Podcasts about nso group

Chris and Hector dive into the recent breach of the LockBit ransomware gang and what it reveals about operational security failures—even among hackers. They discuss the fallout from the Pegasus spyware scandal, with NSO Group ordered to pay $168 million, and explore the troubling reliance on vulnerable federal contractors. Plus, Hector delivers one of his signature rants—this time on who's really watching the watchers. Join our new Patreon! ⁠⁠⁠https://www.patreon.com/c/hackerandthefed⁠⁠⁠ Send HATF your questions at ⁠⁠⁠questions@hackerandthefed.com

Gli attacchi hacker all'Università degli Studi Roma3 e al comune di Pisa, la sentenza che condanna NSO Group per la vicenda degli spyware diffusi sfruttando una vulnerabilità di Whatsapp, lo sbarco dell'AI generativa su Netflix, i sempre più concreti conflitti di interesse di Elon Musk e la situazione in Nigeria dove il governo sfrutta le leggi che regolano il Web per mettere la museruola a giornalisti e attivisti. A cura di Marco Schiaffino.

TikTok is working on a new Creator Chat Room feature to connect up to 300 people per chat, plus they're offering a small business education webinar series. Meta has rolled out some key updates for advertisers, Edits has some new features to know about, and Ashley Coffey shares what's new this week in the world of AI.Are you ready to unlock the latest secrets from the world of social media?  Join me, Daniel Hill, as I dive into the exciting updates from the recent IAB New Fronts event in New York City, where we explore groundbreaking advertising developments from platforms like TikTok and Meta.This episode of The Instagram Stories is packed with insights on TikTok's new Creator Chatroom feature, designed to help creators forge deeper connections with their audience through text-based chat rooms.  This innovative tool not only enhances engagement but also serves as a valuable platform for gathering feedback in a more private setting.  As TikTok continues to evolve, staying updated on TikTok trends is crucial for anyone involved in social media marketing.Switching gears to Meta, I share the latest advertising solutions unveiled at the event, including Reels Trending Ads and exciting updates to the Creator Marketplace.  With new ad formats rolling out on Facebook and Instagram, it's essential for advertisers to remain informed about these changes to maximize their reach and effectiveness in the ever-changing landscape of social media.  I'll provide you with key social media marketing tips that you won't want to miss!In a special segment, I'm thrilled to welcome Ashley Coffey from the Coffee and Code podcast, where we discuss significant AI updates impacting the industry.  From TikTok's ongoing legal issues regarding user data to Meta's potential reintroduction of facial recognition features in its products, we cover the implications of these developments for the creator economy and influencer marketing.  This insider insight on Instagram and other platforms is vital for anyone looking to navigate the complexities of social media strategies.As we wrap up the episode, I'll recap the latest trends in social media and advertising, encouraging you to engage with the content and share your thoughts.  Whether you're looking for Instagram DM strategies, Instagram features and updates, or tips on optimizing your social media presence, this episode has something for everyone.  Tune in to gain valuable insights that can elevate your social media game!Show Notes:Leave a Review: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Apple Podcasts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Follow Me on Instagram: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@danielhillmedia⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠TikTok Creator Chat Room (Threads)TikTok Academy Small Biz Fest Webinars (TikTok)IAB NewFronts 2025: Meta Presents New Solutions for Creators and Brands (Meta)Edits App Updates (Instagram) This Week in AI from Ashley Coffey:Ireland's DPC fines TikTok €530M for illegally sending European user data to China and orders it to bring such transfers into compliance within six months (TechMeme)At a Manhattan event, TikTok executives tried to reassure ad clients, saying that “we are absolutely confident” in TikTok and “in the future of this platform” (TechMeme)A US jury awards Meta nearly $168M in damages from NSO Group in connection with the 2019 spyware attack on more than 1,400 WhatsApp users' phones (TechMeme)Meta is once again considering facial recognition for its smart glasses and other devices, after abandoning the idea over ethical concerns in 2021 (TechMeme)Microsoft shut down Skype on May 5, capping a remarkable 21-year run for software that for many embodied the open internet and had 300M+ users in its heyday (TechMeme)Spotify debuts a “plays” metric for podcasts that shows users and creators how many times people have actively listened to or watched an audio or video episode (TechMeme)Snap unveils AI-powered advertiser solutions, Sponsored Snap updates (MarketingDive) Connect with Ashley:Ashley Coffey from Coffey and Code (Website)Coffey and Code Podcast (Podcast) Leave a Review: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Apple Podcasts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Follow Me on Instagram: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@danielhillmedia⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

Today's show: Jason, Lon & Alex discuss the day's hottest tech and startup news. Zoox's robotaxi crash and voluntary recall, COATUE's innovative open-ended venture fund that could democratize private tech investing, the NSO Group's massive $167M fine for spyware abuse, Uber's record-setting earnings and in-person work push, and a candid AI wake-up call from Fiverr's CEO urging employees to embrace automation or fall behind. From regulatory shakeups to funding innovation and the rise of AI productivity, this episode captures the chaos and opportunity of tech in 2025.Timestamps:(1:09) Show Intro(2:43) Will Coatue's new low buy-in fund replace or supplement traditional VC investments?(9:55) OpenPhone - Streamline and scale your customer communications with OpenPhone. Get 20% off your first 6 months at www.openphone.com/⁠twist(13:38) Zoox issues recall: why this might be the best case scenario for self-driving cars.(20:18) Squarespace - Use offer code TWIST to save 10% off your first purchase of a website or domain at https://www.Squarespace.com/TWIST(22:39) Meta wins settlement against NSO: do spyware companies even need to exist?(25:45) Uber bests expectations in Q1! Why their future is looking bright.(29:48) Notion - Try it for free today at https://notion.com/twist(33:10) How scared should we be of AI replacing us? Fiverr's CEO says VERY.(40:57) In Office Hours, Evan from FusionAds wants to know: how to make clients feel more confident in with AI-generated marketing?(50:03) The Founder Friday Tournament's Final Four is now... a FINAL FIVE?!Subscribe to the TWiST500 newsletter: https://ticker.thisweekinstartups.comCheck out the TWIST500: https://www.twist500.comSubscribe to This Week in Startups on Apple: https://rb.gy/v19fcpLinks from episode:Do Things That Don't Scale: https://paulgraham.com/ds.htmlFusionAds: https://www.fusionos.ai/ai-generative-advertisingFollow Evan:X: https://x.com/EG_FusionLinkedIn: https://www.linkedin.com/in/evangraj/Follow Lon:X: https://x.com/lonsFollow Alex:X: https://x.com/alexLinkedIn: ⁠https://www.linkedin.com/in/alexwilhelmFollow Jason:X: https://twitter.com/JasonLinkedIn: https://www.linkedin.com/in/jasoncalacanisThank you to our partners:(9:55) OpenPhone - Streamline and scale your customer communications with OpenPhone. Get 20% off your first 6 months at www.openphone.co(20:18) Squarespace - Use offer code TWIST to save 10% off your first purchase of a website or domain at https://www.Squarespace.com/TWIST(29:48) Notion - Try it for free today at https://notion.com/twistGreat TWIST interviews: Will Guidara, Eoghan McCabe, Steve Huffman, Brian Chesky, Bob Moesta, Aaron Levie, Sophia Amoruso, Reid Hoffman, Frank Slootman, Billy McFarlandCheck out Jason's suite of newsletters: https://substack.com/@calacanisFollow TWiST:Twitter: https://twitter.com/TWiStartupsYouTube: https://www.youtube.com/thisweekinInstagram: https://www.instagram.com/thisweekinstartupsTikTok: https://www.tiktok.com/@thisweekinstartupsSubstack: https://twistartups.substack.comSubscribe to the Founder University Podcast: https://www.youtube.com/@founderuniversity1916

