Tag: spyware
-
Germany limits police spyware use to serious crimes
Germany’s top court ruled police can use spyware only for crimes punishable by at least three years in prison. Germany’s top court ruled that police may only use spyware to monitor devices in cases involving crimes with a maximum sentence of at least three years. >>The interference with both the fundamental right protecting IT-systems and Art. 10(1) of…
-
EU law to protect journalists from spyware takes effect
Critics from press freedom groups say member states have not taken steps to give the law any teeth. First seen on therecord.media Jump to article: therecord.media/eu-law-to-protect-journalists-from-spyware-takes-effect
-
Germany’s top court holds that police can only use spyware to investigate serious crimes
The plaintiffs argued that a 2017 rules change enabling law enforcement to use spyware to eavesdrop on encrypted chats and messaging platforms could unfairly expose communications belonging to people who are not criminal suspects. First seen on therecord.media Jump to article: therecord.media/germany-spyware-limitations-court-rules
-
Citizen Lab Founder Flags Rise of US Authoritarianism
Tags: spywareCitizen Lab director and founder Ron Deibert explained how civil society is locked in vicious cycle, and human rights are being abused as a result, covering Israeli spyware, the Khashoggi killing, and an erosion of democratic norms in the US. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/citizen-lab-founder-us-authoritarianism
-
Nvidia Denies Presence of Backdoors, Kill Switches, or Spyware in Its Chips
Nvidia has issued a comprehensive denial regarding allegations that its graphics processing units contain backdoors, kill switches, or spyware, emphasizing that such features would fundamentally undermine global digital infrastructure and cybersecurity principles. The chipmaker’s statement comes amid growing discussions among policymakers and industry observers about potential hardware-level controls that could remotely disable GPUs without user…
-
Candiru Spyware Infrastructure Uncovered
Inskit Researchers Uncover Clusters in Hungary, Saudi Arabia. Security researchers uncovered a previously unseen malware cluster associated with Israeli spyware maker Candiru. The company may have rebranded itself to evade sanctions to continue its operations. It continues to operate despite its inclusion in 2021 onto an exports blacklist by the United States. First seen on…
-
CTM360 spots Malicious ‘ClickTok’ Campaign Targeting TikTok Shop users
The ClickTok campaign lures victims with fake TikTok shops and drains their crypto wallets. CTM360 exposes how SparkKitty spyware spreads via trojanized apps, phishing pages, and AI-powered scams. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ctm360-spots-malicious-clicktok-campaign-targeting-tiktok-shop-users/
-
The Kremlin’s Most Devious Hacking Group Is Using Russian ISPs to Plant Spyware
The FSB cyberespionage group known as Turla seems to have used its control of Russia’s network infrastructure to meddle with web traffic and trick diplomats into infecting their computers. First seen on wired.com Jump to article: www.wired.com/story/russia-fsb-turla-secret-blizzard-apolloshadow-isp-cyberespionage/
-
Koreans Hacked, Blackmailed by 250+ Fake Mobile Apps
A swath of copycat Korean apps are hiding spyware, occasionally leading to highly personal, disturbing extortions. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/koreans-hacked-blackmailed-250-fake-mobile-apps
-
Austrian government faces likely legal challenge over state spyware
Civil society groups are talking to opposition MPs about bringing a legal challenge to the Austrian constitutional court over ‘state trojan’ law First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366628109/Austrian-government-faces-likely-legal-challenge-over-state-spyware
-
âš¡ Weekly Recap, SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains and More
Some risks don’t breach the perimeter”, they arrive through signed software, clean resumes, or sanctioned vendors still hiding in plain sight.This week, the clearest threats weren’t the loudest”, they were the most legitimate-looking. In an environment where identity, trust, and tooling are all interlinked, the strongest attack path is often the one that looks like…
-
Google took a month to shut down Catwatchful, a phone spyware operation hosted on its servers
Google has suspended the Firebase account of Catwatchful following a TechCrunch investigation. The spyware operation was caught using Google’s own servers to host and run its surveillance app, which was stealthily monitoring thousands of people’s phones. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/25/google-took-a-month-to-shut-down-catwatchful-a-phone-spyware-operation-hosted-on-its-servers/
-
Operation GhostChat PhantomPrayers: China-Linked APTs Target Tibetan Community with Stealthy Spyware
The post Operation GhostChat PhantomPrayers: China-Linked APTs Target Tibetan Community with Stealthy Spyware appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/operation-ghostchat-phantomprayers-china-linked-apts-target-tibetan-community-with-stealthy-spyware/
-
DCHSpy Android Spyware Linked to Iran’s MuddyWater APT, Targets Geopolitical Foes with Starlink Lures
The post DCHSpy Android Spyware Linked to Iran’s MuddyWater APT, Targets Geopolitical Foes with Starlink Lures appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/dchspy-android-spyware-linked-to-irans-muddywater-apt-targets-geopolitical-foes-with-starlink-lures/
-
Apple alerted Iranians to iPhone spyware attacks, say researchers
Researchers say Apple sent out threat notifications to several Iranians in recent months, saying their iPhones had been hacked. Iran is likely behind the attacks. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/22/apple-alerted-iranians-to-iphone-spyware-attacks-say-researchers/
