Reports from “The Washington Times” indicate that NSO Group’s Pegasus spyware was used to spy on more than 30 Thailand protestors.
spyware
Apple Shuts Down Hermit Spyware Distributed as Fake Enterprise App on iOS Devices
Apple has acted to block Hermit spyware, attributed to an Italian software firm, which targeted iOS devices by posing as an enterprise app.
NSO's Pegasus Spyware Sees Use in Five EU Countries, Interim Report Sees Publication
The EU has just released an interim report concerning NSO’s Pegasus spyware. The company admitted to five EU countries using the software.
EU Officials Targeted by State-Sponsored Attackers Using Pegasus Spyware
Pegasus spyware was confirmed to have targeted European Union officials after Apple send a mass alert warning them about the threat.
Israel Wants to Know if Pegasus Spyware Used in Own Country
The government of Israel is opening an investigation to determine if its own law enforcement used Pegasus spyware against Israeli businesses.
A Second Pegasus By a Different Company Disclosed
As if one wasn’t enough, sources indicate there’s a second Pegasus, by a different spy firm, attacking vulnerable iPhones and iPads.
NSO Targets: A List of People Infected With Pegasus Spyware
Omer Benjakob has put together a helpful list of NSO targets that includes every individual believed to have been infected with the group’s Pegasus spyware.
So far, targets have been found across the world: from India and Uganda to Mexico and the West Bank, with high-profile victims including U.S. officials and a New York Times journalist. Now, for the first time, Haaretz has assembled a list of confirmed cases involving Pegasus spyware.
Saudi Activist With EFF Sues DarkMatter Group for Hacking iPhone
Saudi human rights activist Loujain AlHathloul, along with the Electronic Frontier Foundation, is suing DarkMatter for hacking her iPhone. DarkMatter Group was created and run by former U.S. intelligence operatives.
Reuters broke the news about the hacking program called Project Raven in 2019, reporting that when UAE transferred the surveillance work to Emirati firm DarkMatter, the U.S. operatives, who learned spycraft working for the National Security Agency and other U.S. intelligence agencies, went along and ran DarkMatter’s hacking program, which targeted human rights activists like AlHathloul, political dissenters, and even Americans residing in the U.S.
Hacking US Diplomats in Uganda May Have Led to NSO Group Downfall
ArsTechnica shares the story of how U.S. diplomats in Uganda were hacked by Pegasus, a spyware tool from NSO Group.
Israeli and US officials declined to confirm that the Ugandan hack directly triggered a decision to blacklist NSO. But one US official who discussed the issue with Israel’s defense ministry said: “Look at the entire sequence of events here—this is careful, not by chance.” He added that putting NSO, one of the jewels of Israel’s tech community, on a US blacklist was designed to “punish and isolate” the company.
Adele's Shuffle Challenge and Apple's Stand on State-Sponsored Spyware, with Jeff Gamet - ACM 562
Bryan Chaffin and Jeff Gamet talk about Adele’s desire that we not shuffle her albums. They also look at Apple’s public stand against state-sponsored spyware.
'FinSpy' Spyware is Adept at Hiding Itself With a Four-Layer Method
FinSpy, a well-known piece of spyware from German company FinFisher, is good at hiding. Researchers at Kaspersky have reverse-engineered the malware.
In addition to a four-layer obfuscation method, the spyware also now employs a UEFI (Unified Extensible Firmware Interface) bootkit for infecting its targets, and it also encrypts the malware in memory, according to the researchers. The Kaspersky team’s research began in 2019, and they are finally sharing their findings today at Kaspersky’s online Security Analyst Summit.
Security Friday and Epic Updates – TMO Daily Observations 2021-09-10
Andrew Orr joins host Kelly Guimont to discuss Security Friday news and the latest in the Apple v Epic lawsuit.
Security Friday: Leaks, Phishing and Updates – TMO Daily Observations 2021-08-06
Andrew Orr joins host Kelly Guimont for Security Friday news and updates, including This Week in Data Leaks, and an update to a previous tip.
Facebook Tried to Buy a Hacking Tool to Spy on iPhone Users
According to court filings, when Facebook was in the early stages of building its spyware VPN called Onavo Protect, it noticed that it wasn’t as effective on Apple devices as it was on Android. So Facebook approached a hacking group called NSO Group to use its Pegasus malware.
According to the court documents, it seems the Facebook representatives were not interested in buying parts of Pegasus as a hacking tool to remotely break into phones, but more as a way to more effectively monitor phones of users who had already installed Onavo.
A Fix For That Scary WhatsApp Exploit is Live
An Israeli firm called NSO Group used a WhatsApp exploit to inject spyware on target devices. A fix for the exploit is live.
Given the stealthy way the attack was attempted, it’s impressive that WhatsApp caught it as quickly as they did. Engineers at Facebook have been busy sorting this one out over the weekend…Named CVE-2019-3568…affected versions include…WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51.
Major WhatsApp Spyware Vulnerability Revealed
A major WhatsApp vulnerability that allowed hackers to inject spyware via voice calls made on the popular messaging app has been revealed.
Spyware App Exodus Targets iPhone Users
Researchers found spyware app Exodus, originally designed for Android, has been found on iPhones, but we don’t know how many.
Facebook Shuts Down Onavo Spyware...We Think
Facebook is shutting down its Onavo spyware VPN and associated “research” app. That is, if you believe anything Facebook says.
To preempt any more scandals around Onavo and the Facebook Research app and avoid Google stepping in to forcibly block the apps, Facebook is now taking Onavo off the Play Store and stopping recruitment of Research testers. That’s a surprising voluntary move that perhaps shows Facebook is finally getting in tune with the public perception of its shady actions.
Eh, I wouldn’t go that far. Not with Facebook blaming users when it screws them over.
How Former U.S. Hackers Broke Into iPhones For UAE
A team of former U.S. hackers broke into iPhones for the United Arab Emirates. They used a spying tool called ‘Karma.’
Karma was used by an offensive cyber operations unit in Abu Dhabi comprised of Emirati security officials and former American intelligence operatives working as contractors for the UAE’s intelligence services. The existence of Karma and of the hacking unit, code named Project Raven, haven’t been previously reported.
Sounds like a powerful tool. They could remotely break into iPhones just by uploading phone numbers or email accounts into an automated system. It didn’t work on Android phones.
Facebook Spyware, Credit Card Privacy – TMO Daily Observations 2018-12-06
Today is all privacy, talking Facebook spyware and how to keep your credit card safe, with Andrew Orr, Charlotte Henry, & host Kelly Guimont.
Internal Facebook Documents Reveal iOS Spyware
Among the revelations, we learn more about the company’s free VPN app that was essentially spyware.
iPhone Spyware Company mSpy Leaks Customer Data
mSpy is an iPhone spyware company that makes software used by parents and others to snoop on iPhone usage, and it suffered a data breach.
Someone Is Selling Mac Malware on the Dark Web
The spyware may not be sophisticated, but it shows that cyber criminals are looking to Macs as a source of money and mayhem.