A jury orders NSO Group to pay $167 millions dollars to Meta over spyware allegations. CISA warns of hacktivists targeting U.S. ICS and SCADA systems. Researcher Micah Lee documents serious privacy risks in the TM SGNL app used by high level Trump officials. The NSA plans significant workforce cuts. Nations look for alternatives to U.S. cloud providers. A medical device provider discloses a cyberattack disrupting its ability to ship customer orders. The Panda Shop smishing kit impersonates trusted brands. Accenture's CFO thwarts a deepfake attempt. Our temporary intern Kevin Magee from Microsoft wraps up his reporting from the RSAC show floor.  Server room shenanigans, with romance, retaliation, and root access. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Wrapping up RSAC 2025, we're joined by our partner Kevin Magee, Global Director of Cybersecurity Startups at Microsoft for Startups. Kevin brings the energy with a high-octane medley of interviews directly from the show floor, featuring sharp insights and bold ideas from some of cybersecurity's most influential voices. It's the perfect, fast-paced finale to our RSAC coverage—check out the show notes for links to all the guests featured! In this segment, you'll hear from Eoin Wickens, Director of Threat Intelligence of HiddenLayer, Jordan Shaw-Young, Chief of Staff for Security Services at BlueVoyant, Gil Barak, co-founder and CEO of Blink Ops, and Paul St Vil, VP of Field Engineering at Zenity. You can also catch Kevin on our Microsoft for Startups⁠ Spotlight, brought to you by N2K CyberWire and Microsoft, where we shine a light on innovation, ambition, and the tech trailblazers building the future right from the startup trenches. Kevin and Dave talk with startup veteran and Cygenta co-founder FC about making the leap from hacker to entrepreneur, then speak with three Microsoft for Startups members: Matthew Chiodi⁠ of ⁠Cerby⁠, ⁠Travis Howerton⁠ of ⁠RegScale⁠, and ⁠Karl Mattson⁠ of ⁠Endor Labs⁠. Whether you are building your own startup or just love a good innovation story, listen and learn more here. Selected Reading Spyware-maker NSO ordered to pay $167 million for hacking WhatsApp (The Washington Post) CISA Warns of Hackers Attacking ICS/SCADA Systems in Oil and Natural Gas Companies (Cyber Security News) Despite misleading marketing, Israeli company TeleMessage, used by Trump officials, can access plaintext chat logs (Micha Flee) NSA to cut up to 2,000 civilian roles as part of intel community downsizing' (The Record) NIST loses key cyber experts in standards and research (Cybersecurity Dive) A coherent European/non-US cloud strategy: building railroads for the cloud economy (Bert Hubert) Medical device giant Masimo says cyberattack is limiting ability to fill customer orders (The Record) New Chinese Smishing Kit Dubbed 'Panda Shop' Steal Google, Apple Pay & Credit Card Details (Cyber Security News) Accenture: What we learned when our CEO got deepfaked (Computing) IT Worker from Computacenter Let Girlfriend Into Deutsche Bank's Restricted Areas (GB Hackers) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Meta wins a case against that NSO Group in spyware allegations. Netflix is completely revamping its design for the first time in years. Amazon has a new robot that can do 70% of the work in its warehouses. And a big chip breakthrough that can bring about the ChatGPT moment for quantum computing?Sponsors:CornBreadHemp.com/ride and code rideAcorns.com/rideLinks:Meta wins $168 million in damages from Israeli cyberintel firm in Whatsapp spyware scandal (Courthouse News Service)Netflix Overhauls Its Home Screen for the First Time in 12 Years (NYTimes)Amazon makes ‘fundamental leap forward in robotics' with device having sense of touch (The Guardian)Generative AI tops cybersecurity in 2025 tech budget priorities, new AWS study finds (GeekWire)Mistral claims its newest AI model delivers leading performance for the price (TechCrunch)Cisco says its new entanglement chip could speed up practical quantum computing by a decade (Fast Company)See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Netflix rolls out a redesign of its Apple tvOS app, Spyware maker NSO Group must pay WhatsApp $167M, Amazon unveils warehouse robot “Vulcan” MP3 Please SUBSCRIBE HERE for free or get DTNS Live ad-free. A special thanks to all our supporters–without you, none of this would be possible. If you enjoy what you see youContinue reading "US v. Google: Eddy Cue says Apple is actively looking at reshaping Safari – DTH"

Congress challenges Noem over proposed CISA cuts Texas school district breach impacts over 47,000 people NSO Group to pay WhatsApp $167 million in damages Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.  

NSO Group ordered to pay Meta $167 million dollars, the White House tells N-S-A to cut 8% of its civilian staff, the US sanctions a Myanmar militia group leader for cyber scams, and one of the Nomad Bridge hackers gets arrested in Israel. Show notes

