Security
Headlines
HeadlinesLatestCVEs

Tag

#asus

NSO Group Is Back in Business With 3 New iOS Zero-Click Exploits

An investigation concludes that NSO Group was hired in 2022 to deploy Pegasus spyware against human rights workers in Mexico and other targets.

DARKReading
#vulnerability#ios#apple#microsoft#asus
Giving a Face to the Malware Proxy Service ‘Faceless’

For the past seven years, a malware-based proxy service known as "Faceless" has sold anonymity to countless cybercriminals. For less than a dollar per day, Faceless customers can route their malicious traffic through tens of thousands of compromised systems advertised on the service. In this post we'll examine clues left behind over the past decade by the proprietor of Faceless, including some that may help put a face to the name.

State-sponsored campaigns target global network infrastructure

This campaign, dubbed "Jaguar Tooth," is an example of a much broader trend of sophisticated adversaries targeting networking infrastructure to advance espionage objectives or pre-position for future destructive activity.

CVE-2023-30770

A stack-based buffer overflow vulnerability was found in the ASUSTOR Data Master (ADM) due to the lack of data size validation. An attacker can exploit this vulnerability to execute arbitrary code. Affected ADM versions include: 4.0.6.REG2, 4.1.0 and below as well as 4.2.0.RE71 and below.

Security Roundup: Leak of Top-Secret US Intel Risks a New Wave of Mass Surveillance

Plus: Hackers claim to have stolen 10 TB from Western Digital, a new spyware has emerged, and WhatsApp gets a fresh security feature.

Microsoft: NSO Group-Like 'QuaDream' Actor Selling Mobile Spyware to Governments

Researchers at Microsoft have discovered links between a threat group tracked as DEV-0196 and an Israeli private-sector company, QuaDream, that sells a platform for exfiltrating data from mobile devices.

QuaDream: Israeli Cyber Mercenary Behind iPhone Hacks

By Habiba Rashid Citizens Lab and Microsoft have exposed an Israeli firm, QuaDream, selling spyware to governments around the world. This is a post from HackRead.com Read the original post: QuaDream: Israeli Cyber Mercenary Behind iPhone Hacks

WiFi Flaws Allow Network Traffic Interception on Linux, iOS, and Android

By Deeba Ahmed The findings are to be presented at the Usenix Security Symposium. This is a post from HackRead.com Read the original post: WiFi Flaws Allow Network Traffic Interception on Linux, iOS, and Android

Google reveals spyware attack on Android, iOS, and Chrome

By Habiba Rashid Google's Threat Analysis Group (TAG) labeled the spyware campaign as limited but highly targeted. This is a post from HackRead.com Read the original post: Google reveals spyware attack on Android, iOS, and Chrome

Google: Commercial Spyware Used by Governments Laden With Zero-Day Exploits

Google TAG researchers reveal two campaigns against iOS, Android, and Chrome users that demonstrate how the commercial surveillance market is thriving despite government-imposed limits.