Thursday, March 30, 2023

Hackers used spyware made in Spain to target users in the UAE, Google says | TechCrunch

In November 2022, Google revealed the existence of a then-unknown spyware vendor called Variston. Now, Google researchers say they have seen hackers use Variston's tools in the United Arab Emirates.

"The actor using the exploit chain to target UAE users may be a customer or partner of Variston, or otherwise working closely with the spyware vendor," the blog post read.

logo
Publisher: TechCrunch
Date: 2023-03-29T12:00:46 00:00
Author: Lorenzo Franceschi Bicchierai
Twitter: @TechCrunch
Reference: (Read more) Visit Source



Google: Hackers in UAE targeted with Spanish spyware - Global Village Space | Technology

Google also discovered hackers exploiting an iOS zero-day bug, patched in November, to remotely plant spyware on users' devices.

Google also observed hackers exploiting a chain of three Android bugs targeting devices running an ARM-based graphics chip, including one zero-day.

The discovery of these new hacking campaigns is a reminder that the commercial spyware industry continues to thrive, says Google. Even smaller surveillance vendors have access to zero-days, and vendors stockpiling and using zero-day vulnerabilities in secret pose a severe risk to the internet.

logo
Publisher: Global Village Space | Technology
Date: 2023-03-29T12:27 00:00
Reference: (Read more) Visit Source



Spyware campaigns using zero-days found in Italy, Malaysia, Kazakhstan, UAE

One campaign targeted people in Italy, Malaysia and Kazakhstan, while the other operated in the United Arab Emirates (UAE), the researchers said.

Google called the campaigns "distinct, limited and highly targeted." The company did not specify the source of the spyware in either case, but said the incidents speak to the size of the marketplace for surveillance tools.

Reference: (Read more) Visit Source



Hackers compromise 3CX desktop app in a supply chain attack

A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used to target the company’s customers in an ongoing supply chain attack.

3CX is a VoIP IPBX software development company whose 3CX Phone System is used by more than 600,000 companies worldwide and has over 12 million daily users.

Publisher: BleepingComputer
Twitter: @BleepinComputer
Reference: (Read more) Visit Source



Bloomberg - Are you a robot?
Reference: (Read more) Visit Source



No comments:

Post a Comment