A massive power outage strikes the Iberian Peninsula. Iran says it repelled a “widespread and complex” cyberattack targeting national infrastructure. Researchers find hundreds of SAP NetWeaver systems vulnerable to a critical zero-day. A British retailer tells warehouse workers to stay home following a cyberattack. VeriSource Services discloses a breach exposing personal data of four million individuals. Global automated scanning surged 16.7% in 2024. CISA discloses several critical vulnerabilities affecting Planet Technology's industrial switches and network management products. A Greek court upholds a VPN provider's no-logs policies. Law enforcement dismantles the JokerOTP phishing tool. Our guest is Tim Starks from CyberScoop with developments in the NSO Group trial. How Bad Scans and AI Spread a Scientific Urban Legend. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Special Edition On our ⁠Microsoft for Startups⁠ Spotlight, brought to you by N2K CyberWire and Microsoft, we are shining a light on innovation, ambition, and the tech trailblazers building the future right from the startup trenches. This episode is part of our exclusive RSAC series where we dive into the real world impact of the Microsoft for Startups Founders Hub.  Along with Microsoft's ⁠Kevin Magee⁠, Dave Bittner talks with an entrepreneur and startup veteran, and founders from three incredible startups who are part of the Founders Hub, each tackling big problems with even bigger ideas.  Dave and Kevin set the stage speaking with startup veteran and Cygenta co-founder FC about making the leap from hacker to entrepreneur. Dave and Kevin then speak with three founders: ⁠Matthew Chiodi⁠ of ⁠Cerby⁠, ⁠Travis Howerton⁠ of ⁠RegScale⁠, and ⁠Karl Mattson⁠ of ⁠Endor Labs⁠. So whether you are building your own startup or just love a good innovation story, listen in. For more information, visit the ⁠Microsoft for Startups website⁠. CyberWire Guest We are joined by Tim Starks from CyberScoop who is discussing Judge limits evidence about NSO Group customers, victims in damages trial Selected Reading Nationwide Power Outages in Portugal & Spain Possibly Due to Cyberattack (Cyber Security News) Iran claims it stopped large cyberattack on country's infrastructure (The Record) 400+ SAP NetWeaver Devices Vulnerable to 0-Day Attacks that Exploited in the Wild (Cyber Security News) M&S warehouse workers told not to come to work following cyberattack (The Record) 4 Million Affected by VeriSource Data Breach (SecurityWeek) Researchers Note 16.7% Increase in Automated Scanning Activity (Infosecurity Magazine) Critical Vulnerabilities Found in Planet Technology Industrial Networking Products (SecurityWeek) Court Dismisses Criminal Charges Against VPN Executive, Affirms No-Log Policy (Hackread) JokerOTP Dismantled After 28,000 Phishing Attacks, 2 Arrested (Hackread) A Strange Phrase Keeps Turning Up in Scientific Papers, But Why? (ScienceAlert) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

V této epizodě se podíváme na kyberútok na Správu služeb hlavního města Prahy, při kterém hackeři zveřejnili SPZky a osobní údaje majitelů odtažených vozidel. Rozebíráme také nově zveřejněné detaily ze soudního sporu mezi Metou a NSO Group ohledně sledování přes WhatsApp, únik dat moderátorů fóra 4chan, a aktivně zneužívanou zranitelnost ve Windows, která umožňuje únik NTLM hashů. Nechybí ani drama kolem financování CVE programu a jeho budoucnosti.Kapitoly:00:00 SPZky a osobní údaje z Prahy zveřejněny hackery04:26 CVE program málem skončil: Co se stalo a co to znamená08:07 Pegasus a WhatsApp: Nové detaily ze soudního sporu09:26 Hack 4chanu10:24 Zranitelnost ve Windows: NTLM hash uniká jediným klikem11:34 Meme of the WeekOdkazy a zdroje:https://www.irozhlas.cz/zpravy-domov/kyberzlocinci-utocili-na-prazskou-spravu-sluzeb-hrozi-zverejnenim-citlivych_2504180500_pikhttps://www.group-ib.com/blog/cicada3301/https://www.bleepingcomputer.com/news/security/cisa-extends-funding-to-ensure-no-lapse-in-critical-cve-services/https://thehackernews.com/2025/04/cve-2025-24054-under-active.htmlhttps://techcrunch.com/2025/04/15/notorious-image-board-4chan-hacked-and-internal-data-leaked/https://www.calcalistech.com/ctechnews/article/i7i81952t#ITBezpecnost #IT #Novinky #bezpecnost #Česko

Dada v. NSO Group Technologies Limited

Military-grade spyware, once the province of shadowy intelligence outfits, is now being handed over to local police forces. As an Ontario resident, I find this deeply unsettling. These tools are powerful, precise, and built for a level of strategic nuance that most municipal sometimes even provincial police simply aren't equipped to handle. It's like handing a ten-year-old a scalpel and asking them to perform surgery. The intentions might be sincere, but the training, context, and oversight just aren't there. And that gap between tool and user is where things start to slip where privacy erodes, rights get sidelined, and the line between public safety and state overreach gets dangerously blurry. What Is Spyware and How Does It Work? At its core, spyware is software designed to secretly infiltrate and monitor digital devices usually without the knowledge or consent of the person being targeted. Once installed, it can track online activity, harvest sensitive information, and even take control of device functions like cameras and microphones. Military-grade spyware, like NSO Group's Pegasus or Paragon's Graphite, takes this to another level. These advanced tools can penetrate even the most secure devices, including phones protected by encrypted messaging apps like WhatsApp, iMessage, and Signal. Some spyware even uses "zero-click" exploits meaning the target doesn't need to click a suspicious link for their device to be compromised. This isn't just like wiretapping a phone call. Spyware can reveal a person's entire digital life recording private conversations, tracking real-time locations, logging browsing histories, and accessing stored files. For police, it's revolutionary. But for the rest of us? It's a chilling reminder that nothing is truly private anymore. Why Are Local Police Using Spyware? So, why are local police turning to such extreme surveillance measures? The short answer: encryption. As more people use encrypted communication platforms, traditional surveillance methods like wiretapping are becoming less effective. Criminal organizations, human traffickers, and other bad actors know how to hide their tracks using secure apps, creating a major challenge for law enforcement. Spyware gives police a way around these barriers by directly accessing the suspect's device and collecting evidence that would otherwise be out of reach. And there's public pressure, too. With high-profile crimes making headlines, law enforcement is under intense pressure to deliver fast results. Spyware, with its ability to gather and analyze large amounts of information in real time, can speed up investigations and improve the odds of making an arrest. In Canada, local police forces are increasingly adopting advanced surveillance technologies to stay ahead of tech-savvy criminals. But as these tools become more common, there's a growing concern: Who's watching the watchers? Ontario Police and "Graphite" Spyware Controversy A recent example that's sparked public debate is Ontario police's use of Graphite spyware. This highly advanced tool can bypass encrypted communications and operate without leaving a trace, meaning police can monitor individuals without them ever knowing. Police officials claim they only use Graphite in the most serious cases. But here's the catch there's little public information about how often it's used or what safeguards are in place. Without transparency, it's impossible to know whether police are sticking to serious crimes or deploying these powerful tools for more routine investigations. Civil liberties advocates are especially worried that spyware could be turned against people who challenge authority - journalists, political activists, or marginalized communities. And it's not just happening in Ontario. Across the globe, police forces are quietly adopting military-grade spyware, often without public input or clear legal oversight. RCMP's Use of Spyware It's not just local police getting in on the action. In 2022, the...

