Security News

Predator spyware kingpins added to US sanctions list
2024-09-17 13:44

Designations come as new infrastructure spins up in Africa Five individuals and one company with ties to spyware developer Intellexa are the latest to earn sanctions as the US expands efforts to...

U.S. Treasury Sanctions Executives Linked to Intellexa Predator Spyware Operation
2024-09-17 12:06

The U.S. Department of Treasury has imposed fresh sanctions against five executives and one entity with ties to the Intellexa Consortium for their role in the development, operation, and...

US cracks down on spyware vendor Intellexa with more sanctions
2024-09-16 16:33

Today, the U.S. Department of the Treasury has sanctioned five executives and one entity linked to the Intellexa Consortium for developing and distributing Predator commercial spyware. [...]

Apple Drops Spyware Case Against NSO Group, Citing Risk of Threat Intelligence Exposure
2024-09-16 07:12

Apple has filed a motion to "voluntarily" dismiss its lawsuit against commercial spyware vendor NSO Group, citing a shifting risk landscape that could lead to exposure of critical "threat...

Predator spyware updated with dangerous new features, also now harder to track
2024-09-09 02:00

Plus: Trump family X accounts hijacked to promote crypto scam; Fog ransomware spreads; Hijacked PyPI packages; and more Infosec in brief After activating its chameleon field and going to ground...

What a coincidence. Spyware makers, Russia's Cozy Bear seem to share same exploits
2024-08-29 20:03

Google researchers note similarities, can't find smoking-gun link Google's Threat Analysis Group (TAG) has spotted an interesting pattern: A Kremlin-linked cyber-espionage crew and commercial...

Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors
2024-08-29 13:04

The Russian state-sponsored APT29 hacking group has been observed using the same iOS and Android exploits created by commercial spyware vendors in a series of cyberattacks between November 2023...

New Android Spyware LianSpy Evades Detection Using Yandex Cloud
2024-08-06 09:36

Users in Russia have been the target of a previously undocumented Android post-compromise spyware called LianSpy since at least 2021. Cybersecurity vendor Kaspersky, which discovered the malware in March 2024, noted its use of Yandex Cloud, a Russian cloud service, for command-and-control communications as a way to avoid having a dedicated infrastructure and evade detection.

New Mandrake Spyware Found in Google Play Store Apps After Two Years
2024-07-30 13:04

A new iteration of a sophisticated Android spyware called Mandrake has been discovered in five applications that were available for download from the Google Play Store and remained undetected for two years. A majority of the downloads originated from Canada, Germany, Italy, Mexico, Spain, Peru, and the U.K. "The new samples included new layers of obfuscation and evasion techniques, such as moving malicious functionality to obfuscated native libraries, using certificate pinning for C2 communications, and performing a wide array of tests to check if Mandrake was running on a rooted device or in an emulated environment," researchers Tatyana Shishkova and Igor Golovin said.

Android spyware 'Mandrake' hidden in apps on Google Play since 2022
2024-07-29 22:29

A new version of the Android spyware 'Mandrake' has been found in five applications downloaded 32,000 times from Google Play, the platform's official app store. Kaspersky now reports that a new variant of Mandrake that features better obfuscation and evasion sneaked into Google Play through five apps submitted to the store in 2022.