NSO Group – Page 4 – WindowsTechs.com

‘A lot’ of firms are developing offensive cyber techniques, hoping for investment

Posted on October 18, 2021 by AJ Vicens

Aggressive cyber tools remain a topic of interest for “a lot of companies” pitching their technology to investors thanks to interest from government agencies and clients trying to test their defensive techniques, according to a former U.S. National Security Agency employee turned investor. Ron Gula, co-founder of the cyber investment firm Gula Tech Adventures and co-founder of Tenable Network Security, said Monday during CyberWeek, a summit presented by Scoop News Group, that an array of firms seeking investment are developing offensive software tools designed for intelligence agencies, along with federal and local police. Security personnel for years have crafted defensive tools out of known hacking techniques, using everything from phishing tests to leaked CIA hacking tools to hack clients in a way that’s designed to probe their defenses rather than steal data. Companies pitching this kind of software need to walk the fine line between intelligence gathering and law enforcement. There […]

The post ‘A lot’ of firms are developing offensive cyber techniques, hoping for investment appeared first on CyberScoop.

Continue reading ‘A lot’ of firms are developing offensive cyber techniques, hoping for investment→

Cherie Blair and the Dubai ruler who spied on his ex-wife’s phone with Pegasus spyware

Posted on October 7, 2021 by Graham Cluley

The UK High Court has determined that the ruler of Dubai, Sheikh Mohammed Al Maktoum, had his ex-wife’s smartphone hacked with the notorious Pegasus spyware, sold by the equally notorious NSO Group.

But what I find particularly fascinating is who bl… Continue reading Cherie Blair and the Dubai ruler who spied on his ex-wife’s phone with Pegasus spyware→

Hackers posed as Amnesty International, promising anti-spyware tool that actually collects passwords

Posted on September 30, 2021 by Tonya Riley

Fraudsters are posing as human rights group Amnesty International to trick individuals into downloading malicious software, researchers at Cisco’s threat intelligence unit Talos report. Masquerading as the human rights group, hackers registered multiple domains using variations on the Amnesty name to advertise a demo for “Amnesty Anti Pegasus” software that could allegedly scan devices for the NSO Group spyware, which Amnesty has closely examined. The malware had a realistic-looking “Anti Pegasus” user interface. In fact, victims downloaded Sarwent, a malicious software that gives attackers a backdoor to a victim’s machine. Hackers can use that access to download and execute other malicious tools as well as exfiltrate data such as passwords. The campaign preys on growing concerns around the threat of spyware. Human rights advocates have long criticized the NSO Group for the use of its technology by governments to spy on activists, dissidents and journalists. A sweeping July report by […]

The post Hackers posed as Amnesty International, promising anti-spyware tool that actually collects passwords appeared first on CyberScoop.

Continue reading Hackers posed as Amnesty International, promising anti-spyware tool that actually collects passwords→

Smashing Security podcast #243: Breaking news, Apple zero-clicks, and bad blood

Posted on September 16, 2021 by Graham Cluley

A Walmart press release says it’s jumping aboard the cryptocurrency bus – but is it true? Theranos’s Elizabeth Holmes goes on trial, and have you updated your Apple gadgets to protect against the latest NSO Group spyware attack?

All this and much mo… Continue reading Smashing Security podcast #243: Breaking news, Apple zero-clicks, and bad blood→

UN calls for human rights safeguards on artificial intelligence

Posted on September 15, 2021 by Tonya Riley

The United Nations’ top human rights official Wednesday called for a global moratorium on the sale and use of artificial intelligence systems that pose human rights concerns until safeguards are put in place. “We cannot afford to continue playing catch-up regarding AI – allowing its use with limited or no boundaries or oversight, and dealing with the almost inevitable human rights consequences after the fact,” U.N. High Commissioner for Human Rights Michelle Bachelet said alongside the release of a report on the emerging technology. “The power of AI to serve people is undeniable, but so is AI’s ability to feed human rights violations at an enormous scale with virtually no visibility.” The U.N. did not list specific AI tools that governments should ban. Instead, the report points to a number of ways the technology is used in decision-making that can have life-altering consequences, including the rise in the use of […]

The post UN calls for human rights safeguards on artificial intelligence appeared first on CyberScoop.

