Collaborate Disseminate
The November security bulletin includes two CVE’s reportedly exploited in the wild.
The post Android warns of Qualcomm exploit in latest security bulletin appeared first on CyberScoop.
Continue reading Android warns of Qualcomm exploit in latest security bulletin
A bug to hack your browser, then a bug to pwn the kernel… reported from the wild by Amnesty International.
Continue reading Apple issues emergency patches for spyware-style 0-day exploits – update now!
United Arab Emirates agents loaded Pegasus spyware on the phone of journalist Jamal Khashoggi’s wife months before his death, the Washington Post first reported Tuesday. The software was discovered by Citizen Lab, which examined the device at the request of the newspaper and Khashoggi’s wife, Hanan Elatr. Agents placed the spyware on her phone after seizing her from the Dubai airport in April 2018 and interrogating her, the researchers said. During the interrogations, they seized her two Android phones. Agents typed in a web address that researchers have tied to a network used to spread the spyware. The Post first reported in July that Elatr was targeted by Pegasus spyware via text messages, but researchers couldn’t tell if the hack was successful. It’s unclear if the spyware launched by UAE agents finished installing on the phone, Citizen Lab researcher Bill Marczak told the Post. However, the new findings are the […]
The post Report: Research ties Pegasus spyware on phone Jamal Khashoggi’s wife to UAE agents appeared first on CyberScoop.
Continue reading Report: Research ties Pegasus spyware on phone Jamal Khashoggi’s wife to UAE agents
A threat group known for using Android-based malware to target victims in Southeast Asia has been detected in Africa for the first time, according to Amnesty International research released Wednesday. Attackers tried to trick a Togolese activist into installing Android spyware via a series of WhatsApp messages and emails. The spyware would have allowed attackers to access a wealth of information including files stored on the device, WhatsApp messages as well as access to the phone’s camera and microphone. Spies targeted the human rights advocate, who Amnesty refused to name as a security precaution, between December 2019 and January 2020 during the lead-up to the country’s presidential election. Human rights experts and opposition leaders accused incumbent president Faure Gnassingbé of using police force to silence and brutalize protestors, disrupting election results. Groups including Amnesty International and the United Nations have called for a moratorium on the sale of surveillance technology, […]
The post Spies used Android malware to try collecting intelligence from a Togolese activist, Amnesty says appeared first on CyberScoop.
Fraudsters are posing as human rights group Amnesty International to trick individuals into downloading malicious software, researchers at Cisco’s threat intelligence unit Talos report. Masquerading as the human rights group, hackers registered multiple domains using variations on the Amnesty name to advertise a demo for “Amnesty Anti Pegasus” software that could allegedly scan devices for the NSO Group spyware, which Amnesty has closely examined. The malware had a realistic-looking “Anti Pegasus” user interface. In fact, victims downloaded Sarwent, a malicious software that gives attackers a backdoor to a victim’s machine. Hackers can use that access to download and execute other malicious tools as well as exfiltrate data such as passwords. The campaign preys on growing concerns around the threat of spyware. Human rights advocates have long criticized the NSO Group for the use of its technology by governments to spy on activists, dissidents and journalists. A sweeping July report by […]
The post Hackers posed as Amnesty International, promising anti-spyware tool that actually collects passwords appeared first on CyberScoop.
United Nations experts on Thursday called for a halt to the sale and transfer of surveillance technology until countries introduce a regulatory framework to address the human rights impact of its abuse. “It is highly dangerous and irresponsible to allow the surveillance technology and trade sector to operate as a human rights-free zone,” the experts warned. The statement specifically singles out the Israeli spyware company NSO Group, which has been condemned for years by privacy advocates for aiding authoritarian regimes in tracking and intimidating journalists, human rights advocates and dissidents. The call for action follows a report from Amnesty International that the company’s Pegasus spyware was more widely used than previously thought. Between July 2014 and July 2021, the NSO group’s Pegasus software was used to target more than three dozen smartphones belonging to journalists, human rights activists and business executives, according to a Amnesty’s investigation with the French journalism nonprofit […]
The post UN experts join growing calls for moratorium on surveillance technology appeared first on CyberScoop.
