Security News

DOUG. Wi-Fi hacks, World Backup Day, and supply chain blunders. DUCK. Very simply put, the only backup you will ever regret is the one you did not make.

The Cybersecurity and Infrastructure Security Agency has ordered federal agencies today to patch security vulnerabilities exploited as zero-days in recent attacks to install commercial spyware on mobile devices. One month later, a complex chain of multiple 0-days and n-days was exploited to target Samsung Android phones running up-to-date Samsung Internet Browser versions.

A number of zero-day vulnerabilities that were addressed last year were exploited by commercial spyware vendors to target Android and iOS devices, Google's Threat Analysis Group has revealed. Upon clicking, the URLs redirected the recipients to web pages hosting exploits for Android or iOS, before they were redirected again to legitimate news or shipment-tracking websites.

Google's Threat Analysis Group discovered several exploit chains using Android, iOS, and Chrome zero-day and n-day vulnerabilities to install commercial spyware and malicious apps on targets' devices. The attackers targeted iOS and Android users with separate exploit chains as part of a first campaign spotted in November 2022.

U.S. President Joe Biden on Monday signed an executive order that restricts the use of commercial spyware by federal government agencies. The order said the spyware ecosystem "Poses significant counterintelligence or security risks to the United States Government or significant risks of improper use by a foreign government or foreign person."

US president Joe Biden on Monday issued an Executive Order on Prohibition on Use by the United States Government of Commercial Spyware that Poses Risks to National Security - a title that is not quite as simple it seems. The Order and explanatory statement point out that commercial spyware has been used by authoritarian regimes to target activists and journalists, has been deployed without proper authority in democracies, and poses a security risk to the US and other nations.

The New York Times is reporting that a US citizen's phone was hacked by the Predator spyware. A U.S. and Greek national who worked on Meta's security and trust team while based in Greece was placed under a yearlong wiretap by the Greek national intelligence service and hacked with a powerful cyberespionage tool, according to documents obtained by The New York Times and officials with knowledge of the case.

Apple has just released updates for all supported Macs, and for any mobile devices running the very latest versions of their respective operating systems. Apparently, tvOS recently received a product-specific functionality fix that already used up the version number 16.3.1 for Apple TVs. As we've seen before, mobile devices still using iOS 15 and iOS 12 get nothing, but whether that's because they're immune to this bug or simply that Apple hasn't got round to patching them yet.

The New York attorney general's office has announced a $410,000 fine for a stalkerware developer who used 16 companies to promote surveillance tools illegally. Patrick Hinchy, the spyware vendor, also agreed to alert his customers' victims that their phones are being secretly monitored using one of his multiple apps, including Auto Forward, Easy Spy, DDI Utilities, Highster Mobile, PhoneSpector, Surepoint, or TurboSpy.

The State Cyber Protection Centre of Ukraine has called out the Russian state-sponsored threat actor known as Gamaredon for its targeted cyber attacks on public authorities and critical information infrastructure in the country. All the analyzed VBScript droppers and PowerShell scripts, per SCPC, are variants of GammaLoad and GammaSteel malware, respectively, effectively permitting the adversary to exfiltrate sensitive information.