Tag: SPYWARE

⚡ THN Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More
Summary: Recent cyber activity highlights the subtle ways attackers gain access to systems, often exploiting overlooked vulnerabilities and misconfigurations. Major findings include active exploitation of a Windows flaw and a phishing campaign targeting crypto developers. Organizations need to be vigilant against these evolving threats and ensure prompt patching of vulnerabilities.…
Read More
Countries Shore Up Their Digital Defenses as Global Tensions Raise the Threat of Cyberwarfare
Summary: A Russian-linked cyberattack targeted municipal water plants in Texas, highlighting vulnerabilities in the U.S. public infrastructure amidst rising global tensions and a digital arms race. National security experts warn of increased cyber threats as geopolitical conflicts escalate, while concerns grow over U.S. cybersecurity measures under the Trump administration.…
Read More
The JUICYJAM operation is a state-sponsored social media harassment and doxxing campaign actively targeting Thailand’s pro-democracy movement since August 2020. Utilizing a fabricated persona to conduct online harassment, the campaign has resulted in ongoing intimidation, surveillance, and repression of dissenting voices, as evidenced by leaked documents linking its orchestration to the Royal Thai Armed Forces and Royal Thai Police.…
Read More
Advanced macOS Spyware PasivRobber
A suspicious Mach-O file named *wsus* was discovered on VirusTotal, leading researchers to uncover a suite of more than 20 binaries designed to capture data from macOS systems, specifically targeting popular applications among Chinese users. The investigation suggested ties to a Chinese organization involved in surveillance and forensic tools, prompting concerns about the software’s legitimacy and cybersecurity risks.…
Read More
Chinese firm tied to Uyghur rights abuses now training Tibet police on hacking techniques
Summary: A Chinese state-owned company, SDIC Intelligence Xiamen Information Co Ltd, is training police officers in Tibet on hacking and digital forensics, following a controversial contract. This initiative enhances local police’s surveillance capabilities against Tibetan dissidents and reflects larger trends in digital oppression. Human rights groups express concern over the implications for targeted surveillance and global digital threats.…
Read More
Sophisticated Vulnerabilities in Modern Cyberattacks
The rise in advanced cyber threats is attributed to sophisticated vulnerabilities that attackers exploit, including zero-day exploits and supply chain compromises. This trend highlights the need for organizations to enhance their defenses and embrace continuous threat exposure management (CTEM) to stay ahead of attackers. Affected: organizations, critical infrastructure, software supply chains, cloud services, end-users

Keypoints :

2023 saw a rise in zero-day exploits, with 97 reported in the wild compared to 62 in 2022.…
Read More
Judge unlikely to allow expert testimony for NSO as jury decides damages in WhatsApp case
Summary: A federal judge displayed skepticism regarding the NSO Group’s attempt to present evidence related to its spyware, Pegasus, in a WhatsApp hacking case where damages are to be determined. The judge criticized NSO for failing to disclose crucial information about the clients involved in the hacking incidents and expressed discomfort with allowing irrelevant expert testimony.…
Read More
In Other News: Scattered Spider Still Active, EncryptHub Unmasked, Rydox Extraditions
Summary: This week’s cybersecurity news roundup highlights various incidents and developments, including a Ukrainian cybercriminal’s identity revelation, alarming insights into remote access trojans, and notable data breaches in the healthcare sector. Other key updates involve the extradition of cybercrime marketplace administrators, ongoing threats from hacker groups, and recent software vulnerability disclosures.…
Read More
SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps
Summary: Cybersecurity researchers have discovered deceptive websites impersonating legitimate app stores to distribute SpyNote malware, which targets Android devices. This malware is linked to known threat actors, including state-sponsored groups, and is capable of extensive data theft and control over infected devices. Additionally, intelligence agencies have issued alerts regarding other malware threats like BadBazaar and MOONSHINE, which target specific communities for surveillance.…
Read More
Google Releases Two Android Zero-Day Fixes, Exploited in the Wild
Google has patched two critical zero-day vulnerabilities in Android, tracked as CVE-2024-53150 and CVE-2024-53197, which were actively exploited before the release of fixes. These vulnerabilities relate to the Linux kernel’s USB-audio driver, posing significant security risks as they could lead to full device compromise. Affected: Android devices, specifically versions prior to the April 2025 patch.…
Read More
Sweden arrests senior Uyghur representative on suspicion of spying for China
Summary: Swedish authorities arrested Dilshat Reshit, an ethnic Uyghur man in Stockholm, on suspicion of spying on other Uyghurs for the Chinese intelligence service. The World Uyghur Congress has called for transparency in the investigation and has removed Reshit from his position as a spokesperson. This incident highlights ongoing concerns regarding Chinese espionage targeting Uyghur communities abroad amid allegations of human rights abuses in China.…
Read More
The CyberDiplomat’s Daily Report
This report outlines various global cybersecurity incidents, including sophisticated spyware targeting Tibetan and Taiwanese communities, scrutiny over Bangladesh’s Cyber Security Act, a DDoS attack on Indonesia’s Tempo.co, and breaches in Australia’s superannuation sector. Other highlights include malware threats in various regions and ongoing efforts to enhance cybersecurity across nations.…
Read More
Wyden to block Trump’s CISA nominee until agency releases report on telecoms’ ‘negligent cybersecurity’
Summary: Oregon Senator Ron Wyden is blocking the nomination of Sean Plankey to lead the Cybersecurity and Infrastructure Security Agency (CISA) due to the agency’s refusal to release an unclassified report on security vulnerabilities at U.S. telecommunications companies. Wyden accuses CISA of a prolonged cover-up, which has significant implications for national security following recent cyber incidents.…
Read More
As spyware market continues to expand, diplomatic Pall Mall Process hits a pivot point
Summary: Participants in the Pall Mall Process, aimed at reforming the commercial hacking and spyware market, expressed concerns about securing industry buy-in amidst rising misuse of these technologies. The initiative recently published a non-binding Code of Practice signed by 21 countries, including Austria and Hungary, while notable absentees included traditional allies like Canada and Australia.…
Read More
Global Cybersecurity Agencies Warn of Spyware Targeting Uyghur, Tibetan, and Taiwanese Communities
Summary: The UK’s National Cyber Security Centre, in collaboration with cybersecurity agencies from five countries, has issued a joint advisory on two spyware variants, BADBAZAAR and MOONSHINE, which are actively targeting Uyghur, Tibetan, and Taiwanese communities. This spyware campaign seeks to monitor and intimidate these groups perceived as threats by the Chinese state.…
Read More
NCSC shares technical details of spyware targeting Uyghur, Tibetan and Taiwanese groups
Summary: The U.K.’s National Cyber Security Centre highlights the deployment of two spyware types, MOONSHINE and BADBAZAAR, targeting Uyghur, Tibetan, and Taiwanese individuals and organizations. These spyware apps can access sensitive information without the victims’ knowledge, leveraging popular platform designs to lure users. The NCSC warns at-risk populations to be vigilant regarding app usage and permissions to mitigate the risks of surveillance.…
Read More