Continue reading UN calls for human rights safeguards on artificial intelligence→

S3 Ep50: Two 0-days plus another 0-day plus a fast food bug [Podcast]

Posted on September 15, 2021 by Paul Ducklin

Bugs! So many bugs! Latest episode – listen now… Continue reading S3 Ep50: Two 0-days plus another 0-day plus a fast food bug [Podcast]→

Apple fixes “zero-click” iMessage zero-day exploited to deliver spyware (CVE-2021-30860)

Posted on September 14, 2021 by Zeljka Zorz

Apple has released security updates for macOS, iOS, iPadOS, watchOS and Safari that patch two vulnerabilities (CVE-2021-30860, CVE-2021-30858) that are being exploited in attacks in the wild. About the vulnerabilities (CVE-2021-30860, CVE-2021-30858) A… Continue reading Apple fixes “zero-click” iMessage zero-day exploited to deliver spyware (CVE-2021-30860)→

Apple patches against alleged NSO Group zero-click exploit used on activists

Posted on September 13, 2021 by Tonya Riley

Apple released a patch Monday against two security vulnerabilities, one of which the Israeli surveillance company NSO Group has exploited, according to researchers. The updated iOS software patches against a zero-click exploit that uses iMessage to launch malicious code, which in turn allows NSO Group clients to infiltrate targets — including the phone of a Saudi activist in March, researchers at Citizen Lab said. The exploit uses a manipulated gif to crash Apple’s image rendering library. It then launches spyware that researchers say shares distinct features with NSO Group’s Pegasus spyware. Researchers have named the exploit “FORCEDENTRY.” Zero-click exploits prove especially dangerous because they don’t require users to open the malicious message or link for hackers to gain access to your phone. Researchers are urging Apple Mac, iPhone and Apple Watch users to immediately update their iOS software. The NSO Group exploit was a zero-day, or previously unknown, vulnerability. It’s […]

The post Apple patches against alleged NSO Group zero-click exploit used on activists appeared first on CyberScoop.

Continue reading Apple patches against alleged NSO Group zero-click exploit used on activists→

Bahrain hacked activists’ iPhones with NSO Group spyware, Citizen Lab says

Posted on August 24, 2021 by Tonya Riley

Government hackers used NSO Group surveillance technology to infiltrate the phones of nine Bahraini activists, according to a new report from Citizen Lab. The victims included a blogger, activist, members of political organization Waad and members of the Bahrain Center for Human Rights. Five of the targets identified by Citizen Lab, an internet watchdog from from the University of Toronto, were listed on a list of individuals obtained by Amnesty International as a part of its “Pegasus Project” investigation. The list is believed to comprise potential targets of NSO Group’s customers. Hackers used fake texts that linked out to malicious software as well as “zero-click” attacks, which do not require any user interaction. Researchers found that attackers successfully exploited the most recent versions of Apple iOS, circumventing protections introduced by the company in January to protect users against such attacks. Amnesty Tech has also reported zero-click exploits successfully exploiting iOS […]

The post Bahrain hacked activists’ iPhones with NSO Group spyware, Citizen Lab says appeared first on CyberScoop.

Continue reading Bahrain hacked activists’ iPhones with NSO Group spyware, Citizen Lab says→

UN experts join growing calls for moratorium on surveillance technology

Posted on August 12, 2021 by Tonya Riley

United Nations experts on Thursday called for a halt to the sale and transfer of surveillance technology until countries introduce a regulatory framework to address the human rights impact of its abuse. “It is highly dangerous and irresponsible to allow the surveillance technology and trade sector to operate as a human rights-free zone,” the experts warned. The statement specifically singles out the Israeli spyware company NSO Group, which has been condemned for years by privacy advocates for aiding authoritarian regimes in tracking and intimidating journalists, human rights advocates and dissidents. The call for action follows a report from Amnesty International that the company’s Pegasus spyware was more widely used than previously thought. Between July 2014 and July 2021, the NSO group’s Pegasus software was used to target more than three dozen smartphones belonging to journalists, human rights activists and business executives, according to a Amnesty’s investigation with the French journalism nonprofit […]

The post UN experts join growing calls for moratorium on surveillance technology appeared first on CyberScoop.

Continue reading UN experts join growing calls for moratorium on surveillance technology→