Citizen Lab – WindowsTechs.com

New Leak Shows Business Side of China’s APT Menace

Posted on February 22, 2024 by BrianKrebs

A new data leak that appears to have come from one of China’s top private cybersecurity firms provides a rare glimpse into the commercial side of China’s many state-sponsored hacking groups. Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign espionage campaigns to the nation’s burgeoning and highly competitive cybersecurity industry. Continue reading New Leak Shows Business Side of China’s APT Menace→

Apple Patches Actively Exploited iOS, macOS Zero-Days

Posted on September 7, 2023 by Ryan Naraine

Apple pushes out an urgent point-update to its flagship iOS and macOS platforms to fix a pair of security defects being exploited in the wild.
The post Apple Patches Actively Exploited iOS, macOS Zero-Days appeared first on SecurityWeek.
Continue reading Apple Patches Actively Exploited iOS, macOS Zero-Days→

More than a dozen journalists sue NSO Group in U.S. court over alleged spyware targeting

Posted on December 1, 2022 by AJ Vicens

The lawsuit is the third against the Israeli firm in the U.S., but the first brought by journalists.

The post More than a dozen journalists sue NSO Group in U.S. court over alleged spyware targeting appeared first on CyberScoop.

Continue reading More than a dozen journalists sue NSO Group in U.S. court over alleged spyware targeting→

Security Vulnerabilities in Covert CIA Websites

Posted on September 30, 2022 by Bruce Schneier

Back in 2018, we learned that covert system of websites that the CIA used for communications was compromised by—at least—China and Iran, and that the blunder caused a bunch of arrests, imprisonments, and executions. We’re now learning that the CIA is still “using an irresponsibly secured system for asset communication.”

Citizen Lab did the research:

Using only a single website, as well as publicly available material such as historical internet scanning results and the Internet Archive’s Wayback Machine, we identified a network of 885 websites and have high confidence that the United States (US) Central Intelligence Agency (CIA) used these sites for covert communication…

Continue reading Security Vulnerabilities in Covert CIA Websites→

House Intel Chairman vows to put ‘greater emphasis’ on fighting spyware

Posted on July 27, 2022 by Suzanne Smalley

Spyware such as NSO Group-produced Pegasus is proliferating quickly and poses a threat to privacy and national security, experts said.

The post House Intel Chairman vows to put ‘greater emphasis’ on fighting spyware appeared first on CyberScoop.

Continue reading House Intel Chairman vows to put ‘greater emphasis’ on fighting spyware→

Congress goes after spyware purveyors. Will it make a difference?

Posted on July 25, 2022 by Suzanne Smalley

The crackdown on foreign commercial surveillance comes in the wake of high-profile attacks on diplomats and government officials abroad.

The post Congress goes after spyware purveyors. Will it make a difference? appeared first on CyberScoop.

Continue reading Congress goes after spyware purveyors. Will it make a difference?→

NSO Group’s Pegasus Spyware Used against Thailand Pro-Democracy Activists and Leaders

Posted on July 19, 2022 by Bruce Schneier

Yet another basic human rights violation, courtesy of NSO Group: Citizen Lab has the details:

Key Findings

We discovered an extensive espionage campaign targeting Thai pro-democracy protesters, and activists calling for reforms to the monarchy.

We forensically confirmed that at least 30 individuals were infected with NSO Group’s Pegasus spyware.

The observed infections took place between October 2020 and November 2021.

The ongoing investigation was triggered by notifications sent by Apple to Thai civil society members in November 2021. Following the notification, multiple recipients made contact with civil society groups, including the Citizen Lab.
…

Continue reading NSO Group’s Pegasus Spyware Used against Thailand Pro-Democracy Activists and Leaders→

Apple ramps up war on spyware, a growing digital scourge

Posted on July 6, 2022 by Tonya Riley

An Apple representative said that the company has alerted potential victims of highly targeted mercenary spyware in 150 countries.

The post Apple ramps up war on spyware, a growing digital scourge appeared first on CyberScoop.

Continue reading Apple ramps up war on spyware, a growing digital scourge→

Long Article on NSO Group

Posted on April 21, 2022 by Bruce Schneier

Ronan Farrow has a long article in the New Yorker on NSO Group, which includes the news that someone — probably Spain — used the software to spy on domestic Catalonian separatists.
Continue reading Long Article on NSO Group→

Report: Research ties Pegasus spyware on phone Jamal Khashoggi’s wife to UAE agents

Posted on December 21, 2021 by Tonya Riley

United Arab Emirates agents loaded Pegasus spyware on the phone of journalist Jamal Khashoggi’s wife months before his death, the Washington Post first reported Tuesday. The software was discovered by Citizen Lab, which examined the device at the request of the newspaper and Khashoggi’s wife, Hanan Elatr. Agents placed the spyware on her phone after seizing her from the Dubai airport in April 2018 and interrogating her, the researchers said. During the interrogations, they seized her two Android phones. Agents typed in a web address that researchers have tied to a network used to spread the spyware. The Post first reported in July that Elatr was targeted by Pegasus spyware via text messages, but researchers couldn’t tell if the hack was successful. It’s unclear if the spyware launched by UAE agents finished installing on the phone, Citizen Lab researcher Bill Marczak told the Post. However, the new findings are the […]

The post Report: Research ties Pegasus spyware on phone Jamal Khashoggi’s wife to UAE agents appeared first on CyberScoop.

Continue reading Report: Research ties Pegasus spyware on phone Jamal Khashoggi’s wife to UAE agents→