Everything you do with a #windows 11 computer is being recorded by microsoft
now a non #microsoft operative has found a way to extract this info
the result ? : info on everything you have been doing with a laptop is possible to be captured by a hacker
https://www.wired.com/story/total-recall-windows-recall-ai/
Dubbed TotalRecall the tool can pull all the information that Recall saves into its main database on a Windows laptop.
>"The database was easy prey," Hagenah says.
Since Microsoft revealed Recall in mid-May, security researchers have repeatedly compared it to spyware or stalkerware that can track everything you do on your device.
They were correct.
>"It's a Trojan 2.0 really, built in," Hagenah says, adding that he built TotalRecall only in order to show what is possible to capture peoples information. He is not going to do it himself but hopes Microsoft takes action after seeing this happen. So that people are safe.
Included in what the database captures are screenshots of whatever is on your desktop -- a potential gold mine for criminal hackers or domestic abusers who may physically access their victim's device. Images include captures of messages sent on encrypted messaging apps Signal and WhatsApp, and remain in the captures regardless of whether disappearing messages are turned on in the apps. There are records of websites visited and every bit of text displayed on the PC.
Once TotalRecall has been deployed, it will generate a summary about the data; it is also possible to search for specific terms in the database. Hagenah says an attacker could get a huge amount of information about their target, including insights into their emails, personal conversations, and any sensitive information that's captured by Recall.
Hagenah's work builds on findings from cybersecurity researcher Kevin Beaumont, who has detailed how much information Recall captures and how easy it can be to extract it.
https://github.com/xaitax/TotalRecall
#why #spyware #recall
now a non #microsoft operative has found a way to extract this info
the result ? : info on everything you have been doing with a laptop is possible to be captured by a hacker
https://www.wired.com/story/total-recall-windows-recall-ai/
Dubbed TotalRecall the tool can pull all the information that Recall saves into its main database on a Windows laptop.
>"The database was easy prey," Hagenah says.
Since Microsoft revealed Recall in mid-May, security researchers have repeatedly compared it to spyware or stalkerware that can track everything you do on your device.
They were correct.
>"It's a Trojan 2.0 really, built in," Hagenah says, adding that he built TotalRecall only in order to show what is possible to capture peoples information. He is not going to do it himself but hopes Microsoft takes action after seeing this happen. So that people are safe.
Included in what the database captures are screenshots of whatever is on your desktop -- a potential gold mine for criminal hackers or domestic abusers who may physically access their victim's device. Images include captures of messages sent on encrypted messaging apps Signal and WhatsApp, and remain in the captures regardless of whether disappearing messages are turned on in the apps. There are records of websites visited and every bit of text displayed on the PC.
Once TotalRecall has been deployed, it will generate a summary about the data; it is also possible to search for specific terms in the database. Hagenah says an attacker could get a huge amount of information about their target, including insights into their emails, personal conversations, and any sensitive information that's captured by Recall.
Hagenah's work builds on findings from cybersecurity researcher Kevin Beaumont, who has detailed how much information Recall captures and how easy it can be to extract it.
https://github.com/xaitax/TotalRecall
#why #spyware #recall
WIRED
This Hacker Tool Extracts All the Data Collected by Windows’ New Recall AI
Windows Recall takes a screenshot every five seconds. Cybersecurity researchers say the system is simple to abuse—and one ethical hacker has already built a tool to show how easy it really is.
Forwarded from Pegasus NSO & other spyware
LianSpy: Android spyware leveraging Yandex Disk as C2 | Securelist –
@androidMalware
#Russia #Android #LianSpy #Spyware
In March 2024, we discovered a campaign targeting individuals in Russia with previously unseen Android spyware we dubbed LianSpy. Our analysis indicates that the malware has been active since July 2021. This threat is equipped to capture screencasts, exfiltrate user files, and harvest call logs and app lists.