Continue reading UN experts join growing calls for moratorium on surveillance technology
NSO Group’s Pegasus spyware may be actively exploiting the most recent software in the iPhone 12 to monitor victims through the world, according to a sweeping new report from Amnesty International. “These most recent discoveries indicate NSO Group’s customers are currently able to remotely compromise all recent iPhone models and versions of iOS,” the group wrote in a report published on July 18. “We have reported this information to Apple, who informed us they are investigating the matter.” The revelation comes as part of a broader investigation into the use of the notorious spyware. Between July 2014 and July 2021, the NSO group’s Pegasus software was used to target more than three dozen smartphones belonging to journalists, human rights activists and business executives, according to a joint investigation between Amnesty, French journalism nonprofit Forbidden Stories and 17 media organizations including The Washington Post. Targets included Hatice Cengiz, fiancee of murdered […]
The post Sweeping report details how NSO Group spyware leverages iOS software for surveillance appeared first on CyberScoop.
Two watchdog groups sued the New York Police Department over the agency’s refusal to disclose public records about its acquisition of facial recognition technology and other surveillance tools. The lawsuit, filed by Amnesty International and Surveillance Technology Oversight Project, could force the NYPD to hand over records that will shed light on the depth of its surveillance capabilities. “It’s so outrageous that when New Yorkers came out to protest police abuse they were just met with more of the same,” said Albert Fox Cahn, executive director of S.T.O.P. “We have no idea how often they were using this technology to track New Yorkers who were exercising their First Amendment rights.” Amnesty International last September filed a request seeking public records about the procurement, functionality and general use of facial recognition technology, drones and other surveillance technologies by the NYPD before and during Black Lives Matters protests. The NYPD denied the […]
The post Amnesty sues NYPD, seeking details about facial recognition technology and arrest data appeared first on CyberScoop.
For the past several years a Vietnamese hacking group best known for its attacks on the auto sector has been targeting activists and non-governmental organizations with spyware, according to an Amnesty International investigation published Wednesday. The suspected government-linked hackers, known as OceanLotus or APT32, specifically targeted pro-democracy activist Bui Thanh Hieu, who writes about human rights and economic justice, with spyware on four occasions between February 2018 and December 2019, according to the investigation. The same group launched spyware against a blogger, who has written on a violent police clash in Vietnam in 2009, three times between July and November of last year. Bui Thanh Hieu has been exiled in Germany since 2013. Amnesty did not identify the blogger out of concern for their safety. The hackers also went after the Vietnamese Overseas Initiative for Conscience Empowerment (VOICE), which works on behalf of Vietnamese refugees resettling, in April of 2020. […]
The post Vietnamese hackers spent years harassing human rights activists with spyware appeared first on CyberScoop.
Continue reading Vietnamese hackers spent years harassing human rights activists with spyware
The South Sudanese government obtained surveillance capabilities from an Israeli company between at least 2015 and 2017 in order to wiretap citizens’ phones, according to an Amnesty International investigation published Tuesday. The company, Verint Systems Ltd., a subsidiary of U.S.-based Verint Systems Inc., worked with the government of South Sudan to provide “communications interception equipment and annual support services,” according to documents reviewed by Amnesty International. As part of the arrangement, South Sudan required Vivacell, a telecommunications company, to pay Verint at least $762,236 in order to intercept citizens’ communications, according to Amnesty’s assessment. The reports of South Sudan’s National Security Service’s (NSS) intrusive surveillance meld into a pattern of dangerous human rights abuses in South Sudan, including prolonged detention, extrajudicial killings and the silencing of government critics, human rights activists and journalists, according to Amnesty. A United Nations Panel of Experts found in 2016 that NSS’ “ability to identify […]
The post South Sudan worked with Israeli surveillance company to monitor citizens, Amnesty finds appeared first on CyberScoop.