
IT / OT Security News
Headlines: 2022
December 28, 2022
EarSpy: Spying on Phone Calls via Ear Speaker Vibrations Captured by Accelerometer
As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for eavesdropping on a targeted user’s conversations, according to a team of researchers from several universities in the United States.
November 28, 2022
Malicious Android app found powering account creation service
A fake Android SMS application, with 100,000 downloads on the Google Play store, has been discovered to secretly act as an SMS relay for an account creation service for sites like Microsoft, Google, Instagram, Telegram, and Facebook.
November 21, 2022
A Leak Details Apple's Dirt on a Trusted Security Startup
Corellium, a cybersecurity startup that sells phone-virtualization software for catching security bugs, offered or sold its tools to controversial government spyware and hacking-tool makers in Israel, the United Arab Emirates, and Russia, and to a cybersecurity firm with potential ties to the Chinese government, according to a leaked document reviewed by WIRED that contains internal company communications.
November 1, 2022
Malicious Android apps with 1M+ installs found on Google Play
A set of four malicious applications currently available in Google Play, the official store for the Android system, are directing users sites that steal sensitive information or generate ‘pay-per-click’ revenue for the operators.
October 2, 2022
Mexican journalists targeted by zero-click spyware infections
Mexican journalists and a human rights defender investigating links between extrajudicial killings, drugs cartels, and the Mexican military, were infected with NSO Group’s spyware after being hacked through zero-click attacks, a new investigation has alleged.
September 13, 2022
Fears grow of Russian spies turning to industrial espionage
Russia acknowledged this week that parts of its technology industry are dependent on foreign knowledge and lagging competitors by more than a decade, raising concerns that the country’s cyber spies will be used for industrial espionage.
September 7, 2022
Iranian hackers spy on journalists and government officials, researchers warn
Cybersecurity researchers have uncovered another Iranian state-sponsored hacking group that has been targeting government officials, journalists, academics, and opposition leaders around the world for at least seven years.
September 1, 2022
iOS 12 Update for Older iPhones Patches Exploited Vulnerability
Apple on Wednesday started shipping patches for older iPhone and iPad devices to address a recent, actively exploited vulnerability.
Tracked as CVE-2022-32893, the vulnerability impacts WebKit and it can be exploited to achieve arbitrary code execution when the user visits a malicious website.
August 25, 2022
FCC launches investigation into mobile carriers’ geolocation data practices
The Federal Communication Commission on Thursday shared responses from mobile carriers to a probe of how they handle geolocation data and announced a new investigation into carrier compliance with agency rules about disclosing how such data is stored and shared.
August 12, 2022
Chinese hackers backdoor chat app with new Linux, macOS malware
Versions of a cross-platform instant messenger application focused on the Chinese market known as 'MiMi' have been trojanized to deliver a new backdoor (dubbed rshell) that can be used to steal data from Linux and macOS systems.
August 5, 2022
Facebook finds new Android malware used by APT hackers
Meta (Facebook) has released its Q2 2022 adversarial threat report, and among the highlights is the discovery of two cyber-espionage clusters connected to hacker groups known as 'Bitter APT' and APT36 (aka 'Transparent Tribe') using new Android malware.
July 29, 2022
Cybersecurity researcher publishes a list of 30 malicious Android apps available in Google Play Store
Cybersecurity researcher and anti-malware firm Dr.Web recently warned Android users about a list of 30 Android apps with malicious trojans that are currently still available in the Google Play Store.
June 29, 2022
Amazon Confirmed and Fixed a High Severity Vulnerability of Broken Authentication in Amazon Photos Android App
Our research team at Checkmarx found that the Amazon Photos Android app could have allowed a malicious application, installed on the user’s phone, to steal their Amazon access token. The Android app has over 50 million downloads.
June 26, 2022
Rethinking organizational cybersecurity strategy for corporations
“The fact that commercial companies have experienced such attacks casts doubt on the assumption that they don’t need to include nation state level attacks as one of the threats to be addressed,” writes Dr. Yaniv Harel, CSO at the Blavantnik Interdisciplinary Cyber Research Center
June 23, 2022
Spyware vendor works with ISPs to infect iOS and Android users
Google's Threat Analysis Group (TAG) revealed today that RCS Labs, an Italian spyware vendor, has received help from some Internet service providers (ISPs) to infect Android and iOS users in Italy and Kazakhstan with commercial surveillance tools.
June 22, 2022
Microsoft: Russian Cyber Spying Targets 42 Ukraine Allies
Coinciding with unrelenting cyberattacks against Ukraine, state-backed Russian hackers have engaged in “strategic espionage” against governments, think tanks, businesses and aid groups in 42 countries supporting Kyiv, Microsoft said in a report Wednesday.
