Experts found a macOS version of the sophisticated LightSpy spyware

Microsoft fixed two zero-day bugs exploited in malware attacks.
HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks.
BianLian group exploits JetBrains TeamCity bugs in ransomware attacks.
Experts released PoC exploit for critical Progress Software OpenEdge bug.
Five Eyes alliance warns of attacks exploiting known Ivanti Gateway flaws.
CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks.
Multiple malware used in attacks exploiting Ivanti VPN flaws.
Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204.
Russia-linked APT29 group exploited WinRAR 0day in attacks against embassies.
Critical Confluence flaw exploited in ransomware attacks.
Experts released PoC exploit code for Cisco IOS XE flaw CVE-2023-20198.
iLeakage attack exploits Safari to steal data from Apple devices.
Winter Vivern APT exploited zero-day in Roundcube webmail software in recent attacks.
Experts released PoC exploit code for VMware Aria Operations for Logs flaw.
CISA adds Adobe Acrobat Reader flaw to its Known Exploited Vulnerabilities catalog.
Multiple experts released exploits for Linux local privilege escalation flaw Looney Tunables.
Apple fixed the 17th zero-day flaw exploited in attacks.
Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks.
Recently patched Apple and Chrome zero-days exploited to infect devices in Egypt with Predator spyware.
Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks.


This Cyber News was published on securityaffairs.com. Publication date: Thu, 30 May 2024 19:43:06 +0000


Cyber News related to Experts found a macOS version of the sophisticated LightSpy spyware

