Informations about SSL certificates and networks security
Auto Added by WPeMatico
Not a lot of details: Apple has issued a new round of threat notifications to iPhone users across 98 countries, warning them of potential mercenary spyware attacks. It’s the second such alert campaign from the company this year, following a similar notification sent to users in 92 nations in April. Powered by WPeMatico
New paper: “Zero Progress on Zero Days: How the Last Ten Years Created the Modern Spyware Market“: Abstract: Spyware makes surveillance simple. The last ten years have seen a global market emerge for ready-made software that lets governments surveil their citizens and foreign adversaries alike and to do so more easily than when such work … Read More “On the Zero-Day Market” »
When you get a push notification on your Apple or Google phone, those notifications go through Apple and Google servers. Which means that those companies can spy on them—either for their own reasons or in response to government demands. Sen. Wyden is trying to get to the bottom of this: In a statement, Apple said … Read More “Spying through Push Notifications” »
Apple has warned leaders of the opposition government in India that their phones are being spied on: Multiple top leaders of India’s opposition parties and several journalists have received a notification from Apple, saying that “Apple believes you are being targeted by state-sponsored attackers who are trying to remotely compromise the iPhone associated with your … Read More “Spyware in India” »
Amnesty International has published a comprehensive analysis of the Predator government spyware products. These technologies used to be the exclusive purview of organizations like the NSA. Now they’re available to every country on the planet—democratic, nondemocratic, authoritarian, whatever—for a price. This is the legacy of not securing the Internet when we could have. Powered by … Read More “Analysis of Intellexa’s Predator Spyware” »
Make sure you update your iPhones: Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain (dubbed BLASTPASS) to deploy NSO Group’s Pegasus commercial spyware onto fully patched iPhones. The two bugs, tracked as CVE-2023-41064 and CVE-2023-41061, allowed the attackers to infect … Read More “Zero-Click Exploit in iPhones” »
A Brazilian spyware app vendor was hacked by activists: In an undated note seen by TechCrunch, the unnamed hackers described how they found and exploited several security vulnerabilities that allowed them to compromise WebDetetive’s servers and access its user databases. By exploiting other flaws in the spyware maker’s web dashboard—used by abusers to access the … Read More “Spyware Vendor Hacked” »
Paragon Solutions is yet another Israeli spyware company. Their product is called “Graphite,” and is a lot like NSO Group’s Pegasus. And Paragon is working with what seems to be US approval: American approval, even if indirect, has been at the heart of Paragon’s strategy. The company sought a list of allied nations that the … Read More “Paragon Solutions Spyware: Graphite” »
Following a report on its activities, the Israeli spyware company QuaDream has shut down. This was QuadDream: Key Findings Based on an analysis of samples shared with us by Microsoft Threat Intelligence, we developed indicators that enabled us to identify at least five civil society victims of QuaDream’s spyware and exploits in North America, Central … Read More “Cyberweapons Manufacturer QuaDream Shuts Down” »
The New York Times is reporting that a US citizen’s phone was hacked by the Predator spyware. A U.S. and Greek national who worked on Meta’s security and trust team while based in Greece was placed under a yearlong wiretap by the Greek national intelligence service and hacked with a powerful cyberespionage tool, according to … Read More “US Citizen Hacked by Spyware” »