On this edition of Parallax Views, the Carnegie Endowment for International Peace's Zaha Hassan returns to the program alongside first-time guest Yousef Munayyer, a Senior Fellow at the Arab Center Washington D.C., to discuss the new book she co-edited with H.A. Hellyer entitled Suppressing Dissent: Shrinking Civic Space, Transnational Repression, and Palestine-Israel. Yousef is a contributor to the Suppressing Dissent and, amongst other things, he will discuss his piece in the book entitled "Closing Spaces Beyond Borders: Israel's Transnational Repression Network". Zaha will discuss a number of topics related to the book as well including her contribution, co-written with Layla Gantus, called "Between a Rock and a Hard Place: The Impact of Israel's Occupation and Palestinian Authoritarianism on Community Organizing and NGOs". The conversation will begin, of course, with a discussion of a case that makes this book timelier than ever: the detainment of Columbia University pro-Palestinian student protester Mahmoud Khalil by the Trump administration. From there we will discuss such issues as the Israeli-based NSO Group's infamous Pegasus spyware being used against Palestinian civil society organizations, the long shadow of the Oslo Accords, the interplay between the Israeli occupation and the governance in Gaza and the West Bank, revisiting Zaha's paper on the Human Rights-centric approach to dealing with Israel/Palestine, the debanking of Palestinian civil society individuals and organizations, the Palestinian Authority vs. Palestinian civil society, and much, much more. You can currently obtain an ebook download of Suppressing Dissent for FREE at the Carnegie Endowment website. Contributors include such previous Parallax Views guests as Nathan J. Brown, Dana El Kurd, and Dahlia Scheindlin as well as Lara Friedman, Marwa Fatafta, Yael Berda, Jessica Buxbaum, and many others.

US Justice Department charges employees of Chinese IT contractor i-Soon. Silk Typhoon targets the IT supply chain for initial access. Chrome extensions that change shape. Attackers target airflow misconfigurations. LibreOffice vulnerability opens the door to script-based attacks. NSO group leaders face charges in spyware case. Today, our own Dave Bittner is our guest as he appeared on the Adopting Zero Trust podcast at ThreatLocker's Zero Trust World 2025 event with hosts Elliot Volkman and Neal Dennis and guest Dr. Chase Cunningham. And turning $1B into thin air. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, our own Dave Bittner is in our guest spot as he appeared on the Adopting Zero Trust podcast at ThreatLocker's Zero Trust World 2025 event with hosts Elliot Volkman and Neal Dennis and guest Dr. Chase Cunningham aka Dr. Zero Trust. Adopting Zero Trust is an ongoing conversation about the people and organizations adopting Zero Trust. You can catch the full episode here where Dave and Dr. Zero Trust weigh the difference between delivering refined news and raw perspective, hitting critical mass for AI, and the current political environment. Selected Reading US charges Chinese nationals in cyberattacks on Treasury, dissidents and more (The Record) Silk Typhoon targeting IT supply chain (Microsoft) Malicious Chrome extensions can spoof password managers in new attack (Bleeping Computer)  Apache Airflow Misconfigurations Leak Login Credentials to Hackers (GB Hackers) LibreOffice Flaw Allows Attackers to Run Arbitrary Scripts via Macro URL (GB Hackers) Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks (SecurityWeek) Catalan court says NSO Group executives can be charged in spyware investigation (TechCrunch) Former top NSA cyber official: Probationary firings ‘devastating' to cyber, national security (CyberScoop)  Financial Organizations Urge CISA to Revise Proposed CIRCIA Implementation (SecurityWeek) North Koreans finish initial laundering stage after more than $1 billion stolen from Bybit (The Record)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Natalia Krapiva is the tech-legal Counsel with Access Now. Prior to that she worked as a prosecutor at Brooklyn District Attorney's Office. She's been fighting NSO Group to try to limit the sale and use of spyware for many years and  last December set a precedent with a win against this Israeli cyber-intelligence firm in the California court.We talk to her about this and the state of digital forensics. As she says "it's a game of cat and mouse."

In dieser Folge geht es um Methoden, mit denen Staaten - und zwar längst nicht nur autoritäre - ihre Bürger bespitzeln. Dissidenten, Journalisten, Politiker und andere Bevölkerungsgruppen waren bereits Opfer von Smartphone-Malware, die im staatlichen Auftrag installiert wurde. Die Hersteller dieser Spionagesoftware sind geheimnistuerische Unternehmen, die viel Geld für ihre Dienste nehmen. Sylvester und Christopher nehmen alle Beteiligten unter die Lupe und klären auch die Frage, ob Whatsapp die NSA verklagt hat. - [Predator-Analyse von Cisco Talos](https://blog.talosintelligence.com/mercenary-intellexa-predator/) - [Google Project Zero zu FORCEDENTRY](https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html) - https://media.ccc.de/v/38c3-from-pegasus-to-predator-the-evolution-of-commercial-spyware-on-ios - https://securitylab.amnesty.org/latest/2024/12/serbia-a-digital-prison-spyware-and-cellebrite-used-on-journalists-and-activists/ - [Details zum iOS Lockdown Mode](https://support.apple.com/de-de/105120) - https://securitylab.amnesty.org/get-help/ - https://securitylab.amnesty.org/partners-and-support/ - [Mobile Verification Toolkit (MVT)](https://docs.mvt.re/en/latest/)

It's become pretty easy to spot phishing scams: UPS orders you never made, banking alerts from companies you don't bank with, phone calls from unfamiliar area codes. But over the past decade, these scams – and the technology behind them – have become more sophisticated, invasive and sinister, largely due to the rise of something called ‘mercenary spyware.'The most potent version of this tech is Pegasus, a surveillance tool developed by an Israeli company called NSO Group. Once Pegasus infects your phone, it can see your texts, track your movement, and download your passwords – all without you realizing you'd been hacked.We know a lot of this because of Ron Deibert. Twenty years ago, he founded Citizen Lab, a research group at the University of Toronto that has helped expose some of the most high profile cases of cyber espionage around the world.Ron has a new book out called Chasing Shadows: Cyber Espionage, Subversion, and the Global Fight for Democracy, and he sat down with me to explain how spyware works, and what it means for our privacy – and our democracy.Note: We reached out to NSO Group about the claims made in this episode and they did not reply to our request for comment.Mentioned:“Chasing Shadows: Cyber Espionage, Subversion, and the Global Fight for Democracy,” by Ron Deibert“Meta's WhatsApp says spyware company Paragon targeted users in two dozen countries,” by Raphael Satter, ReutersFurther Reading:“The Autocrat in Your iPhone,” by Ron Deibert“A Comprehensive Analysis of Pegasus Spyware and Its Implications for Digital Privacy and Security,” Karwan Kareem“Stopping the Press: New York Times Journalist Targeted by Saudi-linked Pegasus Spyware Operator,” by Bill Marczak, Siena Anstis, Masashi Crete-Nishihata, John Scott-Railton, and Ron Deibert

