Podcasts about nso group

Military-grade spyware, once the province of shadowy intelligence outfits, is now being handed over to local police forces. As an Ontario resident, I find this deeply unsettling. These tools are powerful, precise, and built for a level of strategic nuance that most municipal sometimes even provincial police simply aren't equipped to handle. It's like handing a ten-year-old a scalpel and asking them to perform surgery. The intentions might be sincere, but the training, context, and oversight just aren't there. And that gap between tool and user is where things start to slip where privacy erodes, rights get sidelined, and the line between public safety and state overreach gets dangerously blurry. What Is Spyware and How Does It Work? At its core, spyware is software designed to secretly infiltrate and monitor digital devices usually without the knowledge or consent of the person being targeted. Once installed, it can track online activity, harvest sensitive information, and even take control of device functions like cameras and microphones. Military-grade spyware, like NSO Group's Pegasus or Paragon's Graphite, takes this to another level. These advanced tools can penetrate even the most secure devices, including phones protected by encrypted messaging apps like WhatsApp, iMessage, and Signal. Some spyware even uses "zero-click" exploits meaning the target doesn't need to click a suspicious link for their device to be compromised. This isn't just like wiretapping a phone call. Spyware can reveal a person's entire digital life recording private conversations, tracking real-time locations, logging browsing histories, and accessing stored files. For police, it's revolutionary. But for the rest of us? It's a chilling reminder that nothing is truly private anymore. Why Are Local Police Using Spyware? So, why are local police turning to such extreme surveillance measures? The short answer: encryption. As more people use encrypted communication platforms, traditional surveillance methods like wiretapping are becoming less effective. Criminal organizations, human traffickers, and other bad actors know how to hide their tracks using secure apps, creating a major challenge for law enforcement. Spyware gives police a way around these barriers by directly accessing the suspect's device and collecting evidence that would otherwise be out of reach. And there's public pressure, too. With high-profile crimes making headlines, law enforcement is under intense pressure to deliver fast results. Spyware, with its ability to gather and analyze large amounts of information in real time, can speed up investigations and improve the odds of making an arrest. In Canada, local police forces are increasingly adopting advanced surveillance technologies to stay ahead of tech-savvy criminals. But as these tools become more common, there's a growing concern: Who's watching the watchers? Ontario Police and "Graphite" Spyware Controversy A recent example that's sparked public debate is Ontario police's use of Graphite spyware. This highly advanced tool can bypass encrypted communications and operate without leaving a trace, meaning police can monitor individuals without them ever knowing. Police officials claim they only use Graphite in the most serious cases. But here's the catch there's little public information about how often it's used or what safeguards are in place. Without transparency, it's impossible to know whether police are sticking to serious crimes or deploying these powerful tools for more routine investigations. Civil liberties advocates are especially worried that spyware could be turned against people who challenge authority - journalists, political activists, or marginalized communities. And it's not just happening in Ontario. Across the globe, police forces are quietly adopting military-grade spyware, often without public input or clear legal oversight. RCMP's Use of Spyware It's not just local police getting in on the action. In 2022, the...

On this edition of Parallax Views, the Carnegie Endowment for International Peace's Zaha Hassan returns to the program alongside first-time guest Yousef Munayyer, a Senior Fellow at the Arab Center Washington D.C., to discuss the new book she co-edited with H.A. Hellyer entitled Suppressing Dissent: Shrinking Civic Space, Transnational Repression, and Palestine-Israel. Yousef is a contributor to the Suppressing Dissent and, amongst other things, he will discuss his piece in the book entitled "Closing Spaces Beyond Borders: Israel's Transnational Repression Network". Zaha will discuss a number of topics related to the book as well including her contribution, co-written with Layla Gantus, called "Between a Rock and a Hard Place: The Impact of Israel's Occupation and Palestinian Authoritarianism on Community Organizing and NGOs". The conversation will begin, of course, with a discussion of a case that makes this book timelier than ever: the detainment of Columbia University pro-Palestinian student protester Mahmoud Khalil by the Trump administration. From there we will discuss such issues as the Israeli-based NSO Group's infamous Pegasus spyware being used against Palestinian civil society organizations, the long shadow of the Oslo Accords, the interplay between the Israeli occupation and the governance in Gaza and the West Bank, revisiting Zaha's paper on the Human Rights-centric approach to dealing with Israel/Palestine, the debanking of Palestinian civil society individuals and organizations, the Palestinian Authority vs. Palestinian civil society, and much, much more. You can currently obtain an ebook download of Suppressing Dissent for FREE at the Carnegie Endowment website. Contributors include such previous Parallax Views guests as Nathan J. Brown, Dana El Kurd, and Dahlia Scheindlin as well as Lara Friedman, Marwa Fatafta, Yael Berda, Jessica Buxbaum, and many others.

US Justice Department charges employees of Chinese IT contractor i-Soon. Silk Typhoon targets the IT supply chain for initial access. Chrome extensions that change shape. Attackers target airflow misconfigurations. LibreOffice vulnerability opens the door to script-based attacks. NSO group leaders face charges in spyware case. Today, our own Dave Bittner is our guest as he appeared on the Adopting Zero Trust podcast at ThreatLocker's Zero Trust World 2025 event with hosts Elliot Volkman and Neal Dennis and guest Dr. Chase Cunningham. And turning $1B into thin air. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, our own Dave Bittner is in our guest spot as he appeared on the Adopting Zero Trust podcast at ThreatLocker's Zero Trust World 2025 event with hosts Elliot Volkman and Neal Dennis and guest Dr. Chase Cunningham aka Dr. Zero Trust. Adopting Zero Trust is an ongoing conversation about the people and organizations adopting Zero Trust. You can catch the full episode here where Dave and Dr. Zero Trust weigh the difference between delivering refined news and raw perspective, hitting critical mass for AI, and the current political environment. Selected Reading US charges Chinese nationals in cyberattacks on Treasury, dissidents and more (The Record) Silk Typhoon targeting IT supply chain (Microsoft) Malicious Chrome extensions can spoof password managers in new attack (Bleeping Computer)  Apache Airflow Misconfigurations Leak Login Credentials to Hackers (GB Hackers) LibreOffice Flaw Allows Attackers to Run Arbitrary Scripts via Macro URL (GB Hackers) Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks (SecurityWeek) Catalan court says NSO Group executives can be charged in spyware investigation (TechCrunch) Former top NSA cyber official: Probationary firings ‘devastating' to cyber, national security (CyberScoop)  Financial Organizations Urge CISA to Revise Proposed CIRCIA Implementation (SecurityWeek) North Koreans finish initial laundering stage after more than $1 billion stolen from Bybit (The Record)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Natalia Krapiva is the tech-legal Counsel with Access Now. Prior to that she worked as a prosecutor at Brooklyn District Attorney's Office. She's been fighting NSO Group to try to limit the sale and use of spyware for many years and  last December set a precedent with a win against this Israeli cyber-intelligence firm in the California court.We talk to her about this and the state of digital forensics. As she says "it's a game of cat and mouse."

In dieser Folge geht es um Methoden, mit denen Staaten - und zwar längst nicht nur autoritäre - ihre Bürger bespitzeln. Dissidenten, Journalisten, Politiker und andere Bevölkerungsgruppen waren bereits Opfer von Smartphone-Malware, die im staatlichen Auftrag installiert wurde. Die Hersteller dieser Spionagesoftware sind geheimnistuerische Unternehmen, die viel Geld für ihre Dienste nehmen. Sylvester und Christopher nehmen alle Beteiligten unter die Lupe und klären auch die Frage, ob Whatsapp die NSA verklagt hat. - [Predator-Analyse von Cisco Talos](https://blog.talosintelligence.com/mercenary-intellexa-predator/) - [Google Project Zero zu FORCEDENTRY](https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html) - https://media.ccc.de/v/38c3-from-pegasus-to-predator-the-evolution-of-commercial-spyware-on-ios - https://securitylab.amnesty.org/latest/2024/12/serbia-a-digital-prison-spyware-and-cellebrite-used-on-journalists-and-activists/ - [Details zum iOS Lockdown Mode](https://support.apple.com/de-de/105120) - https://securitylab.amnesty.org/get-help/ - https://securitylab.amnesty.org/partners-and-support/ - [Mobile Verification Toolkit (MVT)](https://docs.mvt.re/en/latest/)

