Apple notifies new victims of spyware attacks across the world 苹果向部分用户发送通知称其设备遭政府间谍软件 targeting，并指导联系专业机构调查。已有两人公开证实收到通知：意大利记者Ciro Pellegrino和荷兰活动家Eva Vlaardingerbroek。两人均认为此举意在威胁或噤声。苹果去年也曾向多国用户发出类似警告。... 2025-4-30 18:32:27 | 阅读: 11 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com spyware pellegrino italian cancellato

Government hackers are leading the use of attributed zero-days, Google says 去年全球75起零日漏洞攻击中，至少23起由政府支持的黑客实施，其中中国和朝鲜各占5起。另有8起与间谍软件公司有关。多数攻击针对消费者设备和企业网络设备。... 2025-4-29 10:16:19 | 阅读: 13 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com security makers exploited attributed spyware

Citizen Lab says exiled Uyghur leaders targeted with Windows spyware 上月黑客针对流亡维吾尔领袖发起网络间谍活动，使用Windows间谍软件。Citizen Lab发现攻击者伪装成可信联系人发送恶意软件，技术虽不复杂但社会工程学水平高。... 2025-4-28 17:1:27 | 阅读: 12 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com wuc citizen uyghur spyware

Citizen Lab say exiled Uyghur leaders targeted with Windows spyware Unknown hackers targeted leaders of the exiled Uyghur community last month using Windows spyware. The campaign involved phishing emails impersonating trusted contacts, delivering malware via a password-protected file containing a malicious Uyghur language text editor. The attack showed advanced social engineering despite lacking sophisticated techniques.... 2025-4-28 16:31:27 | 阅读: 6 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com wuc uyghur citizen spyware mercenary

The TechCrunch Cyber Glossary 这篇文章是一份网络安全术语指南，涵盖了从常见到不常见的技术词汇，并详细解释了它们在行业中的使用背景和意义。内容包括高级持续性威胁（APT）、分布式拒绝服务攻击（DDoS）、加密技术等关键概念，并提供了相关链接供进一步参考。该资源不断发展更新，并欢迎读者提出反馈建议。... 2025-4-25 19:31:26 | 阅读: 12 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com security malicious software ransomware encryption

NSO lawyer names Mexico, Saudi Arabia, and Uzbekistan as spyware customers accused of 2019 WhatsApp hacks 墨西哥、沙特阿拉伯和乌兹别克斯坦政府被指控使用NSO集团的Pegasus间谍软件参与2019年针对超过1200名WhatsApp用户的黑客活动。这是NSO集团首次公开承认其客户身份。... 2025-4-16 19:51:1 | 阅读: 10 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com spyware techcrunch mexico hearing lawyer

NSO lawyer names Mexico, Saudi Arabia, and Uzbekistan as spyware customers behind 2019 WhatsApp hacks 墨西哥、沙特阿拉伯和乌兹别克斯坦等政府于2019年利用NSO集团的Pegasus间谍软件通过WhatsApp漏洞攻击了超过1200名用户。这是NSO集团首次公开承认其客户身份。受害者包括人权活动家和记者等。... 2025-4-16 16:2:26 | 阅读: 8 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com spyware techcrunch mexico lawyer hearing

For security, Android phones will now auto-reboot after three days Google Android新增自动重启功能：若手机连续锁定三天，系统将自动重启以增强安全性和隐私保护。... 2025-4-15 21:46:36 | 阅读: 9 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com security unlocked passcode lorenzo pushed

Notorious image board 4chan hacked and internal data leaked 知名匿名论坛4chan遭黑客攻击，网站瘫痪。泄露数据包括后端代码、用户管理模板及 moderators 和 janitors 名单。黑客可能潜伏系统一年多。事件引发对论坛运作及右翼极端主义关联的关注。... 2025-4-15 17:46:37 | 阅读: 21 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com 4chan techcrunch janitor rhetoric moderators

Court document reveals locations of WhatsApp victims targeted by NSO spyware NSO集团的间谍软件Pegasus在2019年被用于攻击全球51个国家的1223名WhatsApp用户，其中包括人权活动家和记者等。墨西哥是受影响最严重的国家，有456名受害者。... 2025-4-9 18:46:37 | 阅读: 7 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com spyware court victim techcrunch lawsuit