The malicious actor behind LianSpy employs multiple evasive tactics, such as leveraging a Russian cloud service, Yandex Disk, for C2 communications. They also avoid having dedicated infrastructure, and employ a lot of other features to keep the spyware undiscovered. Some of these features suggest that LianSpy is most likely deployed through either an unknown vulnerability or direct physical access to the target phone.@androidMalware
#Russia #Android #LianSpy #Spyware
#NSO – not government clients – operates its #spyware, legal documents reveal.
Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker – and not its government customers – is the party that “installs and extracts” information from mobile phones targeted by the company’s hacking software.
https://www.theguardian.com/technology/2024/nov/14/nso-pegasus-spyware-whatsapp
#pegasus
Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker – and not its government customers – is the party that “installs and extracts” information from mobile phones targeted by the company’s hacking software.
https://www.theguardian.com/technology/2024/nov/14/nso-pegasus-spyware-whatsapp
#pegasus
the Guardian
NSO – not government clients – operates its spyware, legal documents reveal
Details of emerge in sworn depositions by employees of Israeli company as part of lawsuit brought by WhatsApp
Meet the Spyware Companies Preparing to Unleash Their Tech During #Trump's 2nd Term
https://www.thelastamericanvagabond.com/spyware-unleash-trump-2nd-term/
#israel #Spyware #NSO #ParagonSolutions #fdt
https://www.thelastamericanvagabond.com/spyware-unleash-trump-2nd-term/
#israel #Spyware #NSO #ParagonSolutions #fdt
The Last American Vagabond
Meet the Spyware Companies Preparing to Unleash Their Tech During Trump's 2nd Term
A small but growing number of private companies selling digital tools to hack smartphones and messaging apps like WhatsApp and Signal are likely to benefit financially from the incoming Trump administration.
Here's Everything Microsoft Knows About Your PC
https://www.makeuseof.com/everything-microsoft-knows-about-your-pc/
Microsoft Recall screenshots credit cards and Social Security numbers, even with the "sensitive information" filter enabled
https://www.tomshardware.com/software/windows/microsoft-recall-screenshots-credit-cards-and-social-security-numbers-even-with-the-sensitive-information-filter-enabled
#windows #Microsoft #stalking #spyware #why
https://www.makeuseof.com/everything-microsoft-knows-about-your-pc/
Microsoft Recall screenshots credit cards and Social Security numbers, even with the "sensitive information" filter enabled
https://www.tomshardware.com/software/windows/microsoft-recall-screenshots-credit-cards-and-social-security-numbers-even-with-the-sensitive-information-filter-enabled
#windows #Microsoft #stalking #spyware #why
MUO
Here's Everything Microsoft Knows About Your PC
When you use a Windows computer, Microsoft collects a lot of data.
Forwarded from Pegasus NSO & other spyware
Israeli Hackers Flock to Barcelona in Big Spyware Shift | National Security & Cyber - Haaretz
"
#Spain #Israel #EU #Spyware
"
Elite" Israeli hackers are relocating to the EU and Spain to set up or join a new crop of firms selling exploit, now the hottest item in the world of cyber surveillance.#Spain #Israel #EU #Spyware
Forwarded from Pegasus NSO & other spyware
Inside FireScam : An Information Stealer with Spyware Capabilities - CYFIRMA
"
Via @androidMalware
#FireScam #Spyware
"
The malware employs a multi-stage infection process, starting with a dropper APK, and performs extensive surveillance activities once installed.
By capitalizing on the widespread usage of popular apps and legitimate services like Firebase, FireScam exemplifies the advanced tactics used by modern malware to evade detection, execute data theft, and maintain persistent control over compromised devices. This report provides an in-depth analysis of FireScam’s distribution, functionality, and impact."Via @androidMalware
#FireScam #Spyware
Forwarded from Pegasus NSO & other spyware
Catching Pegasus: Mercenary Spyware and the Liability of the NSO Group - CounterPunch
"
#Pegasus #NSO #Spyware #WhatsApp #US
"
On December 20, the most significant legal decision to date regarding NSO’s conduct was handed down by Senior District Judge Phyllis J. Hamilton of the US District Court for the Northern District of California. Her judgment concerned WhatsApp’s legal suit filed in 2019 against the NSO Group, alleging that Pegasus had been installed on approximately 1,400 mobile phones and devices owned by journalists, activists and diplomats to conduct surveillance upon them. In so doing, WhatsApp alleged that NSO had breached both the federal Computer Fraud and Abuse Act and California’s Comprehensive Computer Data Access and Fraud Act. After five years, the case took an interesting turn with a move by WhatsApp to seek partial summary judgment."