It's become pretty easy to spot phishing scams: UPS orders you never made, banking alerts from companies you don't bank with, phone calls from unfamiliar area codes. But over the past decade, these scams – and the technology behind them – have become more sophisticated, invasive and sinister, largely due to the rise of something called ‘mercenary spyware.'The most potent version of this tech is Pegasus, a surveillance tool developed by an Israeli company called NSO Group. Once Pegasus infects your phone, it can see your texts, track your movement, and download your passwords – all without you realizing you'd been hacked.We know a lot of this because of Ron Deibert. Twenty years ago, he founded Citizen Lab, a research group at the University of Toronto that has helped expose some of the most high profile cases of cyber espionage around the world.Ron has a new book out called Chasing Shadows: Cyber Espionage, Subversion, and the Global Fight for Democracy, and he sat down with me to explain how spyware works, and what it means for our privacy – and our democracy.Note: We reached out to NSO Group about the claims made in this episode and they did not reply to our request for comment.Mentioned:“Chasing Shadows: Cyber Espionage, Subversion, and the Global Fight for Democracy,” by Ron Deibert“Meta's WhatsApp says spyware company Paragon targeted users in two dozen countries,” by Raphael Satter, ReutersFurther Reading:“The Autocrat in Your iPhone,” by Ron Deibert“A Comprehensive Analysis of Pegasus Spyware and Its Implications for Digital Privacy and Security,” Karwan Kareem“Stopping the Press: New York Times Journalist Targeted by Saudi-linked Pegasus Spyware Operator,” by Bill Marczak, Siena Anstis, Masashi Crete-Nishihata, John Scott-Railton, and Ron Deibert

Risky Business returns for its 19th year! Patrick Gray and Adam Boileau discuss the week's cybersecurity news and there is a whole bunch of it. They discuss: The incoming Trump administration guts the CSRB Biden's last cyber Executive Order has sensible things in it China's breach of the US Treasury gets our reluctant admiration Ross Ulbricht - the Dread Pirate Roberts of Silk Road fame - gets his Trump pardon New year, same shameful comedy Forti- and Ivanti- bugs US soldier behind the Snowflake hacks faces charges after a solid Krebs-ing And much, much (much! after a month off) more. This week's episode is sponsored by Sandfly Security, who make a Linux EDR solution. Founder Craig Rowland joins to talk about how the Linux ecosystem struggles with its lack of standardised approaches to detection and response. If you've got a telco full of unix, and people are asking how much Salt Typhoon you've got in there… Sandfly's tools are probably what you're looking for. If you like your Business like us… - Risky - then we're hiring! We're looking for someone to help with audio and video production for our work, manage our socials, and if you're also into the Cybers… even better. Position is remote, with a preference for timezones amenable to Australia/NZ. Drop us a line: editorial at risky.biz. This episode is also available on Youtube. Show notes POLITICO Pro | Article | Acting DHS chief ousts CSRB experts, other department advisers Treasury's sanctions office hacked by Chinese government, officials say Strengthening America's Resilience Against the PRC Cyber Threats | CISA AT&T, Verizon say they evicted Salt Typhoon from their networks Risky Bulletin: Looking at Biden's last cyber executive order - Risky Business Internet-connected devices can now have a label that rates their security | Reuters US sanctions prominent Chinese cyber company for role in Flax Typhoon attacks FCC ‘rip and replace' provision for Chinese tech tops cyber provisions in defense bill CIA nominee tells Senate he, too, wants to go on cyber offense | CyberScoop Trump tells Justice Department not to enforce TikTok ban for 75 days Judge rules NSO Group is liable for spyware hacks targeting 1,400 WhatsApp user devices | The Record from Recorded Future News Unpacking WhatsApp's Legal Triumph Over NSO Group | Lawfare Time to check if you ran any of these 33 malicious Chrome extensions Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on Fortinet FortiGate Firewalls - Arctic Wolf Ongoing attacks on Ivanti VPNs install a ton of sneaky, well-written malware Researchers warn of active exploitation of critical Apache Struts 2 flaw DOJ deletes China-linked PlugX malware off more than 4,200 US computers Russian internet provider confirms its network was ‘destroyed' following attack claimed by Ukrainian hackers | The Record from Recorded Future News Ukraine restores state registers after suspected Russian cyberattack | The Record from Recorded Future News Hackers claim to breach Russian state agency managing property, land records | The Record from Recorded Future News U.S. Army Soldier Arrested in AT&T, Verizon Extortions – Krebs on Security

Specter and zi discuss their winter break, cover some interesting CCC talks, and discuss the summary judgement in the WhatsApp vs. NSO Group case. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/268.html [00:00:00] Introduction [00:09:53] 38C3: Illegal Instructions [00:35:38] WhatsApp v. NSO Group [01:04:06] Vulnerability Research Highlights 2024 [01:08:45] Debugging memory corruption: Who wrote ‘2' into my stack?! [01:16:46] HardBreak [01:20:14] Announcing CodeQL Community Packs Podcast episodes are available on the usual podcast platforms: -- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063 -- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt -- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz -- Other audio platforms can be found at https://anchor.fm/dayzerosec You can also join our discord: https://discord.gg/daTxTK9

Sono sempre di più gli inverter, abbinati ad un impianto fotovoltaico, collegati alla rete internet. Può uno strumento di questo tipo trasformarsi in un potenziale pericolo e una “porta” per sabotare la rete elettrica? Quanto è grave l’allarme lanciato da un ricercatore specializzato in test di sicurezza per dispositivi connessi? Ne parliamo con Roberto Pezzali, esperto di tecnologia della redazione di Dday.it.Alcuni definiscono storica la vittoria legale di WhatsApp (Meta) contro NSO Group, l'azienda israeliana produttrice del software spia Pegasus. Quali conseguenze potrà avere e cosa ci dice sulla battaglia globale per il controllo degli strumenti di intelligence? Enrico Pagliarini lo chiede ad Andrea Zapparoli Manzoni, presidente di Hackmanac, società di analisi strategia delle minacce informatiche. Infine, con l’inizio del nuovo anno facciamo il punto sull’Intelligenza Artificiale Generativa con Enrico Bertino, Chief Technology Officer di Indigo.ai.E come sempre le notizie di innovazione e tecnologia più importanti della settimana.

Marta Peirano nos habla sobre Surveilled, el documental de Ronan Farrow en HBO, explora el uso de la tecnología de espionaje comercial Pegasus desarrollada por la empresa israelí NSO Group. A través de entrevistas con expertos, exfuncionarios y víctimas, Farrow revela cómo gobiernos de todo el mundo, incluido el español, han utilizado Pegasus para espiar a políticos, activistas y ciudadanos.Escuchar audio

Sponsor by ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠SEC Playground⁠ --- Support this podcast: https://podcasters.spotify.com/pod/show/chillchillsecurity/support

