Pierluigi Paganini
September 14, 2023
The iPhone of a prominent Russian journalist, who is at odds with Moscow, was infected with NSO Group’s Pegasus spyware. The iPhone of the Russian journalist Galina Timchenko was compromised with NSO Group’s Pegasus spyware. A joint investigation conducted by Access Now and the Citizen Lab revealed that the journalist, who is at odds with the Russian government, […]
Pierluigi Paganini
September 11, 2023
Evil Telegram: a Trojanized version of the Telegram app was spotted on the Google Play Store, Kaspersky researchers reported. Researchers from Kaspersky discovered several Telegram mods on the Google Play Store that contained spyware, the campaign was tracked as Evil Telegram. One of the apps was downloaded more than ten million times before it was […]
Pierluigi Paganini
September 08, 2023
Citizen Lab reported that the actively exploited zero-days fixed by Apple are being used in Pegasus spyware attacks Researchers at Citizen Lab reported that the actively exploited zero-day flaws (CVE-2023-41064 and CVE-2023-41061) fixed by Apple are being used to infect devices with NSO Groupâs Pegasus spyware. According to the researchers, the two vulnerabilities were chained […]
Pierluigi Paganini
August 30, 2023
China-linked APT group GREF is behind a malware campaign distributing spyware via trojanized Signal and Telegram apps on Google Play ESET researchers uncovered a cyberespionage campaign carried out by the China-linked APT group known as GREF that is distributing spyware via trojanized Signal and Telegram apps on Google Play and Samsung Galaxy stores. The malware […]
Pierluigi Paganini
August 21, 2023
White hat hackers at the recent hacking conference Def Con demonstrated how to spoof an Apple device and trick users into sharing their sensitive data. At the recent Def Con hacking conference, white hat hackers demonstrated how to spoof an Apple device and trick users into sharing their sensitive data. As reported by Techcrunch, attendees […]
Pierluigi Paganini
August 19, 2023
Threat actors are using Android Package (APK) files with unsupported compression methods to prevent malware analysis. On June 28th, researchers from Zimperium zLab researchers observed that Joe Sandbox announced the availability of an Android APK that could not be analyzed from most of the anti-decompilation tools. The APT could be installed on Android devices running […]
Pierluigi Paganini
August 17, 2023
Researchers detailed a new exploit for Apple iOS 16 that can allow attackers to gain access to a device even when the victim believes it is in Airplane Mode. Jamf Threat Labs researchers developed a post-exploit persistence technique on iOS 16 that trick victims into believing that the device is in functional Airplane Mode. In […]
Pierluigi Paganini
August 08, 2023
Experts found 43 Android apps in Google Play with 2.5 million installs that displayed advertisements while a phone’s screen was off. Recently, researchers from McAfeeâs Mobile Research Team discovered 43 Android apps in Google Play with 2.5 million installs that loaded advertisements while a phone’s screen was off. The experts pointed out that this behavior […]
Pierluigi Paganini
August 04, 2023
Threat actors rely on the ‘versioning’ technique to evade malware detections of malicious code uploaded to the Google Play Store. Google Cybersecurity Action Team (GCAT) revealed that threat actors are using a technique called versioning to evade malware detection implemented to detect malicious code uploaded to the Google Play Store. The technique is not new […]
Pierluigi Paganini
July 20, 2023
China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. The APT41 group, aka Winnti, Axiom, Barium, Blackfly, HOODOO) is a China-linked cyberespionage group that has been active since at least 2007. Researchers at cybersecurity firm […]
