NSO Group – Page 5 – WindowsTechs.com

Spyware providers are flocking to international arms fairs to sell to NATO foes

Posted on November 8, 2021 by Tonya Riley

European and Middle Eastern spyware and surveillance firms are marketing intrusion software to adversaries of the U.S., its intelligence allies and NATO, Atlantic Council research published Monday reveals. Looking at more than 200 companies that attended international arms fairs in the past two decades, researchers found that 85% of companies likely selling interception or intrusion technologies marketed these capabilities to governments outside their home country — even when no intelligence relationship existed. Five companies, including Israel-based Cellebrite and Sweden-based Micro Systemation AB, marketed those capabilities to U.S. and NATO adversaries. Neither company immediately responded to requests for comment. The findings coincide with an explosion of surveillance vendors attending international arms trade shows, including the heavily attended Milipol France and the U.K. -based Security and Policing Home Office. The report underscores growing concerns about the threat that spyware companies pose to the United States and its allies. U.S. and European leaders have […]

The post Spyware providers are flocking to international arms fairs to sell to NATO foes appeared first on CyberScoop.

Continue reading Spyware providers are flocking to international arms fairs to sell to NATO foes→

Commerce Department blacklists controversial spyware company NSO Group

Posted on November 3, 2021 by Tonya Riley

The Commerce Department Wednesday added two Israeli spyware companies, NSO Group and Candiru, to its entity list of companies that pose a national security and foreign policy risk to the United States. The designation accuses both NSO Group and Candiru of having “developed and supplied spyware to foreign governments that used this tool to maliciously target government officials, journalists, business people, activists, academics, and embassy workers.” Inclusion on the list enacts stringent licensing requirements for exports to designated companies from U.S. businesses. Companies previously included on the list include Chinese firm Huawei, which the U.S. government has flagged as posing a risk to Americans’ data. Also added to the entity list Wednesday were Russia-based Positive Technologies and Singapore-based Computer Security Initiative. The Commerce Department accused the two companies of trafficking “cyber exploits used to gain access to information systems, threatening the privacy and security of individuals and organizations worldwide.” The […]

The post Commerce Department blacklists controversial spyware company NSO Group appeared first on CyberScoop.

Continue reading Commerce Department blacklists controversial spyware company NSO Group→

New Commerce Department rule to limit sale of offensive cyber tools to China, Russia

Posted on October 20, 2021 by Tonya Riley

The Commerce Department released a rule Wednesday aimed at stopping offensive cybersecurity tools made in the U.S. from falling into the hands of countries that use such software undermine human rights or national security. The new rule requires U.S. companies to obtain a license from the Commerce Department’s Bureau of Industry and Security before selling hacking tools to the governments and individuals in countries of national security concern, including China and Russia. Sales of defensive cybersecurity software are largely exempt from the rule. Technologies covered by the new rule include spyware and tools designed to carry out nefarious tasks, such as malicious trojans. “The United States is committed to working with our multilateral partners to deter the spread of certain technologies that can be used for malicious activities that threaten cybersecurity and human rights,” Commerce Secretary Gina Raimondo said in a statement. The new rule, which will take effect in […]

The post New Commerce Department rule to limit sale of offensive cyber tools to China, Russia appeared first on CyberScoop.

Continue reading New Commerce Department rule to limit sale of offensive cyber tools to China, Russia→

‘A lot’ of firms are developing offensive cyber techniques, hoping for investment

Posted on October 18, 2021 by AJ Vicens

Aggressive cyber tools remain a topic of interest for “a lot of companies” pitching their technology to investors thanks to interest from government agencies and clients trying to test their defensive techniques, according to a former U.S. National Security Agency employee turned investor. Ron Gula, co-founder of the cyber investment firm Gula Tech Adventures and co-founder of Tenable Network Security, said Monday during CyberWeek, a summit presented by Scoop News Group, that an array of firms seeking investment are developing offensive software tools designed for intelligence agencies, along with federal and local police. Security personnel for years have crafted defensive tools out of known hacking techniques, using everything from phishing tests to leaked CIA hacking tools to hack clients in a way that’s designed to probe their defenses rather than steal data. Companies pitching this kind of software need to walk the fine line between intelligence gathering and law enforcement. There […]

The post ‘A lot’ of firms are developing offensive cyber techniques, hoping for investment appeared first on CyberScoop.

