Schneier on Security

DECEMBER 17, 2020

Lots of details in the article. The cyberweapons arms business is immoral in many ways. This is just one of them.

Spyware 361

Spyware Surveillance Government Hacking 361

Schneier on Security

NOVEMBER 2, 2023

.” AccessNow puts this in context : For India to uphold fundamental rights, authorities must initiate an immediate independent inquiry, implement a ban on the use of rights-abusing commercial spyware, and make a commitment to reform the country’s surveillance laws.

Spyware 321

Spyware Surveillance Government 321

Schneier on Security

OCTOBER 18, 2022

Everyone visiting Qatar for the World Cup needs to install spyware on their phone. Everyone travelling to Qatar during the football World Cup will be asked to download two apps called Ehteraz and Hayya.

Spyware 358

Spyware Mobile 358

Security Affairs

DECEMBER 3, 2024

Poland probes Pegasus spyware abuse under the PiS government; ex-security chief Piotr Pogonowski arrested to testify before parliament. Poland’s government has been investigating the alleged misuse of Pegasus spyware by the previous administration and arrested the former head of Poland’s internal security service Piotr Pogonowski.

Spyware 117

Spyware Government Surveillance Hacking 117

Schneier on Security

JULY 11, 2024

Not a lot of details : Apple has issued a new round of threat notifications to iPhone users across 98 countries, warning them of potential mercenary spyware attacks. It’s the second such alert campaign from the company this year, following a similar notification sent to users in 92 nations in April.

Spyware 329

Spyware Cybersecurity 329

Security Affairs

DECEMBER 16, 2024

Researchers warn of previously undetected surveillance spyware, named NoviSpy, that was found infecting a Serbian journalist’s phone. The spyware’s deployment relied on Cellebrite’s unlocking process, combining two invasive technologies to compromise the journalists digital privacy comprehensively.

Spyware 105

Spyware Surveillance Technology Mobile 105

Schneier on Security

DECEMBER 13, 2021

Its Pegasus spyware was used against nine US State Department employees. We don’t know which NSO Group customer trained the spyware on the US. NSO Group’s descent into Internet pariah status continues. ”

Spyware 357

Spyware Internet Internet Government 357

Schneier on Security

DECEMBER 24, 2024

A judge has found that NSO Group, maker of the Pegasus spyware, has violated the US Computer Fraud and Abuse Act by hacking WhatsApp in order to spy on people using it. Jon Penney and I wrote a legal paper on the case.

Spyware 315

Spyware Hacking 315

Security Affairs

FEBRUARY 2, 2025

Meta announced the disruption of a malware campaign via WhatsApp that targeted journalists with the Paragon spyware. Meta announced that discovered and dismantled a malware campaign via WhatsApp that targeted journalists and civil society members with the Paragon spyware (aka Graphite). In 2024, its U.S.

Spyware 108

Spyware Hacking Surveillance Malware 108

Schneier on Security

NOVEMBER 15, 2022

Last month, we were warned not to install Qatar’s World Cup app because it was spyware. This month, it’s Egypt’s COP27 Summit app : The app is being promoted as a tool to help attendees navigate the event. But it risks giving the Egyptian government permission to read users’ emails and messages.

Spyware 340

Spyware Technology Encryption Government 340

Security Affairs

FEBRUARY 26, 2025

Researchers found an updated LightSpy spyware with enhanced data collection features targeting social media platforms like Facebook and Instagram. have found an updated version of the LightSpy spyware that supports an expanded set of data collection features to target social media platforms like Facebook and Instagram.

Data collection 103

Data collection Spyware Media Surveillance 103

Schneier on Security

MARCH 21, 2023

The New York Times is reporting that a US citizen’s phone was hacked by the Predator spyware. The simultaneous tapping of the target’s phone by the national intelligence service and the way she was hacked indicate that the spy service and whoever implanted the spyware, known as Predator, were working hand in hand.

