By Amanda Hoover, Matt Burgess β March 11th 2024 at 14:38
Starting at the end of April, Airbnb will no longer allow hosts to have security cameras inside their rental properties, citing a commitment to prioritizing guest privacy.
Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry.
The findings are part of its Adversarial Threat Report for the fourth quarter of 2023. The spyware targeted iOS, Android, and Windows devices.
"Their various malware included
A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to curb the abuse of commercial spyware to commit human rights abuses.
The initiative, dubbed the Pall Mall Process, aims to tackle the proliferation and irresponsible use of commercial cyber intrusion tools by
The U.S. State Department said it's implementing a new policy that imposes visa restrictions on individuals who are linked to the illegal use of commercial spyware to surveil civil society members.
"The misuse of commercial spyware threatens privacy and freedoms of expression, peaceful assembly, and association," Secretary of State Antony Blinken said. "Such targeting has been
The iPhones belonging to nearly three dozen journalists, activists, human rights lawyers, and civil society members in Jordan have been targeted with NSO Group's Pegasus spyware, according to joint findings from Access Now and the Citizen Lab.
Nine of the 35 individuals have been publicly confirmed as targeted, out of whom six had their devices compromised with the mercenary
Cybersecurity researchers have identified a "lightweight method" called iShutdown for reliably identifying signs of spyware on Apple iOS devices, including notorious threats like NSO Group's Pegasus, QuaDream's Reign, and Intellexa's Predator.
Kaspersky, which analyzed a set of iPhones that were compromised with Pegasus, said the infections left traces in a file
The Operation Triangulation spyware attacks targeting Apple iOS devices leveraged never-before-seen exploits that made it possible to even bypass pivotal hardware-based security protections erected by the company.
Russian cybersecurity firm Kaspersky, which discovered the campaign at the beginning of 2023 after becoming one of the targets, described it as
Indian government entities and the defense sector have been targeted by a phishing campaign that's engineered to drop Rust-based malware for intelligence gathering.
The activity, first detected in October 2023, has been codenamed Operation RusticWeb by enterprise security firm SEQRITE.
"New Rust-based payloads and encrypted PowerShell commands have been utilized to exfiltrate
A new analysis of the sophisticated commercial spyware called Predator has revealed that its ability to persist between reboots is offered as an "add-on feature" and that it depends on the licensing options opted by a customer.
"In 2021, Predator spyware couldn't survive a reboot on the infected Android system (it had it on iOS)," Cisco Talos researchers Mike Gentile, Asheer Malhotra, and Vitor
Competing bills moving through the House of Representatives both reauthorize Section 702 surveillanceβbut they pave very different paths forward for Americansβ privacy and civil liberties.
A new "post-exploitation tampering technique" can be abused by malicious actors to visually deceive a target into believing that their Apple iPhone is running in Lockdown Mode when it's actually not and carry out covert attacks.
The novel method, detailed by Jamf Threat Labs in a report shared with The Hacker News, "shows that if a hacker has already infiltrated your device, they can
Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it said have come under active exploitation in the wild on older versions of its software.
The vulnerabilities, both of which reside in the WebKit web browser engine, are described below -
CVE-2023-42916 - An out-of-bounds read issue that could be exploited to
An Indian hack-for-hire group targeted the U.S., China, Myanmar, Pakistan, Kuwait, and other countries as part of a wide-ranging espionage, surveillance, and disruptive operation for over a decade.
TheΒ Appin Software SecurityΒ (aka Appin Security Group), according to an in-depth analysis from SentinelOne, began as an educational startup offering offensive security training programs, while
Urdu-speaking readers of a regional news website that caters to the Gilgit-Baltistan region have likely emerged as a target of a watering hole attack designed to deliver a previously undocumented Android spyware dubbedΒ Kamran.
The campaign, ESET hasΒ discovered, leverages Hunza News (urdu.hunzanews[.]net), which, when opened on a mobile device, prompts visitors of the Urdu version to install its
Cybersecurity researchers have shed light on a new dropper-as-a-service (DaaS) for Android calledΒ SecuriDropperΒ that bypasses new security restrictions imposed by Google and delivers the malware.
Dropper malware on Android is designed to function as a conduit to install a payload on a compromised device, making it a lucrative business model for threat actors, who can advertise the capabilities
Cybersecurity researchers have unearthed a number of WhatsApp mods for Android that come fitted with a spyware module dubbedΒ CanesSpy.
These modified versions of the instant messaging app have been observed propagated via sketchy websites advertising such modded software as well as Telegram channels used primarily by Arabic and Azerbaijani speakers, one of which boasts of two million users.
"The
Login
FreshRSS