendors for Cyber Espionage

The U.S. government on Tuesday added two foreign commercial spyware vendors, Cytrox and Intellexa, to an economic blocklist for weaponizing cyber exploits to gain unauthorized access to devices and "threatening the privacy and security of individuals and organizations worldwide." This includes the companies' corporate holdings in Hungary (Cytrox Holdings Crt), North Macedonia (Cytrox AD), Greece

FBI Surveillance Fears Are Uniting a Badly Broken Congress

The FBI has collected sensitive data on millions of Americans without warrants, drawing intense scrutiny from Congress and turning the agency into a punching bag across the political divide.

Privacy Activists Slam EU-US Pact On Data Sharing

Two Spyware Apps on Google Play with 1.5 Million Users Sending Data to China

Two file management apps on the Google Play Store have been discovered to be spyware, putting the privacy and security of up to 1.5 million Android users at risk. These apps engage in deceptive behaviour and secretly send sensitive user data to malicious servers in China. Pradeo, a leading mobile security company, has uncovered this alarming infiltration. The report shows that both spyware apps,

Iranian Hacking Group Impersonating Nuclear Experts To Gain Intel From Western Think Tanks

North Korean Satellite Had No Military Unit For Spying, Says South Korea

American Technology Found In Chinese Spy Balloon Debris

Android Spy App LetMeSpy Suffers Major Data Breach, Exposing Users' Personal Data

Android-based phone monitoring app LetMeSpy has disclosed a security breach that allowed an unauthorized third-party to steal sensitive data associated with thousands of Android users. "As a result of the attack, the criminals gained access to email addresses, telephone numbers and the content of messages collected on accounts," LetMeSpy said in an announcement on its website, noting the

Submarine Cables At Risk Of Nation State Sabotage, Spying

U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency has added a batch of six flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This comprises three vulnerabilities that Apple patched this week (CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439), two flaws in VMware (CVE-2023-20867 and CVE-2023-20887), and one shortcoming impacting Zyxel

Why Is It So Rare To Hear About Western Cyber Attacks?

GCHQ Warns Ransomware Crews Are Targeting Law Firms

The US Navy, NATO, And NASA Are Using A Shady Chinese Company's Encryption Chips

Chinese Spies Caught Exploiting VMware ESXi Zero Day

U.S. Intelligence Has Amassed Sensitive And Intimate Data On Nearly Everyone

FBI: FISA Section 702 Absolutely Critical To Spy On, Err, Protect Americans

What's Really Changed 10 Years After The Snowden Revelations

ByteDance Accused Of Helping China Spy On Hong Kong Activists

Amazon's Ring Doorbell Was Used To Spy On Customers

Russia Says U.S. Accessed Thousands Of Apple Phones In Spy Plot

Cyberwar Manufacturers Plot To Stay On Right Side Of US

Senator Wyden Seems Surprised By US Govt Spyware Stance