Collaborate Disseminate
The big news this week is Log4j, breaking just a few hours too late to be included in last week’s column. Folks are already asking if this is the most …read more Continue reading This Week in Security: Log4j, PDF CPU, and I Hacked Starlink
Meta removed seven “surveillance-for-hire” organizations that used Facebook to target at least 50,000 individuals across 100 countries for surveillance operations, some of which included the deployment of spyware, the company announced in a report Thursday. The operation marked a major step in efforts by the social media company against a sprawling surveillance industry that Facebook security experts warn is becoming more “democratized” and easily accessible to spy on not just high-profile targets, but ordinary users. The company removed hundreds of accounts belonging to firms known as Israeli Cobwebs Technologies, Cognyte, Black Cube, Bluehawk CI, India-based BellTroX, Macedonia-based Cytrox, and an unknown entity in China. Of the seven firms, only Cobwebs and Cognyte did not engage in what it called “exploitation” phase activities, or actually delivering malware to hack victims. Facebook sent cease and desist letters to the six named companies. Facebook has clashed with the growing spyware market for years. […]
The post Meta takes down 7 hacking-for-hire operations that targeted 50,000 users appeared first on CyberScoop.
Continue reading Meta takes down 7 hacking-for-hire operations that targeted 50,000 users
When Apple announced Nov. 23 that it filed a lawsuit against Israeli spyware firm NSO Group, it claimed that the firm and its clients “devote the immense resources and capabilities of nation-states to conduct highly targeted cyberattacks.” An independent analysis published Wednesday backs that claim up. Google Project Zero researchers Ian Beer and Samuel Groß took a deep dive into FORCEDENTRY, the malware developed by NSO Group that allowed adversaries to infect targeted Apple devices — without the owner’s knowledge — with NSO Group’s Pegasus spyware. The researchers concluded that it’s “one of the most technically sophisticated exploits” they’ve ever seen, rivaling “those previously thought to be accessible to only a handful of nation states.” Previous iterations of the Pegasus software required the victim to click a link in an SMS message. But FORCEDENTRY was an example of NSO Group’s zero-click exploitation technology, where no interaction from the target was […]
The post NSO Group’s latest spyware on par with nation-state abilities, researchers say appeared first on CyberScoop.
Continue reading NSO Group’s latest spyware on par with nation-state abilities, researchers say
Nearly a dozen iPhones associated with U.S. State Department employees were hacked using spyware developed by Israel-based NSO Group, Reuters first reported Friday. The attacks were carried out in the last several months by an unknown assailant on U.S. officials either based in Uganda or focused on the country, sources told Reuters. The Washington Post and CNN also confirmed the intrusions. Previous reporting on NSO Group suggested that U.S. officials’ phones may have been targeted using software developed by NSO Group, but Friday’s report is the first to confirm successful breaches. As many as 11 U.S. diplomats received notices from Apple that they may have been targeted with the spyware, the Post reported. Apple began notifying potential targets around the world that they may have been targeted by the NSO Group software on Nov. 23, the same day the tech firm announced a lawsuit against NSO Group for allegedly violating […]
The post NSO Group tech reportedly used to hack US officials’ iPhones appeared first on CyberScoop.
Continue reading NSO Group tech reportedly used to hack US officials’ iPhones
On the same day Apple announced a lawsuit against Israeli spyware vendor NSO Group for developing hacking tools to help breach iOS technology, the company was notifying potential targets of those exploits. El Faro, a news organization in San Salvador, El Salvador, reported late Tuesday that 12 of its staff members received notices from the company, which warned that that “Apple believes you are being targeted by state-sponsored attackers who are trying to remotely compromise the iPhone associated with your Apple ID.” The company also sent notices to four others in San Salvador who are “leaders of Civil Society organizations and opposition political parties,” the news organization reported. Notices were also sent to six Thai activists and researchers critical of the government there, Reuters reported. NSO Group develops software designed to allow access to target devices through various bugs in Apple’s technology. A company spokesperson told CyberScoop Tuesday that its […]
The post Apple alerts journalists, activists about state-sponsored hacking attempts after NSO Group suit appeared first on CyberScoop.
