March 1, 2024 at 04:43PM Israel-based NSO Group has been ordered by a California federal judge to share the source code for its Pegasus spyware with Meta’s WhatsApp due to a 2019 lawsuit for alleged spying on 1,400 users. The ruling covers the period from April 2018 to May 2020 and represents a legal setback … Read more
March 1, 2024 at 11:21AM SecurityWeek’s cybersecurity news roundup compiles key developments in the industry, offering insight into critical vulnerabilities, policy changes, and industry reports. This week’s stories include Apple’s EU user security efforts, a macOS API bug, Intel’s vulnerability patching, CISA’s guide for university cybersecurity clinics, NSO’s court order, and China’s data security plan. … Read more
February 16, 2024 at 10:03AM A contract between NSO Group and Ghana’s telecom regulator suggests a new infection technique, “MMS Fingerprint,” allowing device identification without user interaction. Enea tested and confirmed this method, raising concerns about potential malicious use. While not seen in the wild, it poses potential security risks. Operators and subscribers can take … Read more
February 6, 2024 at 12:29PM Commercial spyware vendors were responsible for 80% of the zero-day vulnerabilities uncovered by Google’s Threat Analysis Group in 2023, enabling global device surveillance. Google monitors 40 vendors to detect exploitation attempts, finding that 35 of 72 zero-day exploits over the last decade targeted its products. Notable vendors include Cy4Gate, RCS … Read more
February 5, 2024 at 06:06PM The Biden administration has implemented a new policy allowing visa restrictions on individuals involved in misusing commercial spyware to target journalists, activists, and marginalized communities. This action aims to address privacy and human rights concerns. Notably, the policy could affect citizens of any country and reflects growing international concerns about … Read more
February 5, 2024 at 02:28PM Journalists, lawyers, and activists in Jordan are targeted by state-sponsored surveillance using the Pegasus spyware app, violating privacy and freedom of expression. Jordan’s new cybercrime law has been criticized as vague and ripe for abuse, while the NSO Group, which creates Pegasus, emphasizes its role in preventing terrorism and serious … Read more
January 26, 2024 at 09:31AM Multiple journalists in Togo have been targeted by the Pegasus spyware, including Loïc Lawson and Anani Sossou, with evidence of at least 23 intrusions. Other journalists such as Ferdinand Ayité, Luc Abaki, and Carlos Ketohou were also potential targets. The spyware allows access to various data on mobile devices without … Read more
December 13, 2023 at 01:07AM A Delhi-based think tank’s report argues that cybercrime groups and spyware vendors like Lazarus Group and NSO should be categorized as cyber mercenaries and face an international response. The usage of information technology in operations justifies this term. Concerns about the growth of this market and the need for legislation … Read more