Tag: phone
-
Rooted Androids 3,000x More Likely to Be Breached, Even iPhones Not Safe
A new Zimperium report reveals that rooted Android phones and jailbroken iOS devices face growing threats, with advanced toolkits making detection nearly impossible for cybersecurity researchers. First seen on hackread.com Jump to article: hackread.com/rooted-androids-breached-even-iphones-not-safe/
-
Smashing Security podcast #409: Peeping perverts and FBI phone calls
In episode 409 of the “Smashing Security” podcast, we uncover the curious case of the Chinese cyber-attack on Littleton’s Electric Light Company, and a California landlord’s hidden camera scandal. First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-409/
-
Tesla Owners Doxxed as Elon Musk and DOGE Fallout Grows
Tags: phone‘Dogequest’ Site Provided Tesla Owners Addresses, Names and Phone Numbers. The White House slammed a website that purported to reveal the names, addresses and phone numbers of Tesla owners – unless they showed proof of selling their vehicles made by Elon Musk’s car company – amid growing criticism over his efforts to sharply reduce the…
-
That breach cost HOW MUCH? How CISOs can talk effectively about a cyber incident’s toll
Tags: attack, breach, business, ciso, cyber, cybersecurity, data, email, incident, incident response, insurance, jobs, network, phone, ransomware, risk, risk-managementThe importance of practice in estimating costs: Quantifying the costs of an incident in advance is an inexact art greatly aided by tabletop exercises. “The best way in my mind to flush all of this out is by going through a regular incident response tabletop exercise,” Gary Brickhouse, CISO at GuidePoint Security, tells CSO. “People…
-
Google slips built-in terminal, Debian Linux VM into Android 15 March feature drop
Try it out now on Pixel phones for some penguin on penguin fun First seen on theregister.com Jump to article: www.theregister.com/2025/03/13/android_15_linux_debian_terminal/
-
Amazon is still hosting spyware victims’ data weeks after breach alert
Amazon won’t say if it will stop hosting data from three phone surveillance operations that spilled private data on millions of people. First seen on techcrunch.com Jump to article: techcrunch.com/2025/03/13/amazon-is-still-hosting-stalkerware-victims-data-weeks-after-breach-alert/
-
The most notorious and damaging ransomware of all time
Tags: access, android, attack, backdoor, backup, banking, botnet, breach, communications, computer, control, credentials, cryptography, cyber, cybercrime, dark-web, data, defense, detection, email, encryption, endpoint, exploit, extortion, finance, flaw, framework, germany, google, government, group, hacker, hacking, healthcare, infection, infrastructure, international, jobs, korea, law, lazarus, leak, linux, malicious, malware, microsoft, mobile, msp, network, north-korea, office, open-source, oracle, password, phishing, phone, powershell, ransom, ransomware, russia, service, software, spam, switch, technology, threat, tool, ukraine, update, usa, virus, vulnerability, windowsConti: History: First appearing in May 2020, the Conti RaaS platform is considered the successor to the Ryuk ransomware. As of January 2021, Conti is believed to have infected over 150 organizations and earned millions of dollars for its criminal developers and their affiliates. At least three new versions have been found since its inception.How it works: Conti uses the…
-
Amazon is still hosting stalkerware victims’ data weeks after breach alert
Amazon won’t say if it will stop hosting data from three phone surveillance operations that spilled private data on millions of people. First seen on techcrunch.com Jump to article: techcrunch.com/2025/03/13/amazon-is-still-hosting-stalkerware-victims-data-weeks-after-breach-alert/
-
Threat Actors Evade Security Measures to Launch SIM Swap Attacks
SIM swapping fraud continues to pose a significant threat to individuals and financial institutions, despite ongoing efforts by telecom providers and regulatory bodies to enhance security measures. This type of fraud involves fraudsters gaining control of a victim’s phone number by swapping or porting their SIM card, often using stolen personal and financial information obtained…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 36
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Cellebrite zero-day exploit used to target phone of Serbian student activist One in Four Cyberattacks in 2024 Traced to Infostealers, Huntress Reports Uncovering .NET Malware Obfuscated by Encryption and Virtualization Black Basta and Cactus Ransomware Groups…
-
Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud
Google has announced the rollout of artificial intelligence (AI)-powered scam detection features to secure Android device users and their personal information.”These features specifically target conversational scams, which can often appear initially harmless before evolving into harmful situations,” Google said. “And more phone calling scammers are using spoofing techniques to hide their real First seen on…
-
Fake police call cryptocurrency investors to steal their funds
Have you had a phone call from police about your cryptocurrency wallet? First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/fake-police-call-cryptocurrency-investors-to-steal-their-funds
-
Serbian Police Hack Protester’s Phone With Cellebrite Exploit Chain