Governments identify dozens of Android apps bundled with spyware 多国政府联合发布间谍软件列表,伪装成合法Android应用,用于监控维吾尔人、藏人及台湾等群体,窃取隐私数据。... 2025-4-9 10:46:15 | 阅读: 23 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com ncsc wednesday spyware taiwanese civil

Google fixes two Android zero-day bugs actively exploited by hackers Google修复了两个零日漏洞（CVE-2024-53197和CVE-2024-53150），其中前者被用于针对Android设备的实际攻击。Amnesty International与Google合作发现该漏洞，并指出Cellebrite公司曾利用其攻击手机。... 2025-4-8 16:1:25 | 阅读: 14 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com amnesty monday lorenzo 917 franceschi

Someone is trying to recruit security researchers in bizarre hacking campaign 有人通过虚假账号在X平台上联系网络安全专家，招募黑客入侵中国注册网站并获取控制权，承诺每月支付高达10万美元。该计划目标不明确，可能涉及恶意用途。... 2025-4-1 16:31:30 | 阅读: 15 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com jack grugq recruiting bizarre

Oracle under fire for its handling of separate security incidents 甲骨文公司因处理两起数据泄露事件的方式受到批评。一起涉及其医疗健康子公司患者数据泄露，另一起涉及云服务器被入侵。尽管有证据显示存在漏洞，但甲骨文否认云服务器遭受攻击，并未向员工和客户充分说明情况。... 2025-3-31 19:1:29 | 阅读: 16 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com cloud techcrunch patient rose87168

Again and again, NSO Group’s customers keep getting their spyware operations caught Amnesty International报告称，两名塞尔维亚记者可能遭到NSO Group的Pegasus间谍软件攻击。研究人员通过恶意链接识别出NSO的基础设施，显示该公司及其客户在隐藏行踪方面越来越困难。... 2025-3-28 17:18:30 | 阅读: 24 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com spyware amnesty techcrunch citizen security

How to tell if your online accounts have been hacked 文章指出黑客正 increasingly targeting普通人的银行账户、加密货币和社交媒体账户，并提供了一系列应对措施，包括检查账户活动、启用多因素认证以及使用安全密钥等工具来增强安全性。文中还详细介绍了如何在Gmail、Facebook、Apple ID等平台上检测和处理可疑登录活动。... 2025-3-25 21:31:24 | 阅读: 11 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com credits techcrunch security tap recognize

Cyberattack disrupts train ticket sales in Ukraine 乌克兰国有铁路公司遭网络攻击，售票系统瘫痪但列车正常运行。基辅车站异常拥挤，乘客需排队购票或直接上车。公司称备用系统确保运营稳定。... 2025-3-24 16:16:22 | 阅读: 9 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com ukraine railway cyberattack monday

Valve removes video game demo suspected of being malware Valve从其在线商店Steam移除了游戏《Sniper: Phantom’s Resolution》，因用户报告其免费试玩版安装了恶意软件。此前Valve也曾因类似事件下架另一款游戏PirateFi。... 2025-3-21 20:46:21 | 阅读: 44 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com valve players plant shooter stakes

Russian zero-day seller is offering up to $4 million for Telegram exploits Operation Zero悬赏寻找针对Telegram的零日漏洞, 最高提供400万美元, 反映俄罗斯对Telegram的兴趣. Telegram因缺乏端到端加密而安全性较低, 或成为俄方目标.... 2025-3-21 13:16:25 | 阅读: 24 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com prices broker techcrunch sell lorenzo

North Korea launches new unit with a focus on AI hacking, per report 朝鲜设立新黑客组织研究室227，专注于研发进攻性网络技术、窃取数字资产及提升AI技术能力。近年来多次成功攻击加密交易所等目标。... 2025-3-20 20:34:3 | 阅读: 34 | 收藏 | Over Security - Cybersecurity news aggregator - techcrunch.com north korean rgb regime bybit