June 16, 2022
Lookout Uncovers Hermit Spyware Deployed in Kazakhstan
Lookout researchers have uncovered enterprise-grade Android surveillanceware used by the government of Kazakhstan within its borders. While we’ve been following this threat for a while using Lookout Endpoint Detection and Response (EDR) these latest samples were detected in April 2022, four months after nation-wide protests against government policies were violently suppressed.
June 11, 2022
WiFi probing exposes smartphone users to tracking, info leaks
Researchers at the University of Hamburg in Germany have conducted a field experiment capturing hundreds of thousands of passersby's WiFi connection probe requests to determine the type of data transmitted without the device owners realizing it.
June 2, 2022
Vulnerability within the UNISOC baseband opens mobile phones communications to remote hacker attacks
Do you remember push-button telephones? Many of them were based on chips from Spreadtrum Communications Inc., a Chinese chip manufacturer founded in 2001. In 2011, over half of all phones in China were powered by Spreadtrum chips.
May 27, 2022
Android apps with millions of downloads exposed to high-severity vulnerabilities
Microsoft uncovered high-severity vulnerabilities in a mobile framework owned by mce Systems and used by multiple large mobile service providers in pre-installed Android System apps that potentially exposed users to remote (albeit complex) or local attacks. The vulnerabilities, which affected apps with millions of downloads, have been fixed by all involved parties.
May 26, 2022
‘Dystopian’: Govt-endorsed education apps surveilling Australian children
A number of education apps and websites endorsed by Australian governments and used throughout the pandemic have been surveilling and tracking children and sending their data to advertisers, according to a report by Human Rights Watch.
May 25, 2022
Spain’s PM vows to reform intelligence services following phone hacking scandal
Spanish prime minister Pedro Sánchez pledged to further regulate and oversee the country’s spy agencies on Thursday following the discovery of unauthorized spyware on the phones of top politicians earlier this year.
May 16, 2022
Hackers Can Abuse Low-Power Mode to Run Malware on Powered-Off iPhones
Researchers from a university in Germany have analyzed the low-power mode (LPM) implementation on iPhones and found that it introduces potentially serious security risks, even allowing attackers to run malware on powered-off devices.
May 11, 2022
Biden extends US telecom supply chain order aimed at Huawei, ZTE
President Joe Biden on Thursday extended for another year a Trump-era executive order that declared a national emergency and prohibited U.S. companies from using telecommunications equipment produced by firms posing a national security risk.
May 3, 2022
Dirty Pipe: What you need to know about the major exploit affecting Pixel 6 and Galaxy S22 devices [Updated]
The security world has been abuzz about a new Linux exploit called “Dirty Pipe,” which also affects Android 12 devices like Galaxy S22 and Pixel 6. Here’s everything you need to know about “Dirty Pipe,” which devices it affects, and how best to avoid it.
April 21, 2022
Largest Mobile Chipset Manufacturers used Vulnerable Audio Decoder, 2/3 of Android users’ Privacy around the World were at Risk
The Apple Lossless Audio Codec (ALAC), also known as Apple Lossless, is an audio coding format, developed by Apple Inc. and first introduced in 2004 for lossless data compression of digital music.
February 19, 2022
Police following up with Sylvia Lim on phone hacking allegations, advise her to file report
SINGAPORE: Home Affairs Minister K Shanmugam has asked the police to follow up with Member of Parliament Sylvia Lim (WP-Aljunied) regarding her claim that she had received a threat warning from Apple stating that her iPhone could be the subject of hacking by state-sponsored attackers, the Singapore Police Force (SPF) said on Saturday (Feb 19).
February 15, 2022
FBI sees increase in use of virtual meeting platforms for BEC scams
The US Federal Bureau of Investigation said today that it had seen an increase in the use of virtual meeting platforms as a way to trick organizations into sending payments to the wrong accounts as part of a type of attack known as BEC scams.
February 15, 2022
Mexican Businessman Admits to Brokering Spyware Used to Monitor Political and Business Rivals
SAN DIEGO – Mexican businessman Carlos Guerrero pleaded guilty in federal court today, admitting that he conspired to sell and use hacking tools manufactured by private companies in Italy, Israel and elsewhere.
February 7, 2022
No one was immune: Israel Police Pegasus surveillance list revealed
CEOs of government ministries, journalists, tycoons, corporate executives, mayors, social activists, and even the Prime Minister’s relatives, all were police targets, having their phones hacked by NSO’s spyware, prior to any investigation even opening and without any judicial authorization
January 20, 2022
Zoom security issues: What's gone wrong and what's been fixed
Do you use Zoom? Sure you do. When the pandemic hit North America and Europe in March 2020, seemingly everyone who had to start working, going to school or even socializing from home started using the videoconferencing service.