A federal judge finds NSO Group liable for hacking WhatsApp. China accuses the U.S. government of cyberattacks. The UK's Operation Destabilise uncovers a vast criminal network. An alleged LockBit developer says he did it for the money. Apache releases a security update for their Tomcat web server. Siemens issues a security advisory for their User Management Component. Italy's data protection authority fines OpenAI $15.6 million. Researchers demonstrate a method to bypass the latest Wi-Fi security protocol. Apple sends potential spyware victims to a nonprofit for help. Our guest is Sven Krasser, CrowdStrike's Senior Vice President Data Science and Chief Scientist, talking about balancing AI and human intervention. Hackers supersize their McDonald's delivery orders.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, our guest is Sven Krasser, CrowdStrike's Senior Vice President Data Science and Chief Scientist, talking about balancing AI and human intervention. Selected Reading Judge rules NSO Group is liable for spyware hacks targeting 1,400 WhatsApp user devices (Recorded Future) Chinese cyber center points finger at U.S. over alleged cyberattacks to steal trade secrets (CyberScoop) Inside Operation Destabilise: How a ransomware investigation linked Russian money laundering and street-level drug dealing (Recorded Future) Suspected LockBit dev faces extradition to the US (The Register) Apache fixes remote code execution bypass in Tomcat web server (Bleeping Computer) Siemens Warn of Critical Vulnerability in UMC (GovInfoSecurity) Italy's Privacy Watchdog Fines OpenAI for ChatGPT's Violations in Collecting Users Personal Data (SecurityWeek) WPA3 Network Password Bypassed via MITM Attack & Social Engineering (CyberSecurityNews.com) Apple Warns Users Of iPhone Spyware Attacks—What You Need To Know (Forbes) McDonald's Delivery App Vulnerability Let Anyone Place an Order for Just $0.01 (CyberSecurityNews.com) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Inappropriate apps rated as safe for children are prevalent in the App Store,Tesla is recalling almost 700,000 vehicles, and a Judge found spyware-maker NSO Group liable for attacks on WhatsApp users. It's Monday, December 23rd and this is Engadget News. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Privacy & Security FAQ: Week Ending November 19th, 20241. What happened with T-Mobile and Chinese hackers? Chinese hackers, suspected of ties to Chinese intelligence, infiltrated T-Mobile as part of a larger cyberespionage operation. This attack targeted telecom companies to gather intelligence on high-value targets. While T-Mobile claims no significant impact on their systems or customer data, the breach raises concerns about the security of telecommunications networks and the potential for surveillance. Google is rolling out an AI-powered scam call detection feature for Android phones, starting with Pixel 6 and newer models. This feature analyzes real-time conversation patterns to detect potential scams and alerts users through audio, haptic, and visual warnings. The system operates entirely on the device, ensuring privacy by not storing or transmitting call data externally. India's competition watchdog fined Meta $25.4 million and ordered WhatsApp to stop sharing user data with other Meta units for advertising for five years. This action stems from WhatsApp's 2021 privacy policy update, which mandated data sharing with Meta companies without an opt-out option. The watchdog deemed this practice as an abuse of Meta's dominant position and coercive towards users. Legal documents from a US lawsuit between NSO Group and WhatsApp revealed that NSO Group, not their government clients, directly install and extract information from phones targeted by their Pegasus spyware. This contradicts NSO's claims that clients solely operate the spyware. The revelation raises concerns about the control and accountability of NSO Group's powerful surveillance technology. ChatGPT's desktop app for macOS can now read code from developer-focused apps like VS Code, Xcode, and TextEdit. This integration allows developers to directly send code snippets to ChatGPT for analysis and assistance without manual copy-pasting. While it currently lacks the ability to write code directly into apps, this feature marks a step towards streamlined AI assistance in coding workflows. DeFlock is an open-source project utilizing Open Street Map to map the locations of automated license plate readers (ALPRs) worldwide. Concerned about the proliferation of these surveillance devices, the project encourages crowdsourced reporting of ALPR locations, including details like camera direction. You can contribute to this initiative by reporting ALPRs in your area on the DeFlock website: https://deflock.me/report. Internal emails revealed that the US Secret Service debated the need for warrants when using location data from smartphone apps. Some officials argued that users' acceptance of app terms of service implied consent for data sharing, even if those terms didn't explicitly mention sharing with law enforcement. This raised concerns about government agencies accessing private location data without proper legal authorization. How can you enhance your privacy and security? For secure communication: Consider using encrypted messaging apps like Signal or Session. Protect against phone fraud: Be wary of suspicious calls and consider enabling Google's AI-powered scam call detection. Control data sharing: Scrutinize app permissions and privacy policies before granting access to personal information. Support privacy initiatives: Contribute to projects like DeFlock and advocate for stronger data protection laws. Stay informed: Follow reputable sources for news on privacy and security issues to make informed decisions about your digital life.

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: Microsoft introduces some sensible sounding post-Crowdstrike changes Palo Alto patches hella-stupid bugs in its firewall management webapp CISA head Jen Easterly to depart as Trump arrives AI grandma tarpits phone scammers in family-tech-support hell Academic research supports your gut-reaction; phishing training doesn't work And much, much more. This week's episode is sponsored by Greynoise. The always excitable Andrew Morris joins to remind us that the edge-device vulnerabilities Pat and Adam complain about on the show are in fact actually even worse than we make them out to be. Andrew also tells us about a zero-day Greynoise' AI system truffle-pigged out of their data set. This episode is also available on Youtube. Show notes Windows security and resiliency: Protecting your business | Windows Experience Blog Microsoft revamps how it will disclose vulnerabilities | Cybersecurity Dive NIST says exploited vulnerability backlog cleared but end-of-year goal for full list unlikely Pots and Pans, AKA an SSLVPN - Palo Alto PAN-OS CVE-2024-0012 and CVE-2024-9474 Palo Alto Networks customers grapple with another actively exploited zero-day | Cybersecurity Dive Unpatched zero-days in Fortinet and Palo Alto Networks software Palo Alto Networks' customer migration tool hit by trio of CVE exploits | Cybersecurity Dive Readout of President Joe Biden's Meeting with President Xi Jinping of the People's Republic of China | The White House Easterly to step down from CISA director role on Inauguration Day | Cybersecurity Dive Top White House cyber official urges Trump to focus on ransomware, China Ransomware gang Akira leaks unprecedented number of victims' data in one day Hacker Is Said to Have Gained Access to File With Damaging Testimony About Gaetz 1,400 Pegasus spyware infections detailed in WhatsApp's lawsuit filings NSO Group admits cutting off 10 customers because they abused its Pegasus spyware, say unsealed court documents | TechCrunch Ransomware gang Akira leaks unprecedented number of victims' data in one day Ohio man behind Helix cryptocurrency mixer gets 3-year sentence O2 unveils Daisy, the AI granny wasting scammers' time - Virgin Media O2 Understanding the Efficacy of Phishing Training in Practice Bunnings facial recognition cameras breach Privacy Act, retailer to challenge ruling | news.com.au — Australia's leading news site Nudity, punches in newly released Bunnings CCTV as company found to breach Privacy Act | news.com.au — Australia's leading news site Bitfinex Hack Launderer Heather 'Razzlekhan' Morgan Sentenced to 18 Months in Prison

In today's podcast we cover four crucial cyber and technology topics, including: 1.        Criminals abuse brands in shopping-themed phishes 2.        GeoVision devices abused to support botnet 3.        T-Mobile compromise revealed; Chinese adversaries implicated 4.        NSO Group abused WhatsApp even after legal complaint I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

A UN Security Council draft resolution calls for an 'immediate' gaza cease-fire, Pres.-elect Trump says the Russia-Ukraine war has “gotta stop,” Sri Lanka's Pres. Dissanayake's coalition wins snap polls, a study suggests that Sudan's war death toll is much higher than records show, Trump picks RFK Jr. to lead the US Dept. of Health and Human Services, Elon Musk reportedly meets with Iran's UN Ambassador, court depositions suggest that NSO Group, not government clients, operates NSO spyware, the Bank of England's Governor Bailey calls for closer EU ties, experts suggest that UN climate talks need an urgent overhaul, and a Pentagon report says there were 21 unexplained 'UAP' sightings in a recent 12-month period. Sources: https://www.verity.news/

Unredacted court filings from WhatsApp's 2019 lawsuit against NSO Group reveal the scope of spyware infections. Glove Stealer can bypass App-Bound Encryption in Chromium-based browsers. Researchers uncover a new zero-day vulnerability in Fortinet's FortiManager. Rapid7 detects an updated version of LodaRAT. CISA warns of active exploitation of Palo Alto Networks' Expedition tool. Misconfigured Microsoft Power Pages accounts expose sensitive data. Iranian state hackers mimic North Koreans in fake job scams. Australia warns its critical infrastructure providers about state sponsored embedded malware. An especially cruel cybercriminal gets ten years in the slammer. Guest Ambuj Kumar, Co-founder and CEO of Simbian, joins us to discuss how AI Agents may change the cyber landscape. We're countin' down the top ten least secure passwords.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Ambuj Kumar, Co-founder and CEO of Simbian, joins us to discuss how AI Agents are going to change the cyber landscape. Selected Reading 1,400 Pegasus spyware infections detailed in WhatsApp's lawsuit filings (The Record) Glove Stealer Malware Bypasses Chrome's App-Bound Encryption (SecurityWeek) watchTowr Finds New Zero-Day Vulnerability in Fortinet Products ( Infosecurity Magazine) LodaRAT: Established malware, new victim patterns (Rapid7 Blog) CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks (SecurityWeek) Microsoft Power Pages misconfigs exposing sensitive data (The Register) Iranian Threat Actors Mimic North Korean Job Scam Techniques (BankInfo Security) Hackers Lurking in Critical Infrastructure to Wage Attacks (BankInfo Security) Cybercriminal devoid of boundaries gets 10-year prison sentence (The Register) Top 200 Most Common Passwords (NordPass) Special voting request.  Just when you thought voting was over for this year…It's time to vote…again! The N2K CyberWire hosting team of Dave Bittner, Maria Varmazis, and Joseph Carrigan have been nominated for the Creator of the Year category in the Baltimore region's 2024 Technical.ly Awards for their incredible work on the Hacking Humans podcast! If you're a fan of Hacking Humans, we'd be thrilled to have your support! Please cast your vote here. (Make sure you select the “Baltimore” region). Thanks for your vote! Voting ends Monday, November 18th, so don't delay! Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts wit h us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

La empresa israelí respondió a la denuncia del presidente Gustavo Petro en un mensaje dirigido a La W.

