Security Affairs

AUGUST 28, 2022

Leaked documents show the surveillance firm Intellexa offering exploits for iOS and Android devices for $8 Million. The leaked documentation demonstrates that the company offers services for remote data extraction from Android and iOS devices. The exploits should work against the Android 12 update and iOS 15.4.1,

IT 129

IT Security Information Security 129

Threatpost

AUGUST 5, 2019

Buffer overflows, race conditions, use-after-free and more account for more than half of all vulnerabilities in the Android platform.

Security 57

Security 57

Security Affairs

SEPTEMBER 22, 2023

Citizen Lab and Google’s TAG revealed that the three recently patched Apple zero-days were used to install Cytrox Predator spyware. citizenlab in coordination with @Google ’s TAG team found that former Egyptian MP Ahmed Eltantawy was targeted with Cytrox’s #Predator #spyware through links sent via SMS and WhatsApp. .

Security 113

Security Risk Government IT 113

Security Affairs

JUNE 7, 2023

June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The June 2023 Android Security Bulletin provides details about the fix for more than fifty vulnerabilities affecting Android devices.

Security 96

Security Cybersecurity Access IT 96

Dark Reading

MAY 23, 2022

An analysis from Google TAG shows that Android zero-day exploits were packaged and sold for state-backed surveillance.

Government 89

Government 89

Security Affairs

JULY 30, 2023

The popular Threat Analysis Group (TAG) Maddie Stone wrote Google’s fourth annual year-in-review of zero-day flaws exploited in-the-wild [ 2021 , 2020 , 2019 ], it is built off of the mid-year 2022 review. ” reads the report published by Google TAG. In 2021 the number of zero-days discovered by the researchers were 69 detected.

IT 96

IT Security Information Security 96

Security Affairs

JANUARY 12, 2021

Google Project Zero researchers uncovered a sophisticated hacking campaign that targeted Windows and Android users. While partnering with the Google Threat Analysis Group (TAG), the experts discovered a watering hole attack in Q1 2020 that was carried out by a highly sophisticated actor.

Security 119

Security Access IT Information Security 119

Security Affairs

MAY 29, 2023

Cisco Talos and the Citizen Lab researchers have published a technical analysis of the powerful Android spyware Predator. Security researchers at Cisco Talos and the Citizen Lab have shared technical details about a commercial Android spyware named Predator that is sold by the surveillance firm Intellexa (formerly known as Cytrox).

IT 98

IT Communications Access Manufacturing 98

Security Affairs

FEBRUARY 25, 2024

Iran Crisis Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign U.S.

Military 107

Military Security Ransomware Insurance 107

Security Affairs

DECEMBER 1, 2023

It serves as the graphics engine for Google Chrome and ChromeOS, Android, Flutter, and many other products. The fact that the issue was discovered by Google TAG suggests it was exploited by a nation-state actor or by a surveillance firm.

IT 104

IT Libraries Cybersecurity Passwords 104

Security Affairs

NOVEMBER 9, 2022

“This in-the-wild exploit chain is a great example of different attack surfaces and “shape” than many of the Android exploits we’ve seen in the past. The TAG team only obtained a partial exploit chain for Samsung phones that were likely in the testing phase. ” reads the advisory published by Google Project Zero.

Manufacturing 113

Manufacturing Access IT Security 113

Security Affairs

APRIL 15, 2023

A new Android malware named Goldoson was distributed through 60 legitimate apps on the official Google Play store. “The tags such as ‘ads_enable’ or ‘collect_enable’ indicates each functionality to work or not while other parameters define conditions and availability.”

Libraries 98

Libraries Data collection Education Security 98

Security Affairs

APRIL 1, 2023

Google TAG shared indicators of compromise (IoCs) for both campaigns. The experts pointed out that both campaigns were limited and highly targeted. The threat actors behind the attacks used both zero-day and n-day exploits in their exploits. The threat actors behind the attacks used both zero-day and n-day exploits in their exploits.

