Lucene search
+L

197 matches found

Wired Threat Level
Wired Threat Level
added 2024/01/24 12:0 p.m.19 views

Notorious Spyware Maker NSO Group Is Quietly Plotting a Comeback

NSO Group, creator of the infamous Pegasus spyware, is spending millions on lobbying in Washington while taking advantage of the crisis in Gaza to paint itself as essential for global security...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/17 10:22 a.m.40 views

New iShutdown Method Exposes Hidden Spyware Like Pegasus on Your iPhone

Cybersecurity researchers have identified a "lightweight method" called iShutdown for reliably identifying signs of spyware on Apple iOS devices, including notorious threats like NSO Group's Pegasus, QuaDream's Reign, and Intellexa's Predator. Kaspersky, which analyzed a set of iPhones that were...

6.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/09/22 5:45 p.m.38 views

Emergency update! Apple patches three zero-days

Apple has released security updates for several products to address a handful of zero-day vulnerabilities that may already have been used by criminals. Updates are available for: iOS 16.7 and iPadOS 16.7 iOS 17.0.1 and iPadOS 17.0.1 watchOS 9.6.3 watchOS 10.0.1 macOS Ventura 13.6 macOS Monterey...

7.5CVSS7.1AI score0.29179EPSS
Exploits3
The Hacker News
The Hacker News
added 2023/09/14 8:51 a.m.21 views

Russian Journalist's iPhone Compromised by NSO Group's Zero-Click Spyware

The iPhone belonging to Galina Timchenko, a prominent Russian journalist and critic of the government, was compromised with NSO Group's Pegasus spyware, a new collaborative investigation from Access Now and the Citizen Lab has revealed. The infiltration is said to have happened on or around...

6.3AI score
Exploits0
Schneier on Security
Schneier on Security
added 2023/09/13 11:13 a.m.75 views

Zero-Click Exploit in iPhones

Make sure you update your iPhones: Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain dubbed BLASTPASS to deploy NSO Groups Pegasus commercial spyware onto fully patched iPhones. The two bugs, tracked as...

4.4CVSS6.6AI score0.15263EPSS
Exploits2
Krebs on Security
Krebs on Security
added 2023/09/12 10:36 p.m.64 views

Adobe, Apple, Google & Microsoft Patch 0-Day Bugs

Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe, Google Chrome and Apple iOS users may have their own zero-day patching to do. On...

6.8CVSS7.7AI score0.99735EPSS
Exploits14
Malwarebytes
Malwarebytes
added 2023/09/12 5:0 a.m.47 views

Update Chrome now! Google patches critical vulnerability being exploited in the wild

Google has released an update for Chrome Desktop which includes one critical security fix. There is an active exploit for the patched vulnerability, according to Google, which means cybercriminals are aware of the vulnerability and are using it. If youre a Chrome user on Windows, Mac, or Linux, y...

6.8CVSS10AI score0.99735EPSS
Exploits10
Wired Threat Level
Wired Threat Level
added 2023/09/09 1:0 p.m.17 views

Mozilla: Your New Car Is a Data Privacy Nightmare

Plus: Apple patches newly discovered flaws exploited by NSO Group spyware, North Korean hackers target security researchers, and more...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/08 11:27 a.m.81 views

Apple Rushes to Patch Zero-Day Flaws Exploited for Pegasus Spyware on iPhones

Apple on Thursday released emergency security updates for iOS, iPadOS, macOS, and watchOS to address two zero-day flaws that have been exploited in the wild to deliver NSO Group's Pegasus mercenary spyware. The issues are described as below - CVE-2023-41061 - A validation issue in Wallet that...

