FBI: Cuba ransomware breached 49 US critical infrastructure orgs
Researchers discover 14 new data-stealing web browser attacks
Microsoft Edge now bashes Google Chrome when you download it
Russian internet watchdog announces ban of six more VPN products
The Week in Ransomware – December 3rd 2021 – Seizing Bitcoin
Learn how to build embedded systems for $6 during Cyber Week
US State Dept employees’ phones hacked using NSO spyware
Fake support agents call victims to install Android banking malware
Qualys BrowserCheck
STOPDecrypter
AuroraDecrypter
FilesLockerDecrypter
AdwCleaner
ComboFix
RKill
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove the Smashapps.net Search Redirect
Remove the Smashappsearch.com Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
eLearning
IT Certification Courses
Gear + Gadgets
Security
US State Dept employees’ phones hacked using NSO spyware
Apple has warned US Department of State employees that their iPhones have been hacked by unknown attackers using an iOS exploit dubbed ForcedEntry to deploy Pegasus spyware developed by Israeli surveillance firm NSO Group.
The attacks hit US officials (at least 11 according to the Washington Post) based in or focused on matters concerning the East African country of Uganda and took place in recent months, according to anonymous sources cited by Reuters today.
While NSO canceled the customer accounts behind these intrusions and promised to investigate the attacks, a spokesperson told Reuters—who first reported the attacks—that the company doesn’t know what tools were used in the attack. NSO also declined to name the suspended customers.
“On top of the independent investigation, NSO will cooperate with any relevant government authority and present the full information we will have,” an NSO spokesperson separately told Motherboard.
“To clarify, the installation of our software by the customer occurs via phone numbers. As stated before, NSO’s technologies are blocked from working on US (+1) numbers. Once the software is sold to the licensed customer, NSO has no way to know who the targets of the customers are, as such, we were not and could not have been aware of this case.”
The news of Department of State employees’ phones being hacked to install Pegasus spyware comes on the heels of the US sanctioning NSO Group and three other companies from Israel, Russia, and Singapore last month for spyware development and selling hacking tools used by state-sponsored hacking groups.
NSO and Candiru have been added to the Commerce Department’s Bureau of Industry and Security (BIS) Entity List for supplying the software used by state hackers to spy on government officials, journalists, and activists.
Positive Technologies from Russia and Computer Security Initiative Consultancy PTE. LTD. from Singapore were sanctioned for the trafficking of exploits and hacking tools.
“Specifically, investigative information has shown that the Israeli companies NSO and Candiru developed and supplied spyware to foreign governments that used this tool to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers,” reads the Department of Commerce’s final ruling.
In early November, Apple has also filed a lawsuit against NSO and its parent company for targeting and spying on Apple users with surveillance tech.
For instance, NSO’s ForcedEntry exploit (also used to hack the nine State Dept employees) was employed by state attackers to compromise Apple devices and install Pegasus spyware, as revealed by the Citizen Lab in August.
Apple added at the time that it will notify all users targeted using the ForcedEntry exploit (alerts that were also sent to the hacked State Dept employees) and those who will be targeted in state-sponsored spyware attacks in the future, “in accordance with industry best practices.”
US sanctions NSO Group and three others for spyware and exploit sales
Apple sues spyware-maker NSO Group, notifies iOS exploit targets
U.S. offers $10 million reward for leaders of REvil ransomware
US targets DarkSide ransomware and its rebrands with $10 million reward
Microsoft: Iran-linked hackers target US defense tech companies
Not a member yet? Register Now
Nine WiFi routers used by millions were vulnerable to 226 flaws
Russian internet watchdog announces ban of six more VPN products
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.

source