Risky Business returns for its 19th year! Patrick Gray and Adam Boileau discuss the week's cybersecurity news and there is a whole bunch of it. They discuss: The incoming Trump administration guts the CSRB Biden's last cyber Executive Order has sensible things in it China's breach of the US Treasury gets our reluctant admiration Ross Ulbricht - the Dread Pirate Roberts of Silk Road fame - gets his Trump pardon New year, same shameful comedy Forti- and Ivanti- bugs US soldier behind the Snowflake hacks faces charges after a solid Krebs-ing And much, much (much! after a month off) more. This week's episode is sponsored by Sandfly Security, who make a Linux EDR solution. Founder Craig Rowland joins to talk about how the Linux ecosystem struggles with its lack of standardised approaches to detection and response. If you've got a telco full of unix, and people are asking how much Salt Typhoon you've got in there… Sandfly's tools are probably what you're looking for. If you like your Business like us… - Risky - then we're hiring! We're looking for someone to help with audio and video production for our work, manage our socials, and if you're also into the Cybers… even better. Position is remote, with a preference for timezones amenable to Australia/NZ. Drop us a line: editorial at risky.biz. This episode is also available on Youtube. Show notes POLITICO Pro | Article | Acting DHS chief ousts CSRB experts, other department advisers Treasury's sanctions office hacked by Chinese government, officials say Strengthening America's Resilience Against the PRC Cyber Threats | CISA AT&T, Verizon say they evicted Salt Typhoon from their networks Risky Bulletin: Looking at Biden's last cyber executive order - Risky Business Internet-connected devices can now have a label that rates their security | Reuters US sanctions prominent Chinese cyber company for role in Flax Typhoon attacks FCC ‘rip and replace' provision for Chinese tech tops cyber provisions in defense bill CIA nominee tells Senate he, too, wants to go on cyber offense | CyberScoop Trump tells Justice Department not to enforce TikTok ban for 75 days Judge rules NSO Group is liable for spyware hacks targeting 1,400 WhatsApp user devices | The Record from Recorded Future News Unpacking WhatsApp's Legal Triumph Over NSO Group | Lawfare Time to check if you ran any of these 33 malicious Chrome extensions Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on Fortinet FortiGate Firewalls - Arctic Wolf Ongoing attacks on Ivanti VPNs install a ton of sneaky, well-written malware Researchers warn of active exploitation of critical Apache Struts 2 flaw DOJ deletes China-linked PlugX malware off more than 4,200 US computers Russian internet provider confirms its network was ‘destroyed' following attack claimed by Ukrainian hackers | The Record from Recorded Future News Ukraine restores state registers after suspected Russian cyberattack | The Record from Recorded Future News Hackers claim to breach Russian state agency managing property, land records | The Record from Recorded Future News U.S. Army Soldier Arrested in AT&T, Verizon Extortions – Krebs on Security

Specter and zi discuss their winter break, cover some interesting CCC talks, and discuss the summary judgement in the WhatsApp vs. NSO Group case. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/268.html [00:00:00] Introduction [00:09:53] 38C3: Illegal Instructions [00:35:38] WhatsApp v. NSO Group [01:04:06] Vulnerability Research Highlights 2024 [01:08:45] Debugging memory corruption: Who wrote ‘2' into my stack?! [01:16:46] HardBreak [01:20:14] Announcing CodeQL Community Packs Podcast episodes are available on the usual podcast platforms: -- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063 -- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt -- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz -- Other audio platforms can be found at https://anchor.fm/dayzerosec You can also join our discord: https://discord.gg/daTxTK9

Sono sempre di più gli inverter, abbinati ad un impianto fotovoltaico, collegati alla rete internet. Può uno strumento di questo tipo trasformarsi in un potenziale pericolo e una “porta” per sabotare la rete elettrica? Quanto è grave l’allarme lanciato da un ricercatore specializzato in test di sicurezza per dispositivi connessi? Ne parliamo con Roberto Pezzali, esperto di tecnologia della redazione di Dday.it.Alcuni definiscono storica la vittoria legale di WhatsApp (Meta) contro NSO Group, l'azienda israeliana produttrice del software spia Pegasus. Quali conseguenze potrà avere e cosa ci dice sulla battaglia globale per il controllo degli strumenti di intelligence? Enrico Pagliarini lo chiede ad Andrea Zapparoli Manzoni, presidente di Hackmanac, società di analisi strategia delle minacce informatiche. Infine, con l’inizio del nuovo anno facciamo il punto sull’Intelligenza Artificiale Generativa con Enrico Bertino, Chief Technology Officer di Indigo.ai.E come sempre le notizie di innovazione e tecnologia più importanti della settimana.

Marta Peirano nos habla sobre Surveilled, el documental de Ronan Farrow en HBO, explora el uso de la tecnología de espionaje comercial Pegasus desarrollada por la empresa israelí NSO Group. A través de entrevistas con expertos, exfuncionarios y víctimas, Farrow revela cómo gobiernos de todo el mundo, incluido el español, han utilizado Pegasus para espiar a políticos, activistas y ciudadanos.Escuchar audio

