Security News

In 2023, 50% of malware detections for SMBs were keyloggers, spyware and stealers, malware that attackers use to steal data and credentials, according to Sophos. "The value of 'data,' as currency has increased exponentially among cybercriminals, and this is particularly true for SMBs, which tend to use one service or software application, per function, for their entire operation. For example, let's say attackers deploy an infostealer on their target's network to steal credentials and then get hold of the password for the company's accounting software. Attackers could then gain access to the targeted company's financials and have the ability to funnel funds into their own accounts," said Christopher Budd, director of Sophos X-Ops research at Sophos.

The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two individuals and five entities associated with the Intellexa Alliance for their role in “developing,...

The U.S. has imposed sanctions on two individuals and five entities linked to the development and distribution of the Predator commercial spyware used to target Americans, including government officials and journalists. "Today, the Department of the Treasury's Office of Foreign Assets Control designated two individuals and five entities associated with the Intellexa Consortium for their role in developing, operating, and distributing commercial spyware technology used to target Americans, including U.S. government officials, journalists, and policy experts," reads a press release by the Office of Foreign Assets Control.

A U.S. judge has ordered NSO Group to hand over its source code for Pegasus and other products to Meta as part of the social media giant's ongoing litigation against the Israeli spyware vendor....

NSO Group, the Israel-based maker of super-charged snoopware Pegasus, has been ordered by a federal judge in California to share the source code for "All relevant spyware" with Meta's WhatsApp. The order [PDF] from Judge Phyllis Hamilton follows from WhatsApp's 2019 lawsuit [PDF] against NSO for allegedly spying on 1,400 WhatsApp users.

Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the...

Google is currently tracking more than 40 CSVs, most of which are highly technical with the ability to develop spyware and zero-day exploits to compromise their targets, particularly on Android and iOS devices. Read details about what CSVs target, how spyware is used, CSVs' harmful impact on individuals and society and how businesses can mitigate these cybersecurity threats.

In a report published on Tuesday, Google TAG named eleven commercial spyware vendors and their products - some of them more and some less known. Apart from commercial surveillance vendors and private sector offensive actors, other actors on the spyware market include vulnerability researchers and exploit developers, government customers, and brokers that act as intermediaries between these groups.

A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to curb the abuse...

The commercial spyware economy - despite government and big tech's efforts to crack down - appears to be booming. The US government added commercial spyware makers Intellexa and Cytrox to its Entity List, after placing similar export restrictions on NSO Group in 2021.