#Pegasus #NSO #Spyware #WhatsApp #US
Media is too big
VIEW IN TELEGRAM
Hi everyone, I'm JSR.
Me & my colleagues chase government hacking & censorship of dissidents & activists.
Heard of #Pegasus #spyware? Then you know about our work.
I'm part of the Citizen Lab, a ferociously independent research group based at the University of Toronto.
We try to 🥊punch above our weight.
Your device has probably gotten security updates that flowed from our collaborative investigations.
Craziest story? When we punked a team of mercenary🕵️ spies sent to target our research. https://www.youtube.com/watch?v=Z8IrU_jvnFk
I'm so proud of my colleagues & talented collaborators in the fight to serve fat helpings of good trouble & accountability.
Me & my colleagues chase government hacking & censorship of dissidents & activists.
Heard of #Pegasus #spyware? Then you know about our work.
I'm part of the Citizen Lab, a ferociously independent research group based at the University of Toronto.
We try to 🥊punch above our weight.
Your device has probably gotten security updates that flowed from our collaborative investigations.
Craziest story? When we punked a team of mercenary🕵️ spies sent to target our research. https://www.youtube.com/watch?v=Z8IrU_jvnFk
I'm so proud of my colleagues & talented collaborators in the fight to serve fat helpings of good trouble & accountability.
Forwarded from Pegasus NSO & other spyware
Italian government denies Paragon has cut spyware contract | Reuters
"
#Paragon #ParagonGraphite #Spyware #Italy
"
ROME, Feb 12 (Reuters) - Italy denied on Wednesday that Israeli spyware maker Paragon had cut ties with Rome following allegations that the Italian government had illegally used its technology to hack the phones of critics instead of criminals.
"Paragon has never suspended the service and has not terminated its contract," the cabinet undersecretary for intelligence matters, Alfredo Mantovano, told reporters."
"Italy's government subsequently said that seven mobile phone users in the country had been targeted by the spyware, which is intended for use on criminals. It denied any involvement in the illicit hack and called for an investigation.
However, the Guardian and Haaretz newspapers reported last week that Paragon had cut ties with Italy, allegedly because it did not believe the government denial."#Paragon #ParagonGraphite #Spyware #Italy
Media is too big
VIEW IN TELEGRAM
Time For Ubuntu to Drop #Firefox?
With changes to Firefox's Terms of Use, many Linux Distros (Fedora, Mint, & others) are now shipping #Spyware. Plus: Tech News media rushes to defend #Mozilla.
https://www.youtube.com/watch?v=uQt6F_ZqUYw
More from The Lunduke Journal:
https://lunduke.com/
With changes to Firefox's Terms of Use, many Linux Distros (Fedora, Mint, & others) are now shipping #Spyware. Plus: Tech News media rushes to defend #Mozilla.
https://www.youtube.com/watch?v=uQt6F_ZqUYw
More from The Lunduke Journal:
https://lunduke.com/
Analysis of #Paragon’s Graphite #Spyware Operations misusing #WhatsApp Zero-Click #exploit
https://citizenlab.ca/2025/03/a-first-look-at-paragons-proliferating-spyware-operations/
https://t.me/androidMalware
https://citizenlab.ca/2025/03/a-first-look-at-paragons-proliferating-spyware-operations/
https://t.me/androidMalware
Forwarded from Pegasus NSO & other spyware
Austria Approves Spyware Law to Infiltrate Encrypted Messaging Platforms | Adevs/Reclaim The Net
#Austria #Spyware #TKÜ
Austria is moving forward with legislation that would authorize law enforcement to infiltrate encrypted communications, marking a pivotal shift in the country’s surveillance powers and stirring a fierce debate over digital privacy.