Citizen Lab details ongoing battle against spyware vendors - Citizen Lab senior researcher Bill Marczak said that while the organization has achieved some important wins against spyware proliferation, the progress is inevitably hindered by vendors that continually adapt their technologies and practices. The ...
4 months ago Techtarget.com
Spyware isn't going anywhere, and neither are its tactics - The illegal use of spyware to target high-profile or at-risk individuals is a global problem, as highlighted by this article from The Register that Talos' Nick Biasini just contributed to. As we've written about, many Private Sector Offensive Actors ...
4 months ago Blog.talosintelligence.com
Intellexa and Cytrox: From fixer-upper to Intel Agency-grade spyware - Cisco Talos has a new, in-depth analysis of timelines, operating paradigms and procedures adopted by spyware vendor Intellexa. Talos' analysis revealed that rebooting an iOS or Android device may not always remove the Predator spyware produced by ...
5 months ago Blog.talosintelligence.com
US Uses Visa Restrictions in Struggle Against Spyware - The United States will impose visa restrictions on foreign individuals who have been involving the misuse of spyware, the latest effort by the Biden Administration to address the dangers of the commercial software that often is used by governments ...
4 months ago Securityboulevard.com
Intellexa Spyware Adds Persistence with iOS or Android Device - In the shadowy realm of commercial spyware, the spotlight turns to the notorious Intellexa spyware and its Predator/Alien solution, as dissected by Cisco Talos in their comprehensive May 2023 report. This expose navigates the labyrinthine intricacies ...
5 months ago Gbhackers.com
Is Your Organization Infected by Mobile Spyware? - The surge in mobile device usage within organizations has inevitably opened the floodgates to a new kind of cyber threat-mobile spyware. The growing dependence on mobile technology has made it imperative for organizations to recognize and mitigate ...
5 months ago Blog.checkpoint.com
What is Spyware? How It Works and How to Protect Yourself Against It - Spyware is a type of malicious software that is designed to collect sensitive data from victims without their knowledge or consent. It is typically installed on computers without the user’s knowledge or consent, and collects sensitive information ...
1 year ago Heimdalsecurity.com
Kaspersky Details Method for Detecting Spyware in iOS - Researchers with cybersecurity firm Kaspersky are detailing a lightweight method for detecting the presence of spyware, including The NSO Group's notorious Pegasus software, in Apple iOS devices. The new method, which calls for looking for traces of ...
4 months ago Securityboulevard.com
U.S. rolls out visa restriction policy on people who misuse spyware to target journalists, activists - WASHINGTON - The Biden administration announced Monday it is rolling out a new policy that will allow it to impose visa restrictions on foreign individuals involved in the misuse of commercial spyware. The administration's policy will apply to people ...
4 months ago Pbs.org
Google says spyware vendors behind most zero-days it discovers - Commercial spyware vendors were behind 80% of the zero-day vulnerabilities Google's Threat Analysis Group discovered in 2023 and used to spy on devices worldwide. Zero-day vulnerabilities are security flaws the vendors of impacted software do not ...
4 months ago Bleepingcomputer.com
US to Roll Out Visa Restrictions on People Who Misuse Spyware to Target Journalists, Activists - The Biden administration announced Monday it is rolling out a new policy that will allow it to impose visa restrictions on foreign individuals involved in the misuse of commercial spyware. The administration's policy will apply to people who've been ...
4 months ago Securityweek.com
US announces visa ban on those linked to commercial spyware - Secretary of State Antony J. Blinken announced today a new visa restriction policy that will enable the Department of State to ban those linked to commercial spyware from entering the United States. As part of this effort, the Biden Administration ...
4 months ago Bleepingcomputer.com
Experts found a macOS version of the sophisticated LightSpy spyware - Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. BianLian group exploits JetBrains TeamCity bugs in ransomware attacks. Experts released PoC exploit for critical ...
2 weeks ago Securityaffairs.com
New Android Spyware Employs Tactics to Deceive Malware Analyst - In the dynamic realm of mobile application security, cybercriminals employ ever more sophisticated forms of malware, with code obfuscation standing out as a deceptive technique. This method intentionally distorts code elements, rendering them ...
6 months ago Cybersecuritynews.com
Vendor Penalized by New York Attorney General for Advertising Unlawful Spyware - The New York Office of the Attorney General has taken action against Patrick Hinchy and the 16 companies he owns for illegally selling and promoting spyware. Since 2011, Hinchy has been running these companies, which offer spyware for Android and iOS ...
1 year ago Securityweek.com
Meta Disrupts 8 Spyware Firms, 3 Fake News Networks - Meta has identified and interrupted six spyware networks linked to eight companies in Italy, Spain, and the United Arab Emirates, as well as three fake news operations from China, Myanmar, and Ukraine. It outlines how fake news operations - ...
3 months ago Darkreading.com
Sophisticated macOS Infostealers Get Past Apple's Built-In Detection - Increasingly sophisticated infostealers are targeting macOS with the capability to evade Apple's built-in malware protection, as attackers are becoming more savvy about how to crack static signature-detection engines like the platform's proprietary ...
4 months ago Darkreading.com
CVE-2017-2171 - Cross-site scripting vulnerability in Captcha prior to version 4.3.0, Car Rental prior to version 1.0.5, Contact Form Multi prior to version 1.2.1, Contact Form prior to version 4.0.6, Contact Form to DB prior to version 1.5.7, Custom Admin Page ...
7 years ago
Pegasus Spyware Targets Jordanian Civil Society in Wide-Ranging Attacks - Journalists, lawyers, and human-rights activists in the Middle Eastern nation of Jordan face increased surveillance from the controversial Pegasus spyware app, with nearly three dozen civilians targeted over the past four years. According to an ...
4 months ago Darkreading.com
Intellexa: Irish-linked spyware used in 'brazen attacks' - The Irish government is set to investigate a digital surveillance alliance that has been accused of letting its smartphone spyware "Run wild across the world", BBC News NI understands. It comes after Intellexa Limited and its parent company ...
6 months ago Bbc.com
ESET Threat Report: ChatGPT Name Abuses, Lumma Stealer Malware Increases, Android SpinOk SDK Spyware's Prevalence - Cybersecurity company ESET released its H2 2023 threat report, and we're highlighting three particularly interesting topics in it: the abuse of the ChatGPT name by cybercriminals, the rise of the Lumma Stealer malware and the Android SpinOk SDK ...
5 months ago Techrepublic.com
Apple Warns Users Targeted by Mercenary Spyware - Apple this week updated its spyware threat notification system to alert and assist users it identifies as targeted by mercenary spyware attacks. To date, Apple has spotted and alerted users in more than 150 countries that they were targeted in these ...
2 months ago Darkreading.com
Critics of Putin and his allies targeted with spyware inside the EU - At least seven journalists and activists who have been vocal critics of the Kremlin and its allies have been targeted inside the EU by a state using Pegasus, the hacking spyware made by Israel's NSO Group, according to a new report by security ...
2 weeks ago Packetstormsecurity.com
New Tool Identifies Pegasus and Other iOS Spyware - Kaspersky's Global Research and Analysis Team has unveiled a new, lightweight method to detect sophisticated iOS spyware, including notorious threats like Pegasus, Reign and Predator. Writing in an advisory published today, the researchers said they ...
4 months ago Infosecurity-magazine.com
New Cuckoo Malware Targeting macOS Users to Steal Sensitive Data - Cybersecurity experts have identified a new information stealer targeting Apple macOS computers that is intended to establish persistence on compromised hosts and function as spyware. Kandji's malware, dubbed Cuckoo, is a universal Mach-O binary that ...
1 month ago Cysecurity.news

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)