Two disappointments and a heaping helping of worry on this week's show. We're worried about the upcoming U.S. elections, though the FBI and CISA say there may be reason to worry less. Disappointments include Apple dropping a lawsuit against NSO Group and bad guys misusing American treasure Tom Hanks. We'll hit all of that on this edition of The Checklist, brought to you by SecureMac. Check out our show notes: SecureMac.com/Checklist And get in touch with us: Checklist@Securemac.com

In an unexpected turn of events, Apple has decided to drop its three-year-old lawsuit against the notorious spyware maker, NSO Group. What led to this shocking decision, and what does it mean for the future of cybersecurity and your personal data?

On this week's show, Patrick Gray and Adam Boileau discuss the weeks security news, including: Hezbollah's attempts to avoid SIGINT with pagers ends in explosions The US shines many bright lights on RT's disinfo role Australia counters Chinese bullying in the Pacific Valid accounts are the most prevalent entry point, says CISA's data Ivanti and Fortinet vie for worst vendor of the week Krebs writes up the shift towards charging The Com with terrorism And much, much more… This week's episode is sponsored by Push Security, who bring security visibility to where it needs to be these days – the browser. Luke Jennings joins this week's show to discuss how phish-kit crews are driving the arms race forward, and how detection has to adapt and go where the users are. This episode is also available on Youtube. Show notes Israel planted explosives in Hezbollah's Taiwan-made pagers, sources say | Reuters How Hezbollah used pagers and couriers to counter Israel's high tech surveillance | Reuters Biden administration unveils new evidence of RT's key role in Russian intelligence operations globally | CNN Politics Meta bans RT days after U.S. accused Russian outlet of disinformation U.S. to file charges in Trump campaign hacking case, officials say China suspected of hacking diplomatic body for Pacific islands region Chinese-made port cranes in US included 'backdoor' modems, House report says Stolen account info still chief risk for federal agencies, annual CISA audit finds Notice of Recent Security Incident | Fortinet Blog WordPress.org to require two-factor authentication for plugin developers | CyberScoop Multiple attacks force CISA to order agencies to upgrade or remove end-of-life Ivanti appliance Ivanti Endpoint Manager and Ivanti Endpoint Manager Security Suite and Ivanti Cloud Service Application (CSA) - End Of Life (EOL) The Dark Nexus Between Harm Groups and ‘The Com' – Krebs on Security Feds sentence 12 crypto thieves behind SIM swaps, home invasions Ex-CrowdStrike employees detail rising technical errors before July outage | Semafor Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows Kernel - SecurityWeek Apple seeks dismissal of its NSO Group lawsuit, citing risk of exposing ‘vital security information' US hits Intellexa spyware maker with more sanctions (1) BolivarCucuta on X: "Encuentran muerto al ciudadano israelí Yariv Bokor en Medellín En un apartamento de El Poblado, Medellín, fue encontrado sin vida el ciudadano israelí Yariv Bokor, con aparentes signos de violencia. Bokor estaba vinculado a la empresa Sandvine, la cual tiene relación con NSO https://t.co/EeY1os1omW" / X Instagram to bolster privacy and safety features for millions of teen users Mastercard buys Recorded Future for $2.65 billion | CyberScoop

Welcome to this week's episode of the PEBCAK Podcast!  We've got four amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast   TSA bypassed by SQL injection attack https://www.bleepingcomputer.com/news/security/researchers-find-sql-injection-to-bypass-airport-tsa-security-checks/  https://xkcd.com/327/ https://arstechnica.com/information-technology/2023/10/sob-story-about-dead-grandma-tricks-microsoft-ai-into-solving-captcha/   Russian APT29 uses commercial spyware exploits https://www.bleepingcomputer.com/news/security/russian-apt29-hackers-use-ios-chrome-exploits-created-by-spyware-vendors/  https://www.darkreading.com/threat-intelligence/commercial-spyware-vendors-have-a-copycat-in-top-russian-apt   People too good at spotting phishing https://krebsonsecurity.com/2024/08/when-get-out-the-vote-efforts-look-like-phishing/  https://krebsonsecurity.com/2018/07/notorious-hijack-factory-shunned-from-web/   Career Goals https://guykawasaki.com/guy-kawasaki/   Dad Joke of the Week (DJOW)   Please share this podcast with someone you know!  It helps us grow the podcast and we really appreciate it!   Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Brian - https://www.linkedin.com/in/briandeitch-sase/ Glenn - https://www.linkedin.com/in/glennmedina/ Jason - https://www.linkedin.com/in/jason-seemann-12b7075/

เพกาซัส ไม่ใช่แค่ม้ามีปีกในเทพนิยาย แต่เป็นสปายแวร์สอดแนมของ NSO Group บริษัทด้านข่าวกรองทางไซเบอร์ของอิสราเอล ที่ถูกซื้อขายให้แก่รัฐบาลประเทศต่าง ๆ และมักถูกนำมาใช้สอดแนมผู้ที่รัฐมองว่าเป็นภัยความมั่นคง โดยเคยมีกรณีร้ายแรงถึงชีวิตเกิดขึ้นกับนักข่าวที่วิพากษ์วิจารณ์ราชวงศ์ซาอุดีอาระเบีย ซึ่งมีเบาะแสชี้ว่าบุคคลนั้นถูกสอดแนมโดยเพกาซัสก่อนจะเกิดเหตุ หลังกระแสการชุมนุมเรียกร้องทางการเมืองช่วงปี 2563-2564 ในรัฐบาลประยุทธ์ สปายแวร์เพกาซัสกลายเป็นที่สนใจในสังคมไทยหลังจากมีข่าวว่านักกิจกรรมไทยได้รับแจ้งเตือนจาก Apple ว่าถูกสอดแนมโดยสปายแวร์ดังกล่าว ผู้มีส่วนได้รับผลกระทบจึงรวมตัวกันฟ้องคดีต่อรัฐบาลประยุทธ์และบริษัท NSO Group ในการใช้สปายแวร์ดังกล่าวสอดแนมนักกิจกรรม ความคืบหน้าเป็นอย่างไร อุปสรรรคและความคาดหวังของเครือข่ายพลเมืองที่มีต่อการดำเนินคดีเป็นแบบไหน ชวนคุยกับเจ้าหน้าที่ iLaw และทีมทนายความได้ใน “มนุษย์ออนไลน์ ปี 2 EP.5 : พลเมืองฟ้องกลับ!! สปายแวร์เพกาซัส” #สปายแวร์ #เพกาซัส #สปายแวร์เพกาซัส #Pegasus #NSO #NSOGroup #iLaw

Three Buddy Problem - Episode 10: Top stories this week -- Volt Typhoon zero-day exploitation of Versa Director servers, Chinese APT building botnets with EOL routers, the gap in security solutions for network devices and appliances, Russia's APT29 (Midnight Blizzard) caught reusing exploits from NSO Group and Intellexa, Microsoft's upcoming Windows endpoint security summit in response to the CrowdStrike incident, and the arrest of Telegram's Pavel Durov in France. Plus, the NSA is launching a podcast. Hosts: Costin Raiu (https://x.com/craiu) (Art of Noh), Juan Andres Guerrero-Saade (https://x.com/juanandres_gs)(SentinelLabs), Ryan Naraine (https://x.com/ryanaraine) (SecurityWeek)

The focus was on Iranian APTs this week, both from private threat intelligence teams and CISA, exposing new operations from UNC757 and other groups targeting government, higher education, and private industry. We also check in on a new report from Google's Threat Analysis Group on APTs using the same exploits for zero days that were developed by private commercial surveillance vendors NSO Group and Intellexa.

In this podcast Tom Uren and Patrick Gray discuss the Israeli government seizing documents from NSO Group so that they couldn't be shared with opposition counsel in a US lawsuit during discovery. It's a terrible look. They also talk about foreign adversaries turning to commercial firms to buy election interference services in the lead up to the presidential election. Tom argues that is fundamentally good news.