A federal judge finds NSO Group liable for hacking WhatsApp. China accuses the U.S. government of cyberattacks. The UK's Operation Destabilise uncovers a vast criminal network. An alleged LockBit developer says he did it for the money. Apache releases a security update for their Tomcat web server. Siemens issues a security advisory for their User Management Component. Italy's data protection authority fines OpenAI $15.6 million. Researchers demonstrate a method to bypass the latest Wi-Fi security protocol. Apple sends potential spyware victims to a nonprofit for help. Our guest is Sven Krasser, CrowdStrike's Senior Vice President Data Science and Chief Scientist, talking about balancing AI and human intervention. Hackers supersize their McDonald's delivery orders.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, our guest is Sven Krasser, CrowdStrike's Senior Vice President Data Science and Chief Scientist, talking about balancing AI and human intervention. Selected Reading Judge rules NSO Group is liable for spyware hacks targeting 1,400 WhatsApp user devices (Recorded Future) Chinese cyber center points finger at U.S. over alleged cyberattacks to steal trade secrets (CyberScoop) Inside Operation Destabilise: How a ransomware investigation linked Russian money laundering and street-level drug dealing (Recorded Future) Suspected LockBit dev faces extradition to the US (The Register) Apache fixes remote code execution bypass in Tomcat web server (Bleeping Computer) Siemens Warn of Critical Vulnerability in UMC (GovInfoSecurity) Italy's Privacy Watchdog Fines OpenAI for ChatGPT's Violations in Collecting Users Personal Data (SecurityWeek) WPA3 Network Password Bypassed via MITM Attack & Social Engineering (CyberSecurityNews.com) Apple Warns Users Of iPhone Spyware Attacks—What You Need To Know (Forbes) McDonald's Delivery App Vulnerability Let Anyone Place an Order for Just $0.01 (CyberSecurityNews.com) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Inappropriate apps rated as safe for children are prevalent in the App Store,Tesla is recalling almost 700,000 vehicles, and a Judge found spyware-maker NSO Group liable for attacks on WhatsApp users. It's Monday, December 23rd and this is Engadget News. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Privacy & Security FAQ: Week Ending November 19th, 20241. What happened with T-Mobile and Chinese hackers? Chinese hackers, suspected of ties to Chinese intelligence, infiltrated T-Mobile as part of a larger cyberespionage operation. This attack targeted telecom companies to gather intelligence on high-value targets. While T-Mobile claims no significant impact on their systems or customer data, the breach raises concerns about the security of telecommunications networks and the potential for surveillance. Google is rolling out an AI-powered scam call detection feature for Android phones, starting with Pixel 6 and newer models. This feature analyzes real-time conversation patterns to detect potential scams and alerts users through audio, haptic, and visual warnings. The system operates entirely on the device, ensuring privacy by not storing or transmitting call data externally. India's competition watchdog fined Meta $25.4 million and ordered WhatsApp to stop sharing user data with other Meta units for advertising for five years. This action stems from WhatsApp's 2021 privacy policy update, which mandated data sharing with Meta companies without an opt-out option. The watchdog deemed this practice as an abuse of Meta's dominant position and coercive towards users. Legal documents from a US lawsuit between NSO Group and WhatsApp revealed that NSO Group, not their government clients, directly install and extract information from phones targeted by their Pegasus spyware. This contradicts NSO's claims that clients solely operate the spyware. The revelation raises concerns about the control and accountability of NSO Group's powerful surveillance technology. ChatGPT's desktop app for macOS can now read code from developer-focused apps like VS Code, Xcode, and TextEdit. This integration allows developers to directly send code snippets to ChatGPT for analysis and assistance without manual copy-pasting. While it currently lacks the ability to write code directly into apps, this feature marks a step towards streamlined AI assistance in coding workflows. DeFlock is an open-source project utilizing Open Street Map to map the locations of automated license plate readers (ALPRs) worldwide. Concerned about the proliferation of these surveillance devices, the project encourages crowdsourced reporting of ALPR locations, including details like camera direction. You can contribute to this initiative by reporting ALPRs in your area on the DeFlock website: https://deflock.me/report. Internal emails revealed that the US Secret Service debated the need for warrants when using location data from smartphone apps. Some officials argued that users' acceptance of app terms of service implied consent for data sharing, even if those terms didn't explicitly mention sharing with law enforcement. This raised concerns about government agencies accessing private location data without proper legal authorization. How can you enhance your privacy and security? For secure communication: Consider using encrypted messaging apps like Signal or Session. Protect against phone fraud: Be wary of suspicious calls and consider enabling Google's AI-powered scam call detection. Control data sharing: Scrutinize app permissions and privacy policies before granting access to personal information. Support privacy initiatives: Contribute to projects like DeFlock and advocate for stronger data protection laws. Stay informed: Follow reputable sources for news on privacy and security issues to make informed decisions about your digital life.

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: Microsoft introduces some sensible sounding post-Crowdstrike changes Palo Alto patches hella-stupid bugs in its firewall management webapp CISA head Jen Easterly to depart as Trump arrives AI grandma tarpits phone scammers in family-tech-support hell Academic research supports your gut-reaction; phishing training doesn't work And much, much more. This week's episode is sponsored by Greynoise. The always excitable Andrew Morris joins to remind us that the edge-device vulnerabilities Pat and Adam complain about on the show are in fact actually even worse than we make them out to be. Andrew also tells us about a zero-day Greynoise' AI system truffle-pigged out of their data set. This episode is also available on Youtube. Show notes Windows security and resiliency: Protecting your business | Windows Experience Blog Microsoft revamps how it will disclose vulnerabilities | Cybersecurity Dive NIST says exploited vulnerability backlog cleared but end-of-year goal for full list unlikely Pots and Pans, AKA an SSLVPN - Palo Alto PAN-OS CVE-2024-0012 and CVE-2024-9474 Palo Alto Networks customers grapple with another actively exploited zero-day | Cybersecurity Dive Unpatched zero-days in Fortinet and Palo Alto Networks software Palo Alto Networks' customer migration tool hit by trio of CVE exploits | Cybersecurity Dive Readout of President Joe Biden's Meeting with President Xi Jinping of the People's Republic of China | The White House Easterly to step down from CISA director role on Inauguration Day | Cybersecurity Dive Top White House cyber official urges Trump to focus on ransomware, China Ransomware gang Akira leaks unprecedented number of victims' data in one day Hacker Is Said to Have Gained Access to File With Damaging Testimony About Gaetz 1,400 Pegasus spyware infections detailed in WhatsApp's lawsuit filings NSO Group admits cutting off 10 customers because they abused its Pegasus spyware, say unsealed court documents | TechCrunch Ransomware gang Akira leaks unprecedented number of victims' data in one day Ohio man behind Helix cryptocurrency mixer gets 3-year sentence O2 unveils Daisy, the AI granny wasting scammers' time - Virgin Media O2 Understanding the Efficacy of Phishing Training in Practice Bunnings facial recognition cameras breach Privacy Act, retailer to challenge ruling | news.com.au — Australia's leading news site Nudity, punches in newly released Bunnings CCTV as company found to breach Privacy Act | news.com.au — Australia's leading news site Bitfinex Hack Launderer Heather 'Razzlekhan' Morgan Sentenced to 18 Months in Prison

In today's podcast we cover four crucial cyber and technology topics, including: 1.        Criminals abuse brands in shopping-themed phishes 2.        GeoVision devices abused to support botnet 3.        T-Mobile compromise revealed; Chinese adversaries implicated 4.        NSO Group abused WhatsApp even after legal complaint I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

