Tag: mobile
-
ZeroDayRAT spyware grants attackers total access to mobile devices
ZeroDayRAT is a commercial mobile spyware that grants full remote access to Android and iOS devices for spying and data theft. ZeroDayRAT is a newly discovered commercial mobile spyware toolkit that gives attackers full control over Android and iOS devices. It supports live camera access, keylogging, and theft of banking and crypto data. First spotted…
-
New Mobile Spyware ZeroDayRAT Targets Android and iOS
ZeroDayRAT is a new mobile spyware targeting Android and iOS, offering attackers persistent access First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/zerodayrat-mobile-spyware-android/
-
Cyberangriff auf EU-Kommission
Tags: advisory, authentication, bug, cve, cvss, cyberattack, endpoint, exploit, germany, ivanti, mail, mobile, usa, vulnerabilityCyberkriminellen ist es gelungen, in ein System der EU-Kommission einzudringen.Die Europäische Kommission wurde Ziel einer Cyberattacke. Wie aus einer kürzlich veröffentlichten Mitteilung hervorgeht, erfolgte der Angriff Ende Januar und zielte auf ein System zur Verwaltung mobiler Endgeräte ab (Mobile Device Management MDM) .Demnach sind die Täter möglicherweise an Namen und Rufnummern einiger Mitarbeiter gekommen. Es…
-
Microsoft announces new mobile-style Windows security controls
Microsoft wants to introduce smartphone-style app permission prompts in Windows 11 to request user consent before apps can access sensitive resources such as files, cameras, and microphones. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-announces-new-mobile-style-windows-security-controls/
-
ZeroDayRAT malware grants full access to Android, iOS devices
A new commercial mobile spyware platform dubbed ZeroDayRAT is being advertised to cybercriminals on Telegram as a tool that provides full remote control over compromised Android and iOS devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/zerodayrat-malware-grants-full-access-to-android-ios-devices/
-
Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data
Dutch agencies confirmed attacks exploiting Ivanti EPMM flaws that exposed employee contact data at the data protection authority and courts. Dutch authorities said cyberattacks hit the Dutch Data Protection Authority and the Council for the Judiciary after hackers exploited newly disclosed flaws in Ivanti Endpoint Manager Mobile (EPMM). The incidents were reported to parliament, and…
-
Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data
The Netherlands’ Dutch Data Protection Authority (AP) and the Council for the Judiciary confirmed both agencies (Rvdr) have disclosed that their systems were impacted by cyber attacks that exploited the recently disclosed security flaws in Ivanti Endpoint Manager Mobile (EPMM), according to a notice sent to the country’s parliament on Friday.”On January 29, the National…
-
25 Million Users Affected as AI Chat Platform Leaks 300 Million Messages
>>Chat & Ask AI,<< a highly popular mobile application available on both Google Play and the Apple App Store, has suffered a significant data exposure. An independent security researcher discovered a vulnerability that left approximately 300 million private messages accessible to the public. This breach impacts more than 25 million users, raising serious concerns about…
-
Threat Actors Using Ivanti EPMM Flaws to Install Stealth Backdoors
A sophisticated new cyber campaign has been detected targeting Ivanti Endpoint Manager Mobile (EPMM) systems. Starting on February 4, 2026, threat actors began exploiting two critical vulnerabilities, CVE-2026-1281 and CVE-2026-1340, to plant dormant backdoors. Unlike typical attacks that immediately steal data or deploy ransomware, this campaign focuses on silence and persistence. Stealth Backdoors The attackers…
-
European Commission Hit by Mobile Management Data Breach
The European Commission is investigating a mobile device management breach that exposed staff data amid similar attacks across Europe. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/european-commission-hit-by-mobile-management-data-breach/
-
Cyber Attack Hits European Commission Staff Mobile Systems
The European Commission reports a cyber attack on its central mobile infrastructure that may have exposed staff names and phone numbers. First seen on hackread.com Jump to article: hackread.com/cyber-attack-european-commission-staff-mobile-systems/
-
Ivanti Zero-Days Likely Deployed in EU and Dutch Hacks
Ivanti’s Endpoint Manager Mobile Flaws Under Active Exploitation. The European Commission fell victim to a cyberattack that could have allowed the theft of some staff personal information. The European Union’s executive body said Friday it detected on Jan. 30 an attack on its central infrastructure managing mobile devices. First seen on govinfosecurity.com Jump to article:…
-
European Commission probes cyberattack on mobile device management system
The European Commission is investigating a cyberattack after detecting signs that its mobile device management system was compromised. The European Commission is investigating a cyberattack on its mobile device management platform after detecting intrusion traces. Attackers may have accessed some staff data, including names and phone numbers, but so far they have not compromised any…
-
European Commission hit by cyberattackers targeting mobile management platform
Tags: mobileThe European Commission’s mobile device management platform was hacked but the incident was swiftly contained and no compromise of mobile devices was detected, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/09/european-commission-ivanti-epmm-vulnerabilities/
-
European Commission Mitigates Cyberattack Aimed at Employee Mobile Information
The European Commission successfully contained a cyberattack targeting its mobile device management infrastructure on January 30, 2026. The incident, which potentially exposed staff names and mobile numbers, was neutralized within nine hours of detection, demonstrating the organization’s robust cybersecurity protocols. European Commission Mitigates Cyberattack The Commission’s central system managing mobile devices detected suspicious activity that…
-
DKnife targets network gateways in long running AitM campaign
Indicators point to China-Nexus development and targeting: Several aspects of DKnife’s design and operation suggested ties to China-aligned threat actors. Talos identified configuration data and code comments written in Simplified Chinese, as well as handling logic tailored for Chinese-language email providers and mobile applications.The framework was also found to enable credential collection from services used…
-
DKnife targets network gateways in long running AitM campaign
Indicators point to China-Nexus development and targeting: Several aspects of DKnife’s design and operation suggested ties to China-aligned threat actors. Talos identified configuration data and code comments written in Simplified Chinese, as well as handling logic tailored for Chinese-language email providers and mobile applications.The framework was also found to enable credential collection from services used…
-
European Commission probes intrusion into staff mobile management backend
Officials explore issue affecting infrastructure after CERT-EU detected suspicious activity First seen on theregister.com Jump to article: www.theregister.com/2026/02/09/european_commission_phone_breach/
-
European Commission discloses breach that exposed staff data
The European Commission is investigating a breach after finding evidence that its mobile device management platform was hacked. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/european-commission-discloses-breach-that-exposed-staff-data/
-
China-Nexus Hackers Target Linux Devices to Redirect Traffic and Deploy Malware
>>DKnife,<< a sophisticated gateway-monitoring and adversary-in-the-middle (AitM) framework that turns Linux-based routers and edge devices into surveillance tools. Active since at least 2019, this campaign employs seven distinct Linux implants to inspect network traffic, hijack legitimate software downloads, and deploy advanced malware. The framework remains active as of January 2026, targeting personal computers, mobile phones,…
-
How Samsung Knox Helps Stop Your Network Security Breach
As you know, enterprise network security has undergone significant evolution over the past decade. Firewalls have become more intelligent, threat detection methods have advanced, and access controls are now more detailed. However (and it’s a big “however”), the increasing use of mobile devices in business operations necessitates network security measures that are specifically First seen…
-
Mobile privacy audits are getting harder
Mobile apps routinely collect and transmit personal data in ways that are difficult for users, developers, and regulators to verify. Permissions can reveal what an app can … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/06/mopri-mobile-app-privacy-analysis/
-
Lateral Movement und RCE – Angriffe über Ivanti Endpoint Manager Mobile laufen
First seen on security-insider.de Jump to article: www.security-insider.de/sicherheitsluecken-ivanti-endpoint-manager-mobile-updates-a-aca050adf9926475b601d024c1aaff43/
-
ICE and CBP’s Face-Recognition App Can’t Actually Verify Who People Are
ICE has used Mobile Fortify to identify immigrants and citizens alike over 100,000 times, by one estimate. It wasn’t built to work like that”, and only got approved after DHS abandoned its own privacy rules. First seen on wired.com Jump to article: www.wired.com/story/cbp-ice-dhs-mobile-fortify-face-recognition-verify-identity/
-
Weltweite Android-Überwachungskampagne
Eine neu entdeckte Überwachungskampagne zeigt, wie gezielt mobile Geräte inzwischen für Spionage und Datendiebstahl missbraucht werden. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/android-ueberwachungskampagne
-
WatchGuard VPN Client Flaw on Windows Enables SYSTEM”‘Level Command Execution
WatchGuard has released a critical security update for its Mobile VPN with IPSec client for Windows to address a privilege escalation vulnerability. The flaw, originating in the underlying software provided by NCP engineering, allows local attackers to execute arbitrary commands with the highest available privileges on a compromised machine. The vulnerability is tracked as NCPVE-2025-0626 (WatchGuard Advisory…
-
IoT Penetration Testing: Definition, Process, Tools, and Benefits
IoT penetration testing is a security assessment of the complete IoT ecosystem, from backend systems and cloud services to mobile devices and hardware. It involves a multi-stage simulated attack on IoT devices and their supporting system to identify security risks before attackers can exploit them. Unpatched firmware is responsible for 60% of IoT security breaches,……
-
Ivanti patches two actively exploited critical vulnerabilities in EPMM
install rpm url [patch_url] command.The RPM_12.x.0.x patch is applicable to EPMM software versions 12.5.0.x, 12.6.0.x, and 12.7.0.x. It is also compatible with the older 12.3.0.x and 12.4.0.x versions. Meanwhile the RPM_12.x.1.x patch is applicable to versions 12.5.1.0 and 12.6.1.0.”The RPM script does not survive a version upgrade,” the company warns. “If after applying the RPM…
-
Ivanti Fixes Actively Exploited RCE Flaws in Endpoint Manager Mobile
Ivanti patched actively exploited EPMM flaws that enable unauthenticated remote code execution. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/ivanti-fixes-actively-exploited-rce-flaws-in-endpoint-manager-mobile/
-
‘Critical’ Mobile Management Vulnerabilities Seeing Exploitation
A pair of critical-severity vulnerabilities affecting an Ivanti mobile management tool have been exploited in cyberattacks, according to the company. First seen on crn.com Jump to article: www.crn.com/news/security/2026/ivanti-critical-mobile-management-vulnerabilities-seeing-exploitation