-
Serial spyware founder Scott Zuckerman wants the FTC to unban him from the surveillance industry
The spyware maker was banned from the surveillance industry in 2021, but was caught flouting the ban less than a year later. Now the founder wants the ban lifted altogether. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/21/serial-spyware-founder-scott-zuckerman-wants-the-ftc-to-unban-him-from-the-surveillance-industry/
-
MuddyWater deploys new DCHSpy variants amid Iran-Israel conflict
Iran-linked APT MuddyWater is deploying new DCHSpy spyware variants to target Android users amid the ongoing conflict with Israel. Lookout researchers observed Iran-linked APT MuddyWater (aka SeedWorm, TEMP.Zagros, and Static Kitten) is deploying a new version of the DCHSpy Android spyware in the context of the Israel-Iran conflict. The firstMuddyWatercampaign wasobservedin late 2017, when the APT group targeted entities in…
-
Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents
Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence and Security (MOIS) and have been distributed to targets by masquerading as VPN apps and Starlink, a satellite internet connection service offered by SpaceX.Mobile security vendor Lookout said it discovered four samples of a surveillanceware tool it…
-
Iranian Hackers Deploy New Android Spyware Version
New samples of DCHSpy, a spyware implant linked to Iranian APT group MuddyWater, were detected by Lookout one week after the start of the Israel-Iran conflict First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/iran-hackers-new-android-spyware/
-
Four new Android spyware samples linked to Iran’s intel agency
Persians added snooping capabilities to DCHSpy after Israeli bombs fell First seen on theregister.com Jump to article: www.theregister.com/2025/07/21/muddywaters_android_iran/
-
âš¡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More
Even in well-secured environments, attackers are getting in”, not with flashy exploits, but by quietly taking advantage of weak settings, outdated encryption, and trusted tools left unprotected.These attacks don’t depend on zero-days. They work by staying unnoticed”, slipping through the cracks in what we monitor and what we assume is safe. What once looked suspicious…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 53
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Datacarry Ransomware DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal Batavia spyware steals data from Russian organizations Taking SHELLTER: a commercial evasion framework abused in- the- wild Open Source Malware Index Q2 2025: Data exfiltration remains…
-
Can an ‘ethical’ spyware maker justify providing its tech to ICE?
Analysis: In calling itself an ethical spyware vendor, Paragon has opened itself up to scrutiny of its government customers. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/11/can-an-ethical-spyware-maker-provide-its-tech-to-ice/
-
Spyware on Androids Soars
In general, malware aimed at Androids rose 151% in February and March but a whopping increase came with the 692% jump in SMS-based malware that occurred in April and May. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/spyware-on-androids-soars/
-
Former Mexican president investigated over allegedly taking bribes from spyware industry
The investigation comes in response to an account in the Israeli business publication TheMarker, which reported that the contracts included a deal to buy Pegasus, the powerful spyware manufactured by Israel-based NSO Group. First seen on therecord.media Jump to article: therecord.media/former-mexican-president-investigated-spyware-bribes
-
Spyware Campaign Hits Russian Industrial Firms
Phishing Emails Disguise Malware as Contract Files. A Russian cybersecurity company is warning that hackers are targeting Russia’s industrial sector using a previously undocumented spyware, reeling them in with contract-themed emails lures. Kaspersky dubbed the spyware Batavia. but doesn’t attribute the campaign to a threat actor. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/spyware-campaign-hits-russian-industrial-firms-a-28928
-
Appeals court clears path for El Salvadoran journos to sue spyware maker
The court vacated the district court’s decision to dismiss the case against NSO Group, saying it abused its discretion in doing so. First seen on cyberscoop.com Jump to article: cyberscoop.com/appeals-court-clears-path-for-el-salvadoran-journos-to-sue-spyware-maker/
-
New spyware strain steals data from Russian industrial companies
Moscow-based cybersecurity firm Kaspersky said the campaign has already affected over 100 victims across several dozen Russian organizations, but did not disclose the specific targets. First seen on therecord.media Jump to article: therecord.media/spyware-strain-steals-data-russian-industrial-sector
-
Researchers Uncover Batavia Windows Spyware Stealing Documents from Russian Firms
Russian organizations have been targeted as part of an ongoing campaign that delivers a previously undocumented Windows spyware called Batavia.The activity, per cybersecurity vendor Kaspersky, has been active since July 2024.”The targeted attack begins with bait emails containing malicious links, sent under the pretext of signing a contract,” the Russian company said. “The main goal…
-
New Batavia spyware targets Russian industrial enterprises
Since March 2025, fake contract emails have been spreading Batavia spyware in targeted attacks on Russian organizations. Since March 2025, a targeted phishing campaign against Russian organizations has used fake contract-themed emails to spread the Batavia spyware, a new malware designed to steal internal documents. The attack, ongoing since July 2024, begins with links to…