Amnesty International said Serbian police used an exploit chain in tandem with legitimate mobile extraction dongle from vendor Cellebrite in an attack that brings up questions around ethical technology development. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/serbian-police-hack-protester-phone-cellebrite-exploit-chain
-
Serbian student activist’s phone hacked using Cellebrite zero-day exploit
Amnesty International reports that a Cellebrite zero-day exploit was used to unlock a Serbian activist’s Android phone. Amnesty International reported that a Cellebrite zero-day exploit was used to unlock the Android smartphone of a Serbian activist. In astatementpublished on 25 February 2025,Cellebrite announcedthat it had blocked Serbia from using its solution after reports that police…
-
Serbian student’s Android phone compromised by exploit from Cellebrite
Android users who haven’t installed Google’s February patch batch should do so ASAP. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/02/android-0-day-sold-by-cellebrite-exploited-to-hack-serbian-students-phone/
-
Android 0-day sold by Cellebrite exploited to hack Serbian student’s phone
Android users who haven’t installed Google’s February patch batch should do so ASAP. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/02/android-0-day-sold-by-cellebrite-exploited-to-hack-serbian-students-phone/
-
Researchers uncover unknown Android flaws used to hack into a student’s phone
Amnesty International said that Google fixed previously unknown flaws in Android that allowed authorities to unlock phones using forensic tools. On Friday, Amnesty International published a report detailing a chain of three zero-day vulnerabilities developed by phone-unlocking company Cellebrite, which its researchers found after investigating the hack of a student protester’s phone in Serbia. The…
-
Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone
A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amnesty International.”The Android phone of one student protester was exploited and unlocked by a sophisticated zero-day exploit chain targeting Android USB drivers, developed by Cellebrite,” the international non-governmental…
-
Serbian police used Cellebrite zero-day hack to unlock Android phones
Serbian authorities have reportedly used an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist in the country and attempt to install spyware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/serbian-police-used-cellebrite-zero-day-hack-to-unlock-android-phones/
-
Quarter of Brits Report Deepfake Phone Scams
New Hiya data finds 26% of UK consumers encountered a deepfake scam call in Q4 2024 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/quarter-brits-report-deepfake-calls/
-
How to create an effective incident response plan
Tags: access, advisory, attack, backup, breach, business, ceo, ciso, communications, corporate, cyber, cybersecurity, email, endpoint, exploit, finance, governance, guide, incident, incident response, insurance, law, lessons-learned, malicious, monitoring, network, office, phone, ransomware, risk, security-incident, service, strategy, supply-chain, technology, threat, updateEstablish a comprehensive post-incident communications strategy: Another key element that can make or break an incident response strategy is communications. Without clear communications among the major stakeholders of the business, a company might experience much longer downtimes or the loss of vital processes for extended periods.”How are you going to go about communicating? With whom?…
-
Flaw found in stalkerware apps, exposing millions of people. Here’s how to find out if your phone is being spied upon
A serious security vulnerability has been found in popular stalkerware apps, exposing the sensitive personal information and communications of millions of people. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/flaw-stalkerware-apps-exposing-people-heres-how-to-find-out-phone-spied
-
Russian cyberespionage groups target Signal users with fake group invites
QR codes provide a means of phishing Signal users: These features now work by scanning QR codes that contain the cryptographic information needed to exchange keys between different devices in a group or to authorize a new device to an account. The QR codes are actually representations of special links that the Signal application knows…
-
US Army soldier pleads guilty to ATT and Verizon hacks
Cameron John Wagenius pleaded guilty to hacking AT&T and Verizon and stealing a massive trove of phone records from the companies, according to court records filed on Wednesday. Wagenius, who was a U.S. Army soldier, pleaded guilty to two counts of “unlawful transfer of confidential phone records information” on an online forum and via an…
-
Pegasus spyware infections found on several private sector phones
Mobile security company iVerify says that it discovered about a dozen new infections of the powerful Pegasus spyware on phones mostly used by people in private industry. First seen on therecord.media Jump to article: therecord.media/pegasus-spyware-infections-iverify
-
U.S. CISA adds SonicWall SonicOS and Palo Alto PAN-OS flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall SonicOS and Palo Alto PAN-OS vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple iOS and iPadOS and Mitel SIP Phones vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The two vulnerabilities are: Researchers recently warned that threat actors…