Apple is suing Israeli spyware vendor NSO Group “to hold it accountable for the surveillance and targeting of Apple users,” the company announced Tuesday. The technology company is seeking to permanently ban NSO Group from using any Apple software, services or devices amid reports that the firm sells technology that makes it possible for governments to hack individual devices to spy on journalists, dissidents and human rights activists. As part of those efforts NSO Group has developed exploits capable of subverting Apple’s security controls, requiring “thousands of hours to investigate the attacks, identify the harm, diagnose the extent of the impact and exploitation, and develop and deploy the necessary repairs and patches to ensure that Apple servers,” the suit says. NSO Group did not immediately respond to a request for comment on Tuesday. “State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability,” […]
The post Apple sues NSO Group, spyware vendor known for helping governments hack critics appeared first on CyberScoop.
Continue reading Apple sues NSO Group, spyware vendor known for helping governments hack critics
European and Middle Eastern spyware and surveillance firms are marketing intrusion software to adversaries of the U.S., its intelligence allies and NATO, Atlantic Council research published Monday reveals. Looking at more than 200 companies that attended international arms fairs in the past two decades, researchers found that 85% of companies likely selling interception or intrusion technologies marketed these capabilities to governments outside their home country — even when no intelligence relationship existed. Five companies, including Israel-based Cellebrite and Sweden-based Micro Systemation AB, marketed those capabilities to U.S. and NATO adversaries. Neither company immediately responded to requests for comment. The findings coincide with an explosion of surveillance vendors attending international arms trade shows, including the heavily attended Milipol France and the U.K. -based Security and Policing Home Office. The report underscores growing concerns about the threat that spyware companies pose to the United States and its allies. U.S. and European leaders have […]
The post Spyware providers are flocking to international arms fairs to sell to NATO foes appeared first on CyberScoop.
Continue reading Spyware providers are flocking to international arms fairs to sell to NATO foes
The Commerce Department Wednesday added two Israeli spyware companies, NSO Group and Candiru, to its entity list of companies that pose a national security and foreign policy risk to the United States. The designation accuses both NSO Group and Candiru of having “developed and supplied spyware to foreign governments that used this tool to maliciously target government officials, journalists, business people, activists, academics, and embassy workers.” Inclusion on the list enacts stringent licensing requirements for exports to designated companies from U.S. businesses. Companies previously included on the list include Chinese firm Huawei, which the U.S. government has flagged as posing a risk to Americans’ data. Also added to the entity list Wednesday were Russia-based Positive Technologies and Singapore-based Computer Security Initiative. The Commerce Department accused the two companies of trafficking “cyber exploits used to gain access to information systems, threatening the privacy and security of individuals and organizations worldwide.” The […]
The post Commerce Department blacklists controversial spyware company NSO Group appeared first on CyberScoop.
Continue reading Commerce Department blacklists controversial spyware company NSO Group
The Commerce Department released a rule Wednesday aimed at stopping offensive cybersecurity tools made in the U.S. from falling into the hands of countries that use such software undermine human rights or national security. The new rule requires U.S. companies to obtain a license from the Commerce Department’s Bureau of Industry and Security before selling hacking tools to the governments and individuals in countries of national security concern, including China and Russia. Sales of defensive cybersecurity software are largely exempt from the rule. Technologies covered by the new rule include spyware and tools designed to carry out nefarious tasks, such as malicious trojans. “The United States is committed to working with our multilateral partners to deter the spread of certain technologies that can be used for malicious activities that threaten cybersecurity and human rights,” Commerce Secretary Gina Raimondo said in a statement. The new rule, which will take effect in […]
The post New Commerce Department rule to limit sale of offensive cyber tools to China, Russia appeared first on CyberScoop.
Aggressive cyber tools remain a topic of interest for “a lot of companies” pitching their technology to investors thanks to interest from government agencies and clients trying to test their defensive techniques, according to a former U.S. National Security Agency employee turned investor. Ron Gula, co-founder of the cyber investment firm Gula Tech Adventures and co-founder of Tenable Network Security, said Monday during CyberWeek, a summit presented by Scoop News Group, that an array of firms seeking investment are developing offensive software tools designed for intelligence agencies, along with federal and local police. Security personnel for years have crafted defensive tools out of known hacking techniques, using everything from phishing tests to leaked CIA hacking tools to hack clients in a way that’s designed to probe their defenses rather than steal data. Companies pitching this kind of software need to walk the fine line between intelligence gathering and law enforcement. There […]
The post ‘A lot’ of firms are developing offensive cyber techniques, hoping for investment appeared first on CyberScoop.
Continue reading ‘A lot’ of firms are developing offensive cyber techniques, hoping for investment