Spyware 263

Spyware Hacking Government Technology 263

Schneier on Security

FEBRUARY 7, 2025

Kaspersky says: “This is the first known case of an app infected with OCR spyware being found in Apple’s official app marketplace.” Based on their assessment, infected Google Play apps have been downloaded more than 242,000 times. ” That’s a tactic I have not heard of before.

Malware 255

Malware Spyware 255

Schneier on Security

OCTOBER 7, 2022

The Greek journalist Thanasis Koukakis was spied on by his own government, with a commercial spyware product called “Predator.” ” That product is sold by a company in North Macedonia called Cytrox, which is in turn owned by an Israeli company called Intellexa. Koukakis is suing Intellexa.

Spyware 61

Spyware Government Surveillance 61

Security Affairs

NOVEMBER 1, 2024

New LightSpy spyware targets iPhones supporting destructive features that can block compromised devices from booting up. In May 2024, ThreatFabric researchers discovered a macOS version of LightSpy spyware that has been active in the wild since at least January 2024. The updated iOS version (7.9.0) The updated iOS version (7.9.0)

Spyware 98

Spyware Media Malware Hacking 98

Schneier on Security

OCTOBER 25, 2021

Citizen Lab is that a New York Times journalist was hacked with the NSO Group’s spyware Pegasus, probably by the Saudis. The world needs to do something about these cyberweapons arms manufacturers. This kind of thing isn’t enough; NSO Group is an Israeli company.

Spyware 258

Spyware Hacking Manufacturing 258

Security Affairs

MARCH 13, 2025

North Korea-linked APT group ScarCruft used a new Android spyware dubbed KoSpy to target Korean and English-speaking users. Lookout researchers attributed the spyware to the ScarCruft group with medium confidence. The spyware uses a unique IT for each victim that is calculated through a hardware fingerprint.

Spyware 78

Spyware Surveillance Encryption Malware 78

Tech Republic Security

SEPTEMBER 8, 2023

It’s a cat-and-mouse struggle as tech giants Microsoft and Apple deal with persistent threats from China state actors and Pegasus spyware.

Spyware 207

Spyware Cyber threats Mobile 207

Schneier on Security

MAY 24, 2024

New paper: “ Zero Progress on Zero Days: How the Last Ten Years Created the Modern Spyware Market “: Abstract: Spyware makes surveillance simple. The last ten years have also been marked by stark failures to control spyware and its precursors and components.

Marketing 331

Marketing Spyware Surveillance Government 331

Tech Republic Security

APRIL 12, 2024

Apple recommends that iPhone users install software updates, use strong passwords and 2FA, and don’t open links or attachments from suspicious emails to keep their device safe from spyware.

Spyware 182

Spyware Passwords Software Mobile 182

Schneier on Security

AUGUST 3, 2021

Forbes has the story : Paragon’s product will also likely get spyware critics and surveillance experts alike rubbernecking: It claims to give police the power to remotely break into encrypted instant messaging communications, whether that’s WhatsApp, Signal, Facebook Messenger or Gmail, the industry sources said.

Manufacturing 363

Manufacturing Spyware Surveillance Encryption 363

Schneier on Security

NOVEMBER 24, 2021

Piling more on NSO Group’s legal troubles, Apple is suing it : The complaint provides new information on how NSO Group infected victims’ devices with its Pegasus spyware. NSO Group’s Pegasus spyware is favored by totalitarian governments around the world, who use it to hack Apple phones and computers.

Spyware 354

Spyware Hacking Government Malware 354

Tech Republic Security

FEBRUARY 14, 2024

In a new report from Google's Threat Analysis Group, the researchers detail how commercial surveillance vendors particularly use spyware and target Google and Apple devices.

Spyware 198

Spyware Surveillance Mobile Cybersecurity 198

Schneier on Security

SEPTEMBER 17, 2021

Citizen Lab released a report on a zero-click iMessage exploit that is used in NSO Group’s Pegasus spyware. Apple patched the vulnerability; everyone needs to update their OS immediately. News articles on the exploit.

