- eScan’s Mobile Security Application Capable of Detecting and Blocking Pegasus Spyware.
- The Global Spyware Market Index Report from Top10VPN.com revealed some startling statistics:
- 74 countries have bought and/or used invasive spyware technology since 2015.
- Spyware firms: 86% are based in countries considered full or flawed democracies by the EIU.
- Suspected customers: 55% are authoritarian or hybrid regimes, with only 7% considered full democracies.
- FinFisher has the most reported state customers (34), followed by Circles (25), and NSO Group (23).
- Two Critical Vulnerabilities Identified in Zimbra Webmail Solution.
- CVE-2021-35208
- Cross-Site Scripting (XSS) flaw “that triggers in a victim browser via a malicious email with a specially crafted JavaScript payload. If exploited successfully, the flaw enables an attacker to obtain illicit access to the victims’ email accounts and their webmail sessions”.
- CVE-2021-35209
- Server-Side Request Forgery (SSRF) flaw “that can be exploited by a remote attacker by combining it with the XSS vulnerability. The flaw allows unauthorized access to Zimbra’s HTTP client and pilfer private information like access tokens and credentials from Google Cloud and Amazon Web Services”.
