Serbian government used Cellebrite to unlock phones, install spyware
Serbian police and intelligence officers used Cellebrite forensic extraction software to unlock journalists’ and activists’ phones and install previously unknown …
How widespread is mercenary spyware? More than you think
A targeted hunt on 2,500 mobile devices for indicators of compromise associated with mercenary spyware has revealed that its use is not as rare as one would hope. The results …
GuardZoo spyware used by Houthis to target military personnel
Lookout discovered GuardZoo, Android spyware targeting Middle Eastern military personnel. This campaign leverages malicious apps with military and religious themes to lure …
Zero-day exploitation surged in 2023, Google finds
2023 saw attackers increasingly focusing on the discovery and exploitation of zero-day vulnerabilities in third-party libraries (libvpx, ImagelO) and drivers (Mali GPU, …
The fight against commercial spyware misuse is heating up
Though there are organizations out there investigating how commercial spyware is misused to target journalists, human rights defenders and dissidents, the growing market …
Kaspersky releases utility to detect iOS spyware infections
Kaspersky’s researchers have developed a lightweight method to detect indicators of infection from sophisticated iOS spyware such as NSO Group’s Pegasus, …
Apple fixes 3 zero-day vulnerabilities exploited to compromise iPhones
Apple has released updates for iOS and iPadOS, macOS, watchOS, and Safari to fix three zero-day vulnerabilities (CVE-2023-41992, CVE-2023-41991, CVE-2023-41993) exploited …
Email forwarding flaws enable attackers to impersonate high-profile domains
Sending an email with a forged address is easier than previously thought, due to flaws in the process that allows email forwarding, according to a research team led by …
Apple patches two zero-days under attack (CVE-2023-41064, CVE-2023-41061)
Apple has patched two zero-day vulnerabilities (CVE-2023-41064, CVE-2023-41061) exploited to deliver NSO Group’s Pegasus spyware. “The exploit chain was capable of …
Apple fixes zero-day vulnerabilities used to covertly deliver spyware (CVE-2023-32435)
Apple has released patches for three zero-day vulnerabilities (CVE-2023-32434, CVE-2023-32435, CVE-2023-32439) exploited in the wild. The first two have been reported by …
Apple previews Lockdown Mode to protect users from targeted spyware
In this Help Net Security video, you’ll learn more about Lockdown Mode, a security capability from Apple that offers specialized additional protection to users who may …
FluBot takedown: Law enforcement takes control of Android spyware’s infrastructure
An international law enforcement operation involving 11 countries has disrupted the spreading of the FluBot Android malware, which spreads via SMS and MMS and steals sensitive …