Spyware 351

Spyware 351

Schneier on Security

APRIL 25, 2023

Following a report on its activities , the Israeli spyware company QuaDream has shut down. We also identify traces of a suspected iOS 14 zero-click exploit used to deploy QuaDream’s spyware. Victims include journalists, political opposition figures, and an NGO worker. We are not naming the victims at this time. and 14.4.2,

Manufacturing 317

Manufacturing Spyware Internet Internet 317

Penetration Testing

MARCH 3, 2024

The operators behind the invasive Predator mobile spyware remain undeterred by public exposure and scrutiny.

Spyware 141

Spyware Penetration Testing Risk Mobile 141

Schneier on Security

APRIL 6, 2022

This is the spyware company whose products were used, among other things, to spy on Turkish and Bahraini political opposition. FinFisher has shut down operations.

Manufacturing 309

Manufacturing Spyware Surveillance 309

The Hacker News

JANUARY 31, 2025

Meta-owned WhatsApp on Friday said it disrupted a campaign that involved the use of spyware to target journalists and civil society members. The campaign, which targeted around 90 members, involved the use of spyware from an Israeli company known as Paragon Solutions. The attackers were neutralized in December 2024.

Spyware 145

Spyware Encryption 145

Security Boulevard

MARCH 28, 2024

The number of zero-day vulnerabilities that are exploited jumped in 2023, with enterprises becoming a larger target and spyware vendors and China-backed cyberespionage groups playing an increasingly bigger role, according to Google cybersecurity experts.

Spyware 135

Spyware Cybersecurity Mobile Malware 135

Security Affairs

AUGUST 7, 2024

A previously unknown Android Spyware, dubbed LianSpy, has been targeting Russian users since at least 2021. In March 2024, cybersecurity researchers from Kaspersky discovered previously unknown Android spyware dubbed LianSpy. This AES key is then encrypted using a hardcoded public RSA key embedded in the spyware.

Spyware 142

Spyware Malware Encryption Data collection 142

Malwarebytes

MARCH 7, 2024

The US Treasury Department has sanctioned Predator spyware vendor Intellexa Consortium, and banned the company from doing business in the US. Intellexa is based in Greece but the Treasury Department imposed the sanctions because of the use of the spyware against Americans, including US government officials, journalists, and policy experts.

Spyware 127

Spyware Surveillance Government Mobile 127

Malwarebytes

JULY 12, 2024

In a new round, Apple is now warning users in 98 countries of potential mercenary spyware attacks. The message sent to the affected users says: “Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID.”

Spyware 141

Spyware Mobile Technology Passwords 141

The Hacker News

JUNE 7, 2024

Cybersecurity researchers have disclosed that the LightSpy spyware allegedly targeting Apple iOS users is in fact a previously undocumented macOS variant of the implant.

Spyware 143

Spyware Surveillance Malware Cybersecurity 143

Troy Hunt

FEBRUARY 27, 2025

Spyware / stalkerware apps Cocospu and Spyic leaker their data for all to see (and since that recording, Spyzie has also been added to the list) The Zimi Senoa IoT switches are beautiful. (.but but I think that Bluetooth mesh via a proprietary hub is going to be a show-stopper)

Spyware 204

Spyware IoT Data breaches 204

The Hacker News

AUGUST 6, 2024

Users in Russia have been the target of a previously undocumented Android post-compromise spyware called LianSpy since at least 2021.

Spyware 142

Spyware Malware Cybersecurity 142

The Hacker News

APRIL 15, 2024

Cybersecurity researchers have discovered a "renewed" cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy.

Spyware 144

Spyware Cybersecurity 144

Security Affairs

MARCH 2, 2024

Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Meta won the litigation against the Israeli spyware vendor NSO Group , a U.S. from April 29, 2018, to May 10, 2020). from April 29, 2018, to May 10, 2020).

Spyware 143

Spyware Surveillance Architecture Software 143