This week on Cyber Matters, Tanner Wilburn, Katherine Kennelly, and Zach Smith begin with Google's decision to end its plans to ban third-party cookies, discussing the implications for user privacy and online advertising. They then explore recent developments in the cybersecurity industry, including Google's failed acquisition of Israeli cybersecurity company Wiz and Mimecast's successful acquisition of Code 42. They also discuss Apple's warnings to Indian iPhone users about potential "mercenary spyware" attacks and the legal brief filed by major tech firms supporting a journalist targeted by NSO Group's spyware. They cover KnowBe4's inadvertent hiring of a North Korean hacker and the potential reporting obligations for companies following the recent Crowdstrike outages. The podcast also touches on the FTC's  not-so-new guidance on hashing and anonymization, as well as their investigation into "surveillance pricing" practices. State privacy laws are discussed, with a focus on Colorado's universal opt-out shortlist and a recent BIPA decision regarding Samsung's face-scanning feature. The hosts also cover recent fines and settlements involving Meta, Oracle, and TracFone related to various privacy and data protection violations. If you enjoy the show, share and leave us 5 stars! Links from the show: https://www.linkedin.com/company/cyber-matters-podcast/ https://www.cooley.com/news/insight/2024/2024-07-22-sec-reporting-implications-for-publicly-traded-companies-impacted-by-crowdstrike-defective-software-update https://www.techtarget.com/whatis/feature/AI-lawsuits-explained-Whos-getting-sued https://www.lawfaremedia.org/article/lawfare-podcast-orin-kerr-and-asaf-lubin-apple-v-nso-group

Three Buddy Problem - Episode 6: As the dust settles on the CrowdStrike incident that blue-screened 8.5 million Windows computers worldwide, we dig into CrowdStrike's preliminary incident report, the lack of transparency in the update process and the need for more robust testing and validation. We also discuss Microsoft's responsibility to avoid infinite BSOD loops, risks of deploying EDR agents on critical systems, and how an EU settlement is being blamed for EDR vendors having access to the Windows kernel. Other topics on the show include Mandiant's attribution capabilities, North Korea's gov-backed hacking teams launching ransomware on hospitals, KnowBe4 hiring a fake North Korean IT worker, and new developments in the NSO Group surveillance-ware lawsuit. Hosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)

This week on Cyber Matters, Tanner Wilburn and Katherine Kennelly begin with the widespread outages caused by a CrowdStrike update, discussing the implications for IT practices and the importance of testing updates before deployment. They then explore the dismissal of most of the SEC's lawsuit against SolarWinds and its former CISO, Timothy Brown. They provide background on the SolarWinds Orion software compromise and analyze the court's decision, particularly highlighting the setback for the SEC's authority in cybersecurity regulation. In data breach news, they discuss the arrest of a suspected Scattered Spider hacker in the UK and the ongoing costs of the Change Healthcare ransomware attack for UnitedHealth. They also cover a class-action lawsuit against a law firm related to a data breach. The podcast touches on allegations that AWS leased infrastructure to NSO Group, known for its controversial spyware. They also discuss a lawsuit against Patagonia for alleged violations of California privacy law from 1967 and explore the broader trend of CIPA litigation. In AI news, the hosts cover updated USPTO guidance for AI-related patent applications and Meta's decision not to offer future multimodal AI models in the EU. The episode concludes with a brief mention of Google's potential $23 billion acquisition of cybersecurity startup Wiz.   Linkedin: https://www.linkedin.com/company/cyber-matters-podcast/ A breakdown of USPTO Guidance: https://www.intellectualpropertylawblog.com/archives/uspto-issues-ai-subject-matter-eligibility-guidance/

On 30 May, a new report produced by the digital rights organisation Access Now and Citizen Lab revealed the details of the latest Pegasus attack on Russian and Belarusian journalists and activists. Pegasus, a sophisticated spyware made by Israel's NSO Group made headlines in 2021 when it was discovered to have been targeted at thousands of people from all over the globe, including human rights activists and media workers. What makes this spyware so dangerous is that it doesn't require clicking on a link and some victims may never discover that they've been hacked. It can penetrate IOS and Android systems and gain full access to a device- including photos, passwords emails and even microphone. In this episode of Trouble with the Truth, Lana talks to Natalia Krapiva, the Senior Tech-Legal Counsel at Access Now about the latest targets of Pegasus attacks. Among them: the CEO of Novaya Gazeta, Maria Epifanova, journalists Evgeny Pavlov and Evgeny Erlikh, Belarusian activist Andrei Sannikovand, and the editor-in-chief of independent Belarusian media website Charter97.org - Natallia Radzina. They discuss what makes Pegasus so hard to identify and who could be behind it - while Russian and Belarusian authorities are the most obvious suspects, the truth is more complex. Finally, Natalia shares some useful advice on how journalists can protect themselves from spyware and what steps they should take if they discover they've been hacked. Useful resources: Access Now Digital Security helpline: https://www.accessnow.org/help/Citizen Lab Tools & Resources: https://citizenlab.ca/category/research/tools-resources/Justice for Journalists Media Safety Academy: https://jfj.academy/en/

In episode 334, hosts Tom Eston, Scott Wright, and Kevin Johnson discuss two major topics. First, they explore the ongoing legal battle between Citizen Lab and the Israeli spyware company NSO Group. The courts have consistently blocked NSO's attempts to access Citizen Lab's documents to protect victim privacy. Second, they discuss Apple's new AI features […] The post Citizen Lab vs. NSO Group, Apple AI and Privacy appeared first on Shared Security Podcast.

On this edition of Parallax Views, Israeli investigative reporter Meron Rappaport joins the show to discuss a MAJOR story he helped break last week with 972 Magazine, Local Call, and The Guardian: Israel's Covert War Against the ICC. According to the bombshell reporting Meron and others have done, Israel has engaged in a nearly long surveillance program against the International Criminal Court. Surveillance was aimed at both current chief prosecutor and his predecessor Fatou Bensouda. Additionally, Palestinian human rights groups like Al-Haq, Addameer, Al Mezan, and the Palestinian Center for Human Rights (PCHR) were targets of surveillance and there are connections to the controversial and scandal-besieged Israeli private cyber-intelligence firm NSO Group's Pegasus spyware to this story. This story includes allegations of illegal activity, intimidation, and blackmail. Read the story HERE: Surveillance and interference: Israel's covert war on the ICC exposed We'll  discuss a numbe of issues-related to this story including how figures at the highest-levels of Israel's government, specifically Benjamin Netanyahu, figure into the surveillance program as well as the military (ie: IDF) and intelligence services (ie: Shin Bet) tie into it as well. Moreover, we'll look at how Israeli officials were initially enthused about Karim Khan taking over as chief prosecutor at the ICC until "everything changed" with the October 7th Hamas attack and the Gaza War. At the beginning of the conversation Meron will give his thoughts on the state of the Israeli free press in light of the recent attack on Haaretz's Tel Aviv headquarters where the main doors of the HQ's entrance were smashed. In the final portion of the conversation Meron discusses the Land for All movement that he helped cofound which offers a Confederation approach to resolving the Israeli-Palestinian conflict. Many argue that the Confederation approach amounts to a push for a de facto one-state solution, but figures like Dahlia Scheindlin as well as Meron argue that it is actually a two-state solution for the 21st century that addresses the failures and missteps of the Oslo generation. All that and more on this edition of Parallax Views.