7.8CVSS7.9AI score0.15263EPSS
Exploits3
Talos Blog
Talos Blog
added 2023/07/06 12:0 p.m.16 views

The growth of commercial spyware based intelligence providers without legal or ethical supervision

Attackers have long used commercial products developed by legitimate companies to compromise targeted devices. These products are known as commercial spyware. Commercial spyware operations mainly target mobile platforms with zero- or one-click zero-day exploits to deliver spyware. This threat...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2023/06/08 11:30 a.m.162 views

Paragon Solutions Spyware: Graphite

Paragon Solutions is yet another Israeli spyware company. Their product is called "Graphite," and is a lot like NSO Groups Pegasus. And Paragon is working with what seems to be US approval: American approval, even if indirect, has been at the heart of Paragons strategy. The company sought a list ...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/26 12:39 p.m.29 views

Predator Android Spyware: Researchers Uncover New Data Theft Capabilities

Security researchers have detailed the inner workings of the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa previously Cytrox. Predator was first documented by Google's Threat Analysis Group TAG in May 2022 as part of attacks leveraging five differe...

7.9AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2023/04/22 1:0 p.m.14 views

Criminals Are Using Tiny Devices to Hack and Steal Cars

Apple thwarts NSO’s spyware, the rise of a GPT-4 black market, Russia targets Starlink internet connections, and more...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/21 3:0 a.m.27 views

iOS Lockdown Mode effective against NSO zero-click exploit

Apples Lockdown Mode feature alerted a victim to one of the latest NSO exploits, according to a report by Citizen Lab. image courtesy of Citizen Lab This is a huge deal since it shows how useful Lockdown Mode can be, even against exploits developed by one of the worlds most notorious commercial...

6.4AI score
Exploits0
Schneier on Security
Schneier on Security
added 2023/04/20 10:47 a.m.19 views

New Zero-Click Exploits against iOS

Citizen Lab has identified three zero-click exploits against iOS 15 and 16. These were used by NSO Groups Pegasus spyware in 2022, and deployed by Mexico against human rights defenders. These vulnerabilities have all been patched. One interesting bit is that Apples Lockdown Mode part of iOS 16...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/20 10:11 a.m.3 views

NSO Group Used 3 Zero-Click iPhone Exploits Against Human Rights Defenders

Israeli spyware maker NSO Group deployed at least three novel "zero-click" exploits against iPhones in 2022 to infiltrate defenses erected by Apple and deploy Pegasus, according to the latest findings from Citizen Lab. "NSO Group customers widely deployed at least three iOS 15 and iOS 16 zero-cli...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/20 10:11 a.m.37 views

NSO Group Used 3 Zero-Click iPhone Exploits Against Human Rights Defenders

Israeli spyware maker NSO Group deployed at least three novel "zero-click" exploits against iPhones in 2022 to infiltrate defenses erected by Apple and deploy Pegasus, according to the latest findings from Citizen Lab. "NSO Group customers widely deployed at least three iOS 15 and iOS 16 zero-cli...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/17 4:32 p.m.34 views

Israeli Spyware Vendor QuaDream to Shut Down Following Citizen Lab and Microsoft Expose

Israeli spyware vendor QuaDream is allegedly shutting down its operations in the coming days, less than a week after its hacking toolset was exposed by Citizen Lab and Microsoft. The development was reported by the Israeli business newspaper Calcalist, citing unnamed sources, adding the company...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/22 12:56 p.m.93 views

Apple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac Devices

Apple has revised the security advisories it released last month to include three new vulnerabilities impacting iOS, iPadOS, and macOS. The first flaw is a race condition in the Crash Reporter component CVE-2023-23520 that could enable a malicious actor to read arbitrary files as root. The iPhone...

0.6AI score0.01751EPSS
Exploits0
OSV
OSV
added 2023/01/20 7:15 a.m.6 views

CVE-2023-20040

A vulnerability in the NETCONF service of Cisco Network Services Orchestrator NSO could allow an authenticated, remote attacker to cause a denial of service DoS on an affected system that is running as the root user. To exploit this vulnerability, the attacker must be a member of the admin group...

5.5CVSS6.2AI score0.01242EPSS
Exploits0References1
Rows per page
Query Builder