The federal cabinet’s approval of the plan comes after months of negotiations, with proponents citing national security needs and opponents warning of expansive overreach.
The proposed law targets messaging platforms widely used for private communication, including WhatsApp, Signal, and Telegram.
It introduces the use of spyware, formally known as source TKÜ, which would allow authorities to bypass encryption and monitor conversations directly on suspects’ devices. The change represents a major escalation in surveillance capabilities for a country that has traditionally lagged behind its European counterparts in digital interception laws.#Austria #Spyware #TKÜ
#Austria Approves #Spyware Law to Infiltrate Encrypted Messaging Platforms
https://ift.tt/JuNIV7j - FOLLOW: @reclaimthenet
#im
https://ift.tt/JuNIV7j - FOLLOW: @reclaimthenet
#im
Reclaim The Net
Austria Approves Spyware Law to Infiltrate Encrypted Messaging Platforms
Austria bets on spyware as a national shield, gambling its digital soul for a sense of safety.
📱 Critical zero-click vulnerability (CVE-2025-55177) within #WhatsApp has been leveraged in targeted #spyware operations, in conjunction with an #Apple Imagel0 flaw (CVE-2025-43300).
The attack sequence involved:
🚫Attacker-controlled delivery
🚫Malicious DNG/remote image (Imagel0) parsing vulnerability (OOB write)
➿ Remote code execution
https://techcrunch.com/2025/08/29/whatsapp-fixes-zero-click-bug-used-to-hack-apple-users-with-spyware/
https://blog.quarkslab.com/patch-analysis-of-Apple-iOS-CVE-2025-43300.html
#iphone #ios
This combination enabled malicious actors to disseminate exploits via WhatsApp, resulting in potential data exfiltration from the user's Apple device.
The attack sequence involved:
🚫Attacker-controlled delivery
🚫Malicious DNG/remote image (Imagel0) parsing vulnerability (OOB write)
➿ Remote code execution
All occurring without user engagement.https://techcrunch.com/2025/08/29/whatsapp-fixes-zero-click-bug-used-to-hack-apple-users-with-spyware/
https://blog.quarkslab.com/patch-analysis-of-Apple-iOS-CVE-2025-43300.html
#iphone #ios
TechCrunch
WhatsApp fixes 'zero-click' bug used to hack Apple users with spyware | TechCrunch
A spyware vendor was behind a recent campaign that abused a vulnerability in WhatsApp to deliver an exploit capable of hacking into iPhones and Macs.
These 20 Apps Are Watching You—And You Probably Use Them Every Day
You might use these apps every day, but have no idea what they collect. These 20 apps are quietly harvesting your location, contacts, photos, and more—here's what you can do about it.
Everyone wants your data. There’s a lot of money in selling or sharing the information that apps collect about you. That's why tech companies leech data from your devices in exchange for whatever service they’re offering, and sometimes, collection happens without your consent. Some apps may surprise you. Why would a calendar app need access to your health data? Why does a calculator require your list of contacts? You might be surprised at the data some of the apps on your phone right now harvest this way.
https://www.pcmag.com/explainers/these-20-apps-are-watching-you
@healthimpact
#why #spyware
You might use these apps every day, but have no idea what they collect. These 20 apps are quietly harvesting your location, contacts, photos, and more—here's what you can do about it.
Everyone wants your data. There’s a lot of money in selling or sharing the information that apps collect about you. That's why tech companies leech data from your devices in exchange for whatever service they’re offering, and sometimes, collection happens without your consent. Some apps may surprise you. Why would a calendar app need access to your health data? Why does a calculator require your list of contacts? You might be surprised at the data some of the apps on your phone right now harvest this way.
https://www.pcmag.com/explainers/these-20-apps-are-watching-you
@healthimpact
#why #spyware