Tag

Spyware

All articles tagged with #spyware

technology12 days ago•71 min saved

Apple says Lockdown Mode has never been hacked and shows how to turn it on

Apple maintains that Lockdown Mode, its extreme security feature for iPhone, iPad, and Mac, has not been breached by mercenary spyware, a claim echoed by security experts who say they’ve seen attacks blocked but no confirmed compromises. Lockdown Mode dramatically limits attach ments, calls from unknown numbers, wired device connections, and Safari restrictions; it’s off by default and can be enabled or disabled in Settings > Privacy & Security, with a restart and PIN required each time, though users should be prepared for trade-offs in usability.

via TechRadar|

#apple #iphone #lockdown-mode

technology21 days ago•4 min saved

iPhone spyware goes mainstream as criminals weaponize iOS flaws

Researchers warn iPhone spyware once used by governments is now in criminals’ hands, with two campaigns—Coruna and DarkSword—exploiting iOS vulnerabilities via watering hole attacks to exfiltrate data like messages and location; Apple has patched many flaws and issued updates, and Safari now blocks malicious domains, but users should stay updated and enable Lockdown Mode as tools become more accessible to a wider range of attackers.

via Axios|

#coruna #cybersecurity #iphone

technology23 days ago•3 min saved

DarkSword spyware hits iPhones simply by visiting compromised websites

Security researchers warn of DarkSword, a new spyware toolkit that doesn’t require installation: simply visiting an infected website can exfiltrate data from iPhones on iOS 18.4–18.7; it collects calls, contacts, messages, photos, location, iCloud content and wallet credentials, then deletes traces and leaves behind its code for reuse, with attacks seen in Saudi Arabia and Ukraine and up to hundreds of millions of devices at risk given about 25% of iPhones run iOS 18.

via Mashable|

#cybersecurity #darksword #ios

technology1 month ago•3 min saved

Leaked government toolkit weaponizes 23 iPhone flaws to hack devices

Google warns of Coruna—a suspected leaked US government tool—that uses 23 iPhone vulnerabilities to hijack devices, potentially via malicious Safari links; the spyware can spread globally through cybercriminals and affects iPhones on iOS versions 13 through 17.2.1, with guidance to update iOS or enable Lockdown Mode for protection.

via New York Post|

#cybersecurity #exploits #ios

technology2 months ago•4 min saved

WhatsApp Debuts Extreme Privacy Lock for High-Risk Users

Meta is rolling out 'Strict Account Settings'—a lockdown mode for WhatsApp that adds extreme privacy controls for high-risk users (e.g., journalists), including enforced two-step verification, blocking media/attachments from unknown senders, silencing unknown calls, hiding last seen/online status, restricting profile details, and more; the feature is activated from the main device and will roll out gradually, with a backend Rust migration to boost protection against spyware.

via BleepingComputer|

#cybersecurity #journalists #privacy

technology5 months ago•2 min saved

CISA Warns of Zero-Day Samsung Flaw Used in 'Landfall' Spyware Attacks

CISA has ordered U.S. federal agencies to patch a critical Samsung vulnerability (CVE-2025-21042) exploited since July 2024 to deploy LandFall spyware via WhatsApp, which can access extensive device data. Although Samsung patched it in April, ongoing exploitation prompted urgent security measures, with federal agencies required to fix the flaw by December 1. The spyware targets flagship Samsung devices and has potential links to international espionage activities, emphasizing the importance of timely updates.

via BleepingComputer|

#cisa #patch #samsung

technology5 months ago•3 min saved

Landfall: Commercial Android Spyware Exploiting Samsung Zero-Day Flaw

A new Android spyware called Landfall exploited a zero-day vulnerability in Samsung Galaxy devices for nearly a year, enabling surveillance activities like call recording and data harvesting, primarily targeting Middle Eastern users. The campaign used sophisticated, targeted attacks likely linked to a well-resourced actor, possibly connected to the UAE government, though definitive attribution remains uncertain. Samsung patched the vulnerability in April, but related exploits continued to be observed until recently.

via theregister.com|

#espionage #landfall #samsung

security5 months ago•2 min saved

Landfall Spyware Exploits Zero-Day to Target Samsung Devices via WhatsApp

A security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver the LANDFALL spyware via WhatsApp, targeting users in the Middle East. The flaw, CVE-2025-21042, allowed remote code execution through malicious DNG images, leading to comprehensive data theft. Samsung patched the vulnerability in April 2025, but the attack highlights the ongoing threat of sophisticated exploits in the wild.

via The Hacker News|

#landfall #samsung #security

technology5 months ago•3 min saved

Hacking Team's Spyware Tied to Chrome Zero-Day Attacks and Emergency Updates

A Chrome zero-day exploited in Operation ForumTroll was linked to Italian spyware vendor Memento Labs, which developed the LeetAgent and Dante malware used in targeted attacks on Russian and Belarusian organizations. The campaign involved sophisticated phishing and browser exploits, with Memento Labs emerging as a successor to the notorious Hacking Team.

via BleepingComputer|

#chrome-zero-day #cve-2025-2783 #memento-labs

world5 months ago•2 min saved

US Court Bans NSO Group from Targeting WhatsApp Users

Meta Platforms successfully obtained a court order to block NSO Group, a spyware maker, marking a legal victory against surveillance technology misuse.

via TipRanks|

#court-order #legal-victory #meta-platforms

technology6 months ago•1 min saved

Apple Boosts Bug Bounty to $2 Million for Zero-Click Exploit Chains

Apple has increased its bug bounty reward to $2 million for the most dangerous exploits that could be used for spyware, with the potential total reward reaching $5 million including bonuses, as part of its ongoing efforts to improve security and combat the spyware industry.

via WIRED|

#apple #bug-bounty #cybersecurity

privacy-and-surveillance6 months ago•5 min saved

U.S. Immigration Agency Reinstates Spyware Contract Amid Privacy Concerns

404 Media is suing ICE to force the agency to disclose details of a $2 million contract with spyware company Paragon, which can remotely access messaging apps on phones. The contract, reactivated after a White House freeze, raises concerns about civil rights abuses amid ICE's controversial immigration enforcement practices. Paragon's technology has been linked to government surveillance in multiple countries and has been used to target journalists and activists, prompting fears about its potential misuse in the U.S.

via 404 Media|

#civil-rights #foia-lawsuit #ice

technology7 months ago•1 min saved

France Alerts to New Apple Spyware Campaign

France's cybersecurity agency confirmed that Apple issued multiple security alerts in 2025 about sophisticated spyware campaigns targeting individuals, including journalists and officials, with no specific attribution provided. Users receiving these alerts are advised to contact CERT-FR and avoid device modifications to aid investigations.

via 9to5Mac|

#alerts #apple #cybersecurity

security7 months ago•1 min saved

France reports Apple warned victims of spyware attacks

Apple has notified several users in France that their devices were targeted by a spyware campaign, with the French cybersecurity unit confirming the alerts and indicating potential device compromise, though details on the number of victims and the spyware used remain unclear.

via TechCrunch|

#apple #cybersecurity #device-hacking

technology7 months ago•1 min saved

Automated Spyware Captures Webcam Images of Victims Watching Porn

A new spyware malware automates sextortion by monitoring browsers for NSFW content, then capturing screenshots and webcam photos of victims, escalating the threat of cybercrime and privacy invasion.

via WIRED|

#cybersecurity #infostealer #malware