(***TIMESTAMPS in description below) ~Jonathan Scott is a Gray Hat Hacker. He is known for exposing the *real* story behind "Hotel Rwanda" and for his expertise on NSO Group's Mysterious Spyware, "Pegasus." - BUY Guest's Books & Films IN MY AMAZON STORE: https://amzn.to/3RPu952 EPISODE LINKS: - Julian Dorey PODCAST MERCH: https://juliandorey.myshopify.com/ - Support our Show on PATREON: https://www.patreon.com/JulianDorey - Join our DISCORD: https://discord.gg/Ajqn5sN6 JONATHON SCOTT'S LINKS: - JONATHON'S YOUTUBE: https://www.youtube.com/c/jonathandata1 JULIAN YT CHANNELS: - SUBSCRIBE to Julian Dorey Clips YT: https://www.youtube.com/@juliandoreyclips - SUBSCRIBE to Julian Dorey Daily YT: https://www.youtube.com/@JulianDoreyDaily - SUBSCRIBE to Best of JDP: https://www.youtube.com/@bestofJDP ***TIMESTAMPS*** 00:00 - Grey Hat Hacker, Pegasus, Bitcoin Controversy Case

Il s'agit d'une vaste enquête journalistique qui a mobilisé 50 journalistes de 17 médias, dont Le Monde Afrique, dans 11 pays. Une enquête coordonnée par le collectif Forbidden Stories, avec comme point de départ la mort suspecte du journaliste John Williams Ntwali à Kigali en janvier 2023. Une enquête qui révèle la mécanique répressive mise en œuvre par le Rwanda, y compris hors de ses frontières, loin de l'image de pays modèle promue à l'étranger. Ou comment le Rwanda entretient son image en Occident, en se payant les services d'experts en relations publiques aux États-Unis et au Royaume-Uni, mais aussi en ciblant opposants, dissidents ou encore journalistes à l'aide du logiciel Pegasus… « Un logiciel espion ultrasophistiqué pour téléphone commercialisé par la société israélienne NSO Group. Si les autorités de Kigali ont, par le passé, nié se servir de ce mouchard, l'enquête menée par Forbidden Stories a pu établir qu'il avait été déployé contre les dissidents du régime. »Le régime rwandais qui présente une double face… D'un côté, « le Rwanda, pointe Le Monde Afrique, a su se rendre indispensable aux missions des Nations unies en Afrique », mais de l'autre, « le Rwanda joue un rôle-clé dans la guerre qui sévit dans l'est de la République démocratique du Congo, en soutenant activement un mouvement rebelle, le M23, au prix de morts, de centaines de milliers de déplacés et d'une des plus graves crises humanitaires au monde. »Un Rwanda métamorphosé, mais à quel prix ?Par ailleurs, constate encore l'enquête Rwanda Classified, le pays a connu un développement économique sans précédent dans la région. « Le Rwanda, pourtant enclavé, enregistre le plus fort taux de croissance de tous les pays de la Communauté d'Afrique de l'Est », pointe Le Monde Afrique. Et « s'il fascine autant, c'est aussi parce qu'un homme incarne ce changement : Paul Kagame, libérateur du pays en 1994, lorsqu'à la tête d'une rébellion il a vaincu les forces armées du gouvernement génocidaire, et dirigeant singulier depuis, avec ses faux airs de moine-soldat. Le chef de l'État a métamorphosé son pays, que le génocide de 1994 avait laissé exsangue. Mais à quel prix ? Entre répression, surveillance et influence, c'est pour une présidentielle jouée d'avance, où les opposants sont écartés, que les Rwandais iront voter le 15 juillet. » Et Paul Kagame devrait rester à la tête du pays, son quatrième mandat trente ans après le génocide de 1994.Burkina Faso : le cas Zoungrana…À la une également : le sort mystérieux du lieutenant-colonel Zoungrana… « Bien qu'affaibli par sa longue détention, l'enfant terrible de l'armée burkinabè continue (apparemment) de susciter la crainte, relève Jeune Afrique. Avant-hier, dans la matinée, l'officier a été enlevé par des hommes armés alors qu'il venait de quitter la villa de Ouaga 2000 où il était détenu par la justice militaire. Quelques instants plus tôt, des représentants du tribunal militaire étaient venus imposer sa remise en liberté provisoire, conformément à l'arrêt rendu le 22 mai par la chambre de contrôle de l'instruction, laquelle était jusqu'alors bloquée par les autorités. Il n'aura finalement été libéré que quelques minutes avant d'être kidnappé. »« Poursuivi pour des faits présumés de “tentative de déstabilisation“, rappelle le quotidien burkinabé Aujourd'hui, le lieutenant-colonel Zoungrana, avait été interpellé une première fois en janvier 2022, sous le règne de Roch Marc Christian Kaboré. Il sera libéré dix mois plus tard, après le deuxième coup de force qui a porté le capitaine Ibrahim Traoré au pouvoir avant d'être de nouveau arrêté pour une “nouvelle tentative de déstabilisation“. (…) En attendant d'avoir plus de détails sur son enlèvement, on se demande, s'exclame Aujourd'hui, ce qui est reproché exactement au lieutenant-colonel Zoungrana ? Pourquoi, depuis 2022, son nom est-il toujours associé à des tentatives de déstabilisation ? S'agit-il d'accusations fondées ? Si oui, pourquoi ne le juge-t-on pas ? Pour l'heure, ces questions demeurent sans réponses et laissent libre cours à toutes les supputations. »Sénégal : règlement de comptes ?Enfin, au Sénégal, le nouveau pouvoir continue d'éplucher les comptes du précédent… « Sonko traque les 45 milliards », titre en première page WalfQuotidien. Il s'agit d'un contrat d'armement de 45 milliards, donc, « impliquant, précise le journal, les anciens ministres Abdou Karim Sall, Abdoulaye Daouda Diallo et l'homme d'affaires nigérien “Petit Boubé“. (…) L'État veut voir clair dans cette commande en armement pour les personnels des Eaux et Forêts et les agents des parcs nationaux. » Une commande qui pourrait cacher un blanchiment de capitaux…

Around the globe, journalists, human rights activists, scholars and others are facing digital attacks from Pegasus, military-grade spyware originally developed to go after criminals. Some of the people targeted have been killed or are in prison.In this episode, Reveal partners with the Shoot the Messenger podcast to investigate one of the biggest Pegasus hacks ever uncovered: the targeting of El Faro newspaper in El Salvador.In the opening story, hosts Rose Reid and Nando Vila speak with El Faro co-founder Carlos Dada and reporter Julia Gavarrete. El Faro has been lauded for its investigations into government corruption and gang violence. The newspaper is no stranger to threats and intimidation, which have increased under the administration of President Nayib Bukele.Reid and Vila also speak with John Scott-Railton of Citizen Lab, a Toronto-based digital watchdog group. Scott-Railton worked to identify the El Faro breach, and it was one of the most obsessive cases of spying Citizen Lab has ever seen.Over the course of one year, 22 members of the newspaper's staff had their phones infected with Pegasus and were surveilled by a remote operator. Researchers suspect Bukele's government was behind the spying, though officials have denied those allegations. The breach forced El Faro's journalists to change the way they work and live and take extreme measures to protect sources and themselves. Then Reid talks with Reveal's Al Letson about growing efforts to hold the NSO Group, the company behind Pegasus, accountable for the massive digital attacks. Support Reveal's journalism at Revealnews.org/donatenow Subscribe to our weekly newsletter to get the scoop on new episodes at Revealnews.org/newsletter Connect with us on Twitter, Facebook and Instagram

A long-running urban legend says that Mac computers are less likely to be compromised by malware than Windows systems. No more. Hackers have targeted users with attacks such as multi-factor authentication fatigue attacks – which use dozens and dozens of Apple ID password resets to annoy you into approving a password change. Then there's the unpatchable vulnerability that can break encryption on devices running Apple's M1, M2, and M3 processors. Or the LeftOverLocals security flaw, which lets hackers snoop on data in older devices. More recently, AppleInsider warned about complex attacks that exploit vulnerabilities in a part of macOS's security architecture called TCC, while Apple updated its spyware alert system to notify users targeted with spying tools like NSO Group's Pegasus spyware. To minimize your risk of compromise, enable Automatic Updates in your system settings, and ensure you update all of your devices – including MacBooks, iMacs, iPhones, iPads, and even Apple Watches – as soon as new software updates are available. The 60-second "Security Nudge" is brought to you by CybSafe, developers of the Human Risk Management Platform. Learn more at https://cybsafe.com

In this week's show Patrick Gray and Adam Boileau discuss the week's security news. They talk about: The serious consequences from the Change Healthcare ransomware, and the need for a … nastier response Predator spyware maker getting a stern sanctioning A German military WebEx meeting gets snooped Mem-corrpution is still king And much, much more In this week's sponsor interview Patrick Gray speaks to Karl McGuinness, Okta's chief architect, about some new security improvements they've built into their IDP. Show notes U.S. Air Force employee charged with giving classified information to woman he met on dating site Ransomware attack on U.S. health care payment processor ‘most serious incident of its kind' AlphV's hit on Change Healthcare strikes a sour note for defenders | Cybersecurity Dive Office of Public Affairs | Justice Department Disrupts Prolific ALPHV/Blackcat Ransomware Variant | United States Department of Justice Developing: AlphV allegedly scammed Change Healthcare and its own affiliate (1) Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment | WIRED Ciaran Martin on X: "“We have to find a way of making a ransom ban work” - me for @thetimes US launches antitrust investigation into UnitedHealth, WSJ reports | Reuters Brett Callow on X: "#Lockbit has de-listed Fulton County. Predator spyware endures even after widespread exposure, analysis shows | CyberScoop Predator spyware infrastructure taken down after exposure | CyberScoop U.S. bans maker of spyware that targeted a senator's phone Spyware maker NSO Group ordered to turn over Pegasus code in WhatsApp case Whatsapp Inc vs NSO Group Russia's chief propagandist leaks intercepted German military Webex conversation The White House's Oddly Specific, and Really Quite Good, Software Engineering Advice A leaky database spilled 2FA codes for the world's tech giants | TechCrunch In ConnectWise attacks, Play and LockBit ransomware exploits developed quickly | Cybersecurity Dive How to Secure the SaaS Apps of the Future | Okta Security