A UN Security Council draft resolution calls for an 'immediate' gaza cease-fire, Pres.-elect Trump says the Russia-Ukraine war has “gotta stop,” Sri Lanka's Pres. Dissanayake's coalition wins snap polls, a study suggests that Sudan's war death toll is much higher than records show, Trump picks RFK Jr. to lead the US Dept. of Health and Human Services, Elon Musk reportedly meets with Iran's UN Ambassador, court depositions suggest that NSO Group, not government clients, operates NSO spyware, the Bank of England's Governor Bailey calls for closer EU ties, experts suggest that UN climate talks need an urgent overhaul, and a Pentagon report says there were 21 unexplained 'UAP' sightings in a recent 12-month period. Sources: https://www.verity.news/

Unredacted court filings from WhatsApp's 2019 lawsuit against NSO Group reveal the scope of spyware infections. Glove Stealer can bypass App-Bound Encryption in Chromium-based browsers. Researchers uncover a new zero-day vulnerability in Fortinet's FortiManager. Rapid7 detects an updated version of LodaRAT. CISA warns of active exploitation of Palo Alto Networks' Expedition tool. Misconfigured Microsoft Power Pages accounts expose sensitive data. Iranian state hackers mimic North Koreans in fake job scams. Australia warns its critical infrastructure providers about state sponsored embedded malware. An especially cruel cybercriminal gets ten years in the slammer. Guest Ambuj Kumar, Co-founder and CEO of Simbian, joins us to discuss how AI Agents may change the cyber landscape. We're countin' down the top ten least secure passwords.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Ambuj Kumar, Co-founder and CEO of Simbian, joins us to discuss how AI Agents are going to change the cyber landscape. Selected Reading 1,400 Pegasus spyware infections detailed in WhatsApp's lawsuit filings (The Record) Glove Stealer Malware Bypasses Chrome's App-Bound Encryption (SecurityWeek) watchTowr Finds New Zero-Day Vulnerability in Fortinet Products ( Infosecurity Magazine) LodaRAT: Established malware, new victim patterns (Rapid7 Blog) CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks (SecurityWeek) Microsoft Power Pages misconfigs exposing sensitive data (The Register) Iranian Threat Actors Mimic North Korean Job Scam Techniques (BankInfo Security) Hackers Lurking in Critical Infrastructure to Wage Attacks (BankInfo Security) Cybercriminal devoid of boundaries gets 10-year prison sentence (The Register) Top 200 Most Common Passwords (NordPass) Special voting request.  Just when you thought voting was over for this year…It's time to vote…again! The N2K CyberWire hosting team of Dave Bittner, Maria Varmazis, and Joseph Carrigan have been nominated for the Creator of the Year category in the Baltimore region's 2024 Technical.ly Awards for their incredible work on the Hacking Humans podcast! If you're a fan of Hacking Humans, we'd be thrilled to have your support! Please cast your vote here. (Make sure you select the “Baltimore” region). Thanks for your vote! Voting ends Monday, November 18th, so don't delay! Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts wit h us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

La empresa israelí respondió a la denuncia del presidente Gustavo Petro en un mensaje dirigido a La W.

Two disappointments and a heaping helping of worry on this week's show. We're worried about the upcoming U.S. elections, though the FBI and CISA say there may be reason to worry less. Disappointments include Apple dropping a lawsuit against NSO Group and bad guys misusing American treasure Tom Hanks. We'll hit all of that on this edition of The Checklist, brought to you by SecureMac. Check out our show notes: SecureMac.com/Checklist And get in touch with us: Checklist@Securemac.com

In an unexpected turn of events, Apple has decided to drop its three-year-old lawsuit against the notorious spyware maker, NSO Group. What led to this shocking decision, and what does it mean for the future of cybersecurity and your personal data?

On this week's show, Patrick Gray and Adam Boileau discuss the weeks security news, including: Hezbollah's attempts to avoid SIGINT with pagers ends in explosions The US shines many bright lights on RT's disinfo role Australia counters Chinese bullying in the Pacific Valid accounts are the most prevalent entry point, says CISA's data Ivanti and Fortinet vie for worst vendor of the week Krebs writes up the shift towards charging The Com with terrorism And much, much more… This week's episode is sponsored by Push Security, who bring security visibility to where it needs to be these days – the browser. Luke Jennings joins this week's show to discuss how phish-kit crews are driving the arms race forward, and how detection has to adapt and go where the users are. This episode is also available on Youtube. Show notes Israel planted explosives in Hezbollah's Taiwan-made pagers, sources say | Reuters How Hezbollah used pagers and couriers to counter Israel's high tech surveillance | Reuters Biden administration unveils new evidence of RT's key role in Russian intelligence operations globally | CNN Politics Meta bans RT days after U.S. accused Russian outlet of disinformation U.S. to file charges in Trump campaign hacking case, officials say China suspected of hacking diplomatic body for Pacific islands region Chinese-made port cranes in US included 'backdoor' modems, House report says Stolen account info still chief risk for federal agencies, annual CISA audit finds Notice of Recent Security Incident | Fortinet Blog WordPress.org to require two-factor authentication for plugin developers | CyberScoop Multiple attacks force CISA to order agencies to upgrade or remove end-of-life Ivanti appliance Ivanti Endpoint Manager and Ivanti Endpoint Manager Security Suite and Ivanti Cloud Service Application (CSA) - End Of Life (EOL) The Dark Nexus Between Harm Groups and ‘The Com' – Krebs on Security Feds sentence 12 crypto thieves behind SIM swaps, home invasions Ex-CrowdStrike employees detail rising technical errors before July outage | Semafor Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows Kernel - SecurityWeek Apple seeks dismissal of its NSO Group lawsuit, citing risk of exposing ‘vital security information' US hits Intellexa spyware maker with more sanctions (1) BolivarCucuta on X: "Encuentran muerto al ciudadano israelí Yariv Bokor en Medellín En un apartamento de El Poblado, Medellín, fue encontrado sin vida el ciudadano israelí Yariv Bokor, con aparentes signos de violencia. Bokor estaba vinculado a la empresa Sandvine, la cual tiene relación con NSO https://t.co/EeY1os1omW" / X Instagram to bolster privacy and safety features for millions of teen users Mastercard buys Recorded Future for $2.65 billion | CyberScoop