Continue reading ‘A lot’ of firms are developing offensive cyber techniques, hoping for investment→

Cherie Blair and the Dubai ruler who spied on his ex-wife’s phone with Pegasus spyware

Posted on October 7, 2021 by Graham Cluley

The UK High Court has determined that the ruler of Dubai, Sheikh Mohammed Al Maktoum, had his ex-wife’s smartphone hacked with the notorious Pegasus spyware, sold by the equally notorious NSO Group.

But what I find particularly fascinating is who bl… Continue reading Cherie Blair and the Dubai ruler who spied on his ex-wife’s phone with Pegasus spyware→

Hackers posed as Amnesty International, promising anti-spyware tool that actually collects passwords

Posted on September 30, 2021 by Tonya Riley

Fraudsters are posing as human rights group Amnesty International to trick individuals into downloading malicious software, researchers at Cisco’s threat intelligence unit Talos report. Masquerading as the human rights group, hackers registered multiple domains using variations on the Amnesty name to advertise a demo for “Amnesty Anti Pegasus” software that could allegedly scan devices for the NSO Group spyware, which Amnesty has closely examined. The malware had a realistic-looking “Anti Pegasus” user interface. In fact, victims downloaded Sarwent, a malicious software that gives attackers a backdoor to a victim’s machine. Hackers can use that access to download and execute other malicious tools as well as exfiltrate data such as passwords. The campaign preys on growing concerns around the threat of spyware. Human rights advocates have long criticized the NSO Group for the use of its technology by governments to spy on activists, dissidents and journalists. A sweeping July report by […]

The post Hackers posed as Amnesty International, promising anti-spyware tool that actually collects passwords appeared first on CyberScoop.

Continue reading Hackers posed as Amnesty International, promising anti-spyware tool that actually collects passwords→

Smashing Security podcast #243: Breaking news, Apple zero-clicks, and bad blood

Posted on September 16, 2021 by Graham Cluley

A Walmart press release says it’s jumping aboard the cryptocurrency bus – but is it true? Theranos’s Elizabeth Holmes goes on trial, and have you updated your Apple gadgets to protect against the latest NSO Group spyware attack?

All this and much mo… Continue reading Smashing Security podcast #243: Breaking news, Apple zero-clicks, and bad blood→

UN calls for human rights safeguards on artificial intelligence

Posted on September 15, 2021 by Tonya Riley

The United Nations’ top human rights official Wednesday called for a global moratorium on the sale and use of artificial intelligence systems that pose human rights concerns until safeguards are put in place. “We cannot afford to continue playing catch-up regarding AI – allowing its use with limited or no boundaries or oversight, and dealing with the almost inevitable human rights consequences after the fact,” U.N. High Commissioner for Human Rights Michelle Bachelet said alongside the release of a report on the emerging technology. “The power of AI to serve people is undeniable, but so is AI’s ability to feed human rights violations at an enormous scale with virtually no visibility.” The U.N. did not list specific AI tools that governments should ban. Instead, the report points to a number of ways the technology is used in decision-making that can have life-altering consequences, including the rise in the use of […]

The post UN calls for human rights safeguards on artificial intelligence appeared first on CyberScoop.

Continue reading UN calls for human rights safeguards on artificial intelligence→

S3 Ep50: Two 0-days plus another 0-day plus a fast food bug [Podcast]

Posted on September 15, 2021 by Paul Ducklin

Bugs! So many bugs! Latest episode – listen now… Continue reading S3 Ep50: Two 0-days plus another 0-day plus a fast food bug [Podcast]→

Apple fixes “zero-click” iMessage zero-day exploited to deliver spyware (CVE-2021-30860)

Posted on September 14, 2021 by Zeljka Zorz

Apple has released security updates for macOS, iOS, iPadOS, watchOS and Safari that patch two vulnerabilities (CVE-2021-30860, CVE-2021-30858) that are being exploited in attacks in the wild. About the vulnerabilities (CVE-2021-30860, CVE-2021-30858) A… Continue reading Apple fixes “zero-click” iMessage zero-day exploited to deliver spyware (CVE-2021-30860)→