In this week's show Patrick Gray and Adam Boileau discuss the week's security news. They talk about: The serious consequences from the Change Healthcare ransomware, and the need for a … nastier response Predator spyware maker getting a stern sanctioning A German military WebEx meeting gets snooped Mem-corrpution is still king And much, much more In this week's sponsor interview Patrick Gray speaks to Karl McGuinness, Okta's chief architect, about some new security improvements they've built into their IDP. Show notes U.S. Air Force employee charged with giving classified information to woman he met on dating site Ransomware attack on U.S. health care payment processor ‘most serious incident of its kind' AlphV's hit on Change Healthcare strikes a sour note for defenders | Cybersecurity Dive Office of Public Affairs | Justice Department Disrupts Prolific ALPHV/Blackcat Ransomware Variant | United States Department of Justice Developing: AlphV allegedly scammed Change Healthcare and its own affiliate (1) Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment | WIRED Ciaran Martin on X: "“We have to find a way of making a ransom ban work” - me for @thetimes US launches antitrust investigation into UnitedHealth, WSJ reports | Reuters Brett Callow on X: "#Lockbit has de-listed Fulton County. Predator spyware endures even after widespread exposure, analysis shows | CyberScoop Predator spyware infrastructure taken down after exposure | CyberScoop U.S. bans maker of spyware that targeted a senator's phone Spyware maker NSO Group ordered to turn over Pegasus code in WhatsApp case Whatsapp Inc vs NSO Group Russia's chief propagandist leaks intercepted German military Webex conversation The White House's Oddly Specific, and Really Quite Good, Software Engineering Advice A leaky database spilled 2FA codes for the world's tech giants | TechCrunch In ConnectWise attacks, Play and LockBit ransomware exploits developed quickly | Cybersecurity Dive How to Secure the SaaS Apps of the Future | Okta Security

**Threat Hunting Workshop: Hunting for Initial Access March 20, 2024 | 12:00 - 1:00 PM ET More Details/ Registration

NSO Group to ordered to give Pegasus code to WhatsApp Change Healthcare confirms BlackCat, Schumer asks for aid Law firm announces data breach affecting 325,000 people Thanks to today's episode sponsor, Conveyor We've got a returning sponsor this week – Conveyor. They're the AI security review automation platform helping infosec teams automate everything from securely sharing a SOC 2 to one-click autofilling security questionnaires in OneTrust so you can spend almost zero time on the manual tasks that make you want to throw your computer out the window. Teams are finding in a free proof of concept that their AI is better than the rest. Learn more at www.conveyor.com. Mention this podcast for 5 free questionnaire credits when you purchase an Enterprise plan. For the stories behind the headlines, head to CISOseries.com.

A court orders NSO Group to hand over their source code. The Five Eyes reiterate warnings about Ivanti products. Researchers demonstrate a generative AI worm. Fulton County calls LockBit's bluff. SMS codes went unprotected online. Golden Corral serves up a buffet of personal data. Ransom demands continue to climb. A US Senator calls on the FTC to investigate auto industry privacy practices. Dressing up data centers. Our guest is Dominic Rizzo, founder and director of OpenTitan and CEO at zeroRISC, discussing the first open-source silicon project to reach commercial availability. And Cops can't keep their suspects straight.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest is Dominic Rizzo, founder and director of OpenTitan and CEO at zeroRISC, discussing the first open-source silicon project to reach commercial availability. You can find the press release here.  Selected Reading Five Eyes Warn of Ivanti Vulnerabilities Exploitation, Detection Tools Insufficient (Infosecurity Magazine) A leaky database spilled 2FA codes for the world's tech giants (TechCrunch) Report: Average Initial Ransomware Demand in 2023 Reached $600K (Security Boulevard) Here Come the AI Worms (WIRED) Golden Corral restaurant chain data breach impacts 183,000 people (Bleeping Computer) Hackers stole 'sensitive' data from Taiwan telecom giant: ministry(Tech Xplore) CISA adds Microsoft Streaming Service bug to its Known Exploited Vulnerabilities catalog (Security Affairs) Senator asks FTC to investigate automakers' data privacy practices (The Record) Looking good, feeling safe – data center security by design (Data Center Dynamics) Cops visit school of 'wrong person's child,' mix up victims and suspects in epic data fail (The Register) OpenTitan® Partnership Makes History as First Open-Source Silicon Project to Reach Commercial Availability (lowRISC) Creating Connections: Embracing change. (N2K Women in STEM newsletter)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Biden prepares executive order on foreign access to data. Britain's NCSC warns of a significant ransomware increase. Cisco Talos confirms ransomware surge. BuyGoods.com leaks PII and KYC data. Fortra faces scrutiny over slow disclosure. AI fights financial fraud. Intel471 highlights bulletproof hosting. NSO Group lobbies to revamp their image. Tussling in Missouri over election security. Integrating cyber education. Our guests are N2K President Simone Petrella and WiCyS Executive Director Lynn Dohm talking about a new partnership for a comprehensive Cyber Talent Study. And the moral panic of Furbies. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today's guests are N2K President Simone Petrella and WiCyS Executive Director Lynn Dohm talking with Dave Bittner about a new partnership for a comprehensive Cyber Talent Study to deepen the collective understanding of cybersecurity competencies within the industry. Selected Reading Biden Seeks to Stop Countries From Exploiting Americans' Data for Espionage (Bloomberg) British intelligence warns AI will cause surge in ransomware volume and impact (The Record) Significant increase in ransomware activity found in Talos IR engagements, while education remains one of the most-targeted sectors (Talos) Global Retailer BuyGoods.com Leaks 198GB of Internal and User PII, KYC data (HACKREAD) Fortra blasted over slow response to critical GoAnywhere file transfer bug (SC Media) Gen AI Expected to Bring Big Changes to Banking Sector (GovInfo Security) Why Bulletproof Hosting is Key to Cybercrime-as-a-Service (Infosecurity Magazine) Notorious Spyware Maker NSO Group Is Quietly Plotting a Comeback (WIRED) Missouri secretary of state accused of withholding cybersecurity reviews of election authorities (StateScoop) Cybersecurity education from childhood is a vital tool: 72% of children worldwide have experienced at least one type of cyber threat (Check Point)  These Are the Notorious NSA Furby Documents Showing Spy Agency Freaking Out About Embedded AI in Children's Toy (404 Media) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Chaim Gelfand, Vice President, Compliance, at NSO Group joins the podcast to talk about managing compliance for a product that has, baked into its design, complex privacy, corruption and human rights implications. Because of the controversial nature of spyware, we will hear from journalist Khadija Ismayilova next week about the allegation that spyware was installed on her cell phone and her concerns about abuse of the technology. Podcast originally aired: March 8, 2023

A look back at Patch Tuesday. BlackCat uses malicious Google ads. Social engineering in the third quarter of 2023. Are small businesses in denial about ransomware? Molerats have some new tools. Israel turns to NSO Group's Pegasus to search for hostages taken by Hamas. Tim Starks from the Washington Post examines the potential aftermath of a Russian group hitting a Chinese bank. In our Learning Layer, Sam Meisenberg helps a student understand and create a strategy for the CISSP CAT. And a cyberespionage campaign is attributed to Russia's SVR. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/218 Selected reading. Adobe Releases Security Updates for Multiple Products | CISA (Cybersecurity and Infrastructure Security Agency CISA)  Fortinet Releases Security Updates for FortiClient and FortiGate (Cybersecurity and Infrastructure Security Agency | CISA)  VMware Releases Security Update for Cloud Director Appliance (Cybersecurity and Infrastructure Security Agency | CISA)  CISA Releases Two Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency | CISA)  Microsoft Releases October 2023 Security Updates (Cybersecurity and Infrastructure Security Agency | CISA)  Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws (BleepingComputer) SAP Security Patch Day for November 2023 (Onapsis) The ALPHV/BlackCat Ransomware Gang is Using Google Ads to Conduct… (eSentire) Q3 2023 Threat Landscape Report: Social Engineering Takes Center Stage (Kroll)  OpenText Cybersecurity 2023 Global Ransomware Survey: The risk perception gap (OpenText Blogs) TA402 Uses Complex IronWind Infection Chains to Target Middle East-Based Government Entities (Proofpoint)  Israel's NSO unleashes controversial spyware in Gaza conflict (Axios)  APT29 Attacks Embassies Using CVE-2023-38831 (NCSCC) Cyber-espionage operation on embassies linked to Russia's Cozy Bear hackers (Record) Learn more about your ad choices. Visit megaphone.fm/adchoices