Cybersecurity 93

Cybersecurity Education Risk Security 93

Security Affairs

JUNE 6, 2019

for Windows, Mac, Linux, and Android. for Windows, Mac, Linux, and Android, the new version of the popular anonymizing browser. for Windows, Mac, Linux, and Android appeared first on Security Affairs. A new version of the popular Tor Browser was released by the Tor Project, it is Tor Browser 8.5.1 Pierluigi Paganini.

Security 93

Security IT Information Security Privacy 93

Security Affairs

APRIL 9, 2024

“In particular, neither switching to a memory safe language , such as Rust, nor using current or future hardware memory safety features, such as memory tagging , can help with the security challenges faced by V8 today.” .” reads the announcement. ” concludes the announcement.

Access 120

Access IT Security Information Security 120

Security Affairs

NOVEMBER 29, 2023

It serves as the graphics engine for Google Chrome and ChromeOS, Android, Flutter, and many other products. The fact that the issue was discovered by Google TAG suggests it was exploited by a nation-state actor or by a surveillance firm. “The Stable channel has been updated to 119.0.6045.199 for Mac and Linux and 119.0.6045.199/.200

Libraries 120

Libraries Security Access IT 120

Security Affairs

OCTOBER 31, 2022

The apps masqueraded as security authenticators or file recovery tools and deliver a novel variant of Vultur Android Banking malware. “Android offers a way to tag the content of the window as secure, by using the “FLAG_SECURE” , which prevents it “from appearing in screenshots or from being viewed on non-secure displays”. .”

Authentication 95

Authentication Security IT Information Security 95

eSecurity Planet

OCTOBER 9, 2023

Among the issues in the last week, Android and Arm faced actively exploited vulnerabilities in GPU drivers. Researchers from Google’s Threat Analysis Group (TAG) and Project Zero uncovered the weakness, which is connected to unauthorized access to freed memory, possibly allowing attackers to corrupt or change sensitive data.

Libraries 89

Libraries Ransomware Access Security 89

Threatpost

JUNE 3, 2019

Researchers use malicious NFC tags and booby-trapped physical surfaces to connect Android devices to malicious wireless networks.

Communications 76

Communications Security 76

Security Affairs

SEPTEMBER 4, 2019

Zero-day broker Zerodium has updated the price list for both Android and iOS exploits, with Android ones having surpassed the iOS ones for the first time. For the first time, the price for Android exploits is higher than the iOS ones, this is what has emerged from the updated price list published by the zero-day broker Zerodium.

Marketing 95

Marketing Security IT 95

Krebs on Security

NOVEMBER 28, 2022

But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan , malware designed to surreptitiously intercept and forward text messages from Android mobile devices. Pushwoosh employees posing at a company laser tag event. Pushwoosh says it is a U.S.

Government 228

Government Risk IT Marketing 228

Security Affairs

OCTOBER 3, 2021

If you want to also receive for free the international press subscribe here. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Security 52

Security Data breaches Information Security Risk 52

Threatpost

SEPTEMBER 4, 2019

million price tag for a zero-click 0-day in Android. Exploit broker Zerodium has implemented a $2.5

Marketing 63

Marketing 63

Security Affairs

JANUARY 21, 2024

CISA warns of actively exploited Ivanti EPMM flaw CVE-2023-35082 The Quantum Computing Cryptopocalypse – I’ll Know It When I See It Kansas State University suffered a serious cybersecurity incident CISA adds Chrome and Citrix NetScaler to its Known Exploited Vulnerabilities catalog Google TAG warns that Russian COLDRIVER APT is using a custom backdoor (..)

Security 109

Security e-Discovery Artificial Intelligence Ransomware 109

Security Affairs

JUNE 26, 2022

SecurityAffairs awarded as Best European Personal Cybersecurity Blog 2022 Crooks are using RIG Exploit Kit to push Dridex instead of Raccoon stealer Flagstar Bank discloses a data breach that impacted 1.5

Security 92

Security Data breaches Phishing Ransomware 92

Security Affairs

AUGUST 6, 2023

Pro-Russian hackers claim attacks on Italian banks Hacktivists fund their operations using common cybercrime tactics Bitfinex Hacker and Wife Plead Guilty to Money Laundering Conspiracy Involving Billions in Cryptocurrency A cyberattack has disrupted hospitals and health care in several states FBI warns of scammers posing as NFT devs to steal your (..)

Security 91

Security Military Phishing Sales 91

Gimmal

MARCH 4, 2022

With Gimmal Physical’s PortableConnect, wireless scanning of barcodes and RFID tags just got easier. PortableConnect runs on the new TC52 Zebra device, using Android 11. We are pleased to announce the release of the new PortableConnect for Gimmal Physical.

52

52

Schneier on Security

SEPTEMBER 3, 2019

Earlier this year Google's Threat Analysis Group (TAG) discovered a small collection of hacked websites. TAG was able to collect five separate, complete and unique iPhone exploit chains, covering almost every version from iOS 10 through to the latest version of iOS 12. The vulnerabilities were patched in iOS 12.1.4,

Government 90

Government IT 90

Security Affairs

JULY 15, 2023

Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromise The source code of the BlackLotus UEFI Bootkit was leaked on GitHub US CISA warns of Rockwell Automation ControlLogix flaws Indexing Over 15 Million WordPress Websites with PWNPress New AVrecon botnet remained under the radar for two (..)

Security 98

Security Data breaches Government Analytics 98

Security Affairs

JUNE 23, 2019

Security researcher from F5 Networks that released more details and proof-of-concept for the recently addressed flaw in Outlook for Android. Microsoft has recently addressed an important vulnerability, tracked as CVE-2019-1105, in Outlook for Android, that potentially affected over 100 million users. ” explained the expert.

Mining 70

Mining Access Authentication Security 70

Security Affairs

SEPTEMBER 8, 2019

The campaign tag “ The spyware also automatically signs up victims for premium service subscriptions for various advertisements, the malware is able to automate the necessary interaction with the premium offer’s webpage, including intercepting the SMS containing the confirmation code. The C&C URL 6.

Encryption 105

Encryption Security IT Information Security 105

Security Affairs

FEBRUARY 9, 2021

Microsoft February 2021 Patch Tuesday security updates address 56 CVEs in multiple products, including Windows components,NET Framework, Azure IoT, Azure Kubernetes Service, Microsoft Edge for Android, Exchange Server, Office and Office Services and Web Apps, Skype for Business and Lync, and Windows Defender.

IoT 99

IoT Libraries Encryption Security 99

Security Affairs

JANUARY 9, 2019

The tech giant also fixed a vulnerability in Skype for Android ( CVE-2019-0622 ) that could have allowed a local attacker with physical access to an Android device to bypass the lock screen and potentially expose victim’s data. Tag CVE ID CVE Title.NET Framework CVE-2019-0545.NET

Authentication 82

Authentication Security Cybersecurity Access 82

John Battelle's Searchblog

JANUARY 13, 2014

Today comes the news that Google is buying Nest , a move that, upon reflection, should have been obvious (the price tag of more than $3 billion, not so obvious!). The post Google Buys Nest appeared first on John Battelle's Search Blog.

Marketing 108

Marketing IT 108

Security Affairs

FEBRUARY 14, 2019

The fixes address flaw in the following SAP products: Business Client, HANA XSA, ABAP Platform (SLD Registration), Disclosure Management, Solution Tools Plug-In (ST-PI), Note Assistant, Business Objects, Manufacturing Integration and Intelligence, Business One Mobile Android App, and WebIntelligence BILaunchPad (Enterprise).

Security 78

Security Manufacturing Authentication Access 78

Security Affairs

MAY 23, 2022

Google’s Threat Analysis Group (TAG) uncovered campaigns targeting Android users with five zero-day vulnerabilities. Google’s Threat Analysis Group (TAG) researchers discovered three campaigns, between August and October 2021, targeting Android users with five zero-day vulnerabilities.

Government 137

Government Cybersecurity Security IT 137

Information Matters

NOVEMBER 30, 2017

However, as an Android owner and long-time Gmail user for personal email I have stuck to Google Calendar as my primary organising tool. It works very well across apps on iOS and Android as well as web browsers. So after many hundreds of hours of experimenting here is what I am currently using.

Paper 40

Paper IT Cloud Access 40