Mobile Surveillance Tool EagleMsgSpy Used by Chinese Law Enforcement

December 12, 2024 at 08:42AM Chinese law enforcement has utilized a surveillance tool called EagleMsgSpy since at least 2017 to collect data from Android devices via physical access. Developed by Wuhan Chinasoft Token Information Technology Co., it gathers sensitive information such as SMS, call logs, and GPS data, linked to public security bureaus in China. … Read more

How Chinese insiders are stealing data scooped up by President Xi’s national surveillance system

December 8, 2024 at 12:09PM Chinese tech company employees and government workers are involved in a booming black market for user data, including sensitive information from high-ranking officials. This illegal ecosystem thrives on scams and fraud, using data harvested through state surveillance and compromised systems, raising significant privacy risks for individuals in China. ### Meeting … Read more

Toolkit Vastly Expands APT41’s Surveillance Powers

November 13, 2024 at 05:58PM China’s APT41 threat group has developed a sophisticated Windows-based malware toolkit, “DeepData Framework,” targeting South Asian organizations. The toolkit includes 12 modular plug-ins for data theft, including communications and system information. Analysts emphasize the need for heightened security measures against APT41’s ongoing cyber-espionage campaigns. ### Meeting Takeaways: 1. **APT41 Threat … Read more

Who’s watching you the closest online? Google, duh

September 24, 2024 at 03:55PM Google has emerged as the predominant leader in internet tracking, according to Kaspersky’s annual web tracking report. The report highlights Google’s four main tracking systems and their prevalence across different global regions. Kaspersky’s Do Not Track tool was triggered close to 39 billion times in a 12-month period, leading to … Read more

Predator Spyware Resurfaces With Fresh Infrastructure

September 9, 2024 at 06:28AM The Predator spyware, previously affected by US sanctions against Intellexa Consortium, has reemerged with a new infrastructure, as per Recorded Future. This malware, utilized mainly by government entities, can infiltrate and gather data from devices discreetly. The recent report shows updated evasion techniques and increased usage across multiple countries. From … Read more

Houthi rebels are operating their own GuardZoo spyware

July 9, 2024 at 07:07AM Surveillance malware like NSO Group’s Pegasus often gets the attention, but less sophisticated tools like GuardZoo, used by Houthi rebels in Yemen, are still prevalent. Distributed through social engineering, it targets military members in Yemen and other countries. Despite being less advanced than Pegasus, its widespread use presents a significant … Read more

Pakistani Hacking Team ‘Celestial Force’ Spies on Indian Gov’t, Defense

June 13, 2024 at 06:08AM A new report from Cisco Talos details a group called “Cosmic Leopard,” operating as “Operation Celestial Force,” which has been conducting cyber espionage against Indian government and defense entities for at least six years. The group’s tactics include using malware like GravityRAT and HeavyLift to target individuals and organizations. Preventative … Read more

Physical security biz exposes 1.2M files via unprotected database

May 7, 2024 at 06:35AM UK-based physical security business Amberstone Security exposed nearly 1.3 million documents, including pictures of guards and suspected offenders, through a misconfigured public database. The exposed data raised concerns about personal privacy, public safety, and the integrity of security operations. After notification, Amberstone revoked public access to the database and initiated … Read more

Judge orders NSO to cough up Pegasus super-spyware source code

March 1, 2024 at 04:43PM Israel-based NSO Group has been ordered by a California federal judge to share the source code for its Pegasus spyware with Meta’s WhatsApp due to a 2019 lawsuit for alleged spying on 1,400 users. The ruling covers the period from April 2018 to May 2020 and represents a legal setback … Read more

Islamic Nonprofit Infiltrated for 3 Years With Silent Backdoor

February 13, 2024 at 10:23AM Researchers found that a Saudi Arabia charity was being monitored using a modified reverse proxy tool. It seems that the meeting notes mention that a charity in Saudi Arabia was under surveillance using a modified reverse proxy tool. Full Article