On this week's show Patrick Gray talks through the news with Chris Krebs and Dmitri Alperovitch. They discuss: The SEC enforcement action against Solarwinds' CISO The White House AI Executive Order CitrixBleed exploitation goes wide How Kaspersky captured some (likely) Five Eyes iOS 0day Elon Musk's Gaza Strip adventures Much, much more This week's show is brought to you by Greynoise. Andrew Morris, Greynoise's founder and CEO, is this week's sponsor guest. He talks about how Greynoise is using large language models to help them analyse massive quantities of malicious internet traffic. Show notes comp-pr2023-227.pdf Biden signs executive order to oversee and invest in AI tech Risky Biz News: CitrixBleed vulnerability goes from bad to disastrous Andrew Morris on X: "Confluence bug is popping off. VAST majority of it is blasting thru Tor, similar to the first wave of Log4J exploitation two years ago. If you haven't patched, it's probably popped. https://t.co/4JC0uiTaqc https://t.co/wLDgQpq7r0" / X Andrew Morris on X: "Confluence bug is popping off. VAST majority of it is blasting thru Tor, similar to the first wave of Log4J exploitation two years ago. If you haven't patched, it's probably popped. https://t.co/4JC0uiTaqc https://t.co/wLDgQpq7r0" / X How Kaspersky obtained all stages of Operation Triangulation | Securelist Kaspersky reveals 'elegant' malware resembling NSA code | CyberScoop Sophisticated StripedFly Spy Platform Masqueraded for Years as Crypto Miner A cascade of compromise: unveiling Lazarus' new campaign | Securelist Near-total internet and cellular blackout hits Gaza as Israel ramps up strikes Amichai Stein on X: "Israel's Communications Minister @shlomo_karhi in response to Elon Musk: Israel will use all the means at its disposal to fight this. Hamas will use this for terrorist activity. There is no doubt about it. We know it, and Musk knows it. Hamas is ISIS." / X Shashank Joshi on X: "Wonder what encryption, if any, they use? Vulnerable to tapping. "Hamas has maintained operational security by going “stone age” and using hard-wired phone lines while eschewing devices that are hackable or emit an electronic signature." https://t.co/ALVSXb55Zn" / X Hackers that breached Las Vegas casinos rely on violent threats, research shows | CyberScoop Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction | Microsoft Security Blog GitHub - cloudflare/har-sanitizer Russia to launch its own version of VirusTotal due to US snooping fears iPhones have been exposing your unique MAC despite Apple's promises otherwise | Ars Technica VMware warns of critical vulnerability affecting vCenter Server product Judge tosses Khashoggi widow's lawsuit against NSO Group

On this week's show Patrick Gray talks through the news with Chris Krebs and Dmitri Alperovitch. They discuss: The SEC enforcement action against Solarwinds' CISO The White House AI Executive Order CitrixBleed exploitation goes wide How Kaspersky captured some (likely) Five Eyes iOS 0day Elon Musk's Gaza Strip adventures Much, much more This week's show is brought to you by Greynoise. Andrew Morris, Greynoise's founder and CEO, is this week's sponsor guest. He talks about how Greynoise is using large language models to help them analyse massive quantities of malicious internet traffic. Show notes comp-pr2023-227.pdf Biden signs executive order to oversee and invest in AI tech Risky Biz News: CitrixBleed vulnerability goes from bad to disastrous Andrew Morris on X: "Confluence bug is popping off. VAST majority of it is blasting thru Tor, similar to the first wave of Log4J exploitation two years ago. If you haven't patched, it's probably popped. https://t.co/4JC0uiTaqc https://t.co/wLDgQpq7r0" / X Andrew Morris on X: "Confluence bug is popping off. VAST majority of it is blasting thru Tor, similar to the first wave of Log4J exploitation two years ago. If you haven't patched, it's probably popped. https://t.co/4JC0uiTaqc https://t.co/wLDgQpq7r0" / X How Kaspersky obtained all stages of Operation Triangulation | Securelist Kaspersky reveals 'elegant' malware resembling NSA code | CyberScoop Sophisticated StripedFly Spy Platform Masqueraded for Years as Crypto Miner A cascade of compromise: unveiling Lazarus' new campaign | Securelist Near-total internet and cellular blackout hits Gaza as Israel ramps up strikes Amichai Stein on X: "Israel's Communications Minister @shlomo_karhi in response to Elon Musk: Israel will use all the means at its disposal to fight this. Hamas will use this for terrorist activity. There is no doubt about it. We know it, and Musk knows it. Hamas is ISIS." / X Shashank Joshi on X: "Wonder what encryption, if any, they use? Vulnerable to tapping. "Hamas has maintained operational security by going “stone age” and using hard-wired phone lines while eschewing devices that are hackable or emit an electronic signature." https://t.co/ALVSXb55Zn" / X Hackers that breached Las Vegas casinos rely on violent threats, research shows | CyberScoop Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction | Microsoft Security Blog GitHub - cloudflare/har-sanitizer Russia to launch its own version of VirusTotal due to US snooping fears iPhones have been exposing your unique MAC despite Apple's promises otherwise | Ars Technica VMware warns of critical vulnerability affecting vCenter Server product Judge tosses Khashoggi widow's lawsuit against NSO Group

In this episode, host Bidemi Ologunde discussed an April 2023 meeting in Montréal, Canada.===Work from home, earn some extra income, and test new products before they hit the shelves. Earn up to $500 per week.>>> Click here to learn more

Around the globe, journalists, human rights activists, scholars and others are facing digital attacks from Pegasus, military-grade spyware originally developed to go after criminals. Some of the people targeted have been killed or are in prison. In this episode, Reveal partners with the Shoot the Messenger podcast to investigate one of the biggest Pegasus hacks ever uncovered: the targeting of El Faro newspaper in El Salvador. In the opening story, hosts Rose Reid and Nando Vila speak with El Faro co-founder Carlos Dada and reporter Julia Gavarrete. El Faro has been lauded for its investigations into government corruption and gang violence. The newspaper is no stranger to threats and intimidation, which have increased under the administration of President Nayib Bukele. Reid and Vila also speak with John Scott-Railton of Citizen Lab, a Toronto-based digital watchdog group. Scott-Railton worked to identify the El Faro breach, and it was one of the most obsessive cases of spying Citizen Lab has ever seen. Over the course of one year, 22 members of the newspaper's staff had their phones infected with Pegasus and were surveilled by a remote operator. Researchers suspect Bukele's government was behind the spying, though officials have denied those allegations. The breach forced El Faro's journalists to change the way they work and live and take extreme measures to protect sources and themselves.  Then Reid talks with Reveal's Al Letson about growing efforts to hold the NSO Group, the company behind Pegasus, accountable for the massive digital attacks. Support Reveal's journalism at Revealnews.org/donatenow Subscribe to our weekly newsletter to get the scoop on new episodes at Revealnews.org/newsletter Connect with us on Twitter, Facebook and Instagram

A little over a decade ago, a small Israeli company created what would become the world's most powerful and notorious hacking tool.Mark Mazzetti, who is a Washington investigative correspondent for The Times, explains the surprising story of the NSO Group and why, despite banning its technology, the United States kept trying to use it.Guest: Mark Mazzetti, a Washington investigative correspondent for The New York Times.Background reading: The Biden administration has been trying to choke off use of hacking tools made by the Israeli firm NSO. It turns out that not every part of the government has gotten the message.The president signed an executive order seeking to limit deployment of a tool that has been abused by autocracies — and some democracies — to spy on dissidents, human rights activists and journalists.For more information on today's episode, visit nytimes.com/thedaily. Transcripts of each episode will be made available by the next workday.