Welcome to this week's episode of the PEBCAK Podcast!  We've got four amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast   TSA bypassed by SQL injection attack https://www.bleepingcomputer.com/news/security/researchers-find-sql-injection-to-bypass-airport-tsa-security-checks/  https://xkcd.com/327/ https://arstechnica.com/information-technology/2023/10/sob-story-about-dead-grandma-tricks-microsoft-ai-into-solving-captcha/   Russian APT29 uses commercial spyware exploits https://www.bleepingcomputer.com/news/security/russian-apt29-hackers-use-ios-chrome-exploits-created-by-spyware-vendors/  https://www.darkreading.com/threat-intelligence/commercial-spyware-vendors-have-a-copycat-in-top-russian-apt   People too good at spotting phishing https://krebsonsecurity.com/2024/08/when-get-out-the-vote-efforts-look-like-phishing/  https://krebsonsecurity.com/2018/07/notorious-hijack-factory-shunned-from-web/   Career Goals https://guykawasaki.com/guy-kawasaki/   Dad Joke of the Week (DJOW)   Please share this podcast with someone you know!  It helps us grow the podcast and we really appreciate it!   Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Brian - https://www.linkedin.com/in/briandeitch-sase/ Glenn - https://www.linkedin.com/in/glennmedina/ Jason - https://www.linkedin.com/in/jason-seemann-12b7075/

เพกาซัส ไม่ใช่แค่ม้ามีปีกในเทพนิยาย แต่เป็นสปายแวร์สอดแนมของ NSO Group บริษัทด้านข่าวกรองทางไซเบอร์ของอิสราเอล ที่ถูกซื้อขายให้แก่รัฐบาลประเทศต่าง ๆ และมักถูกนำมาใช้สอดแนมผู้ที่รัฐมองว่าเป็นภัยความมั่นคง โดยเคยมีกรณีร้ายแรงถึงชีวิตเกิดขึ้นกับนักข่าวที่วิพากษ์วิจารณ์ราชวงศ์ซาอุดีอาระเบีย ซึ่งมีเบาะแสชี้ว่าบุคคลนั้นถูกสอดแนมโดยเพกาซัสก่อนจะเกิดเหตุ หลังกระแสการชุมนุมเรียกร้องทางการเมืองช่วงปี 2563-2564 ในรัฐบาลประยุทธ์ สปายแวร์เพกาซัสกลายเป็นที่สนใจในสังคมไทยหลังจากมีข่าวว่านักกิจกรรมไทยได้รับแจ้งเตือนจาก Apple ว่าถูกสอดแนมโดยสปายแวร์ดังกล่าว ผู้มีส่วนได้รับผลกระทบจึงรวมตัวกันฟ้องคดีต่อรัฐบาลประยุทธ์และบริษัท NSO Group ในการใช้สปายแวร์ดังกล่าวสอดแนมนักกิจกรรม ความคืบหน้าเป็นอย่างไร อุปสรรรคและความคาดหวังของเครือข่ายพลเมืองที่มีต่อการดำเนินคดีเป็นแบบไหน ชวนคุยกับเจ้าหน้าที่ iLaw และทีมทนายความได้ใน “มนุษย์ออนไลน์ ปี 2 EP.5 : พลเมืองฟ้องกลับ!! สปายแวร์เพกาซัส” #สปายแวร์ #เพกาซัส #สปายแวร์เพกาซัส #Pegasus #NSO #NSOGroup #iLaw

Three Buddy Problem - Episode 10: Top stories this week -- Volt Typhoon zero-day exploitation of Versa Director servers, Chinese APT building botnets with EOL routers, the gap in security solutions for network devices and appliances, Russia's APT29 (Midnight Blizzard) caught reusing exploits from NSO Group and Intellexa, Microsoft's upcoming Windows endpoint security summit in response to the CrowdStrike incident, and the arrest of Telegram's Pavel Durov in France. Plus, the NSA is launching a podcast. Hosts: Costin Raiu (https://x.com/craiu) (Art of Noh), Juan Andres Guerrero-Saade (https://x.com/juanandres_gs)(SentinelLabs), Ryan Naraine (https://x.com/ryanaraine) (SecurityWeek)

The focus was on Iranian APTs this week, both from private threat intelligence teams and CISA, exposing new operations from UNC757 and other groups targeting government, higher education, and private industry. We also check in on a new report from Google's Threat Analysis Group on APTs using the same exploits for zero days that were developed by private commercial surveillance vendors NSO Group and Intellexa.

This week on Cyber Matters, Tanner Wilburn, Katherine Kennelly, and Zach Smith begin with Google's decision to end its plans to ban third-party cookies, discussing the implications for user privacy and online advertising. They then explore recent developments in the cybersecurity industry, including Google's failed acquisition of Israeli cybersecurity company Wiz and Mimecast's successful acquisition of Code 42. They also discuss Apple's warnings to Indian iPhone users about potential "mercenary spyware" attacks and the legal brief filed by major tech firms supporting a journalist targeted by NSO Group's spyware. They cover KnowBe4's inadvertent hiring of a North Korean hacker and the potential reporting obligations for companies following the recent Crowdstrike outages. The podcast also touches on the FTC's  not-so-new guidance on hashing and anonymization, as well as their investigation into "surveillance pricing" practices. State privacy laws are discussed, with a focus on Colorado's universal opt-out shortlist and a recent BIPA decision regarding Samsung's face-scanning feature. The hosts also cover recent fines and settlements involving Meta, Oracle, and TracFone related to various privacy and data protection violations. If you enjoy the show, share and leave us 5 stars! Links from the show: https://www.linkedin.com/company/cyber-matters-podcast/ https://www.cooley.com/news/insight/2024/2024-07-22-sec-reporting-implications-for-publicly-traded-companies-impacted-by-crowdstrike-defective-software-update https://www.techtarget.com/whatis/feature/AI-lawsuits-explained-Whos-getting-sued https://www.lawfaremedia.org/article/lawfare-podcast-orin-kerr-and-asaf-lubin-apple-v-nso-group

Three Buddy Problem - Episode 6: As the dust settles on the CrowdStrike incident that blue-screened 8.5 million Windows computers worldwide, we dig into CrowdStrike's preliminary incident report, the lack of transparency in the update process and the need for more robust testing and validation. We also discuss Microsoft's responsibility to avoid infinite BSOD loops, risks of deploying EDR agents on critical systems, and how an EU settlement is being blamed for EDR vendors having access to the Windows kernel. Other topics on the show include Mandiant's attribution capabilities, North Korea's gov-backed hacking teams launching ransomware on hospitals, KnowBe4 hiring a fake North Korean IT worker, and new developments in the NSO Group surveillance-ware lawsuit. Hosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)

This week on Cyber Matters, Tanner Wilburn and Katherine Kennelly begin with the widespread outages caused by a CrowdStrike update, discussing the implications for IT practices and the importance of testing updates before deployment. They then explore the dismissal of most of the SEC's lawsuit against SolarWinds and its former CISO, Timothy Brown. They provide background on the SolarWinds Orion software compromise and analyze the court's decision, particularly highlighting the setback for the SEC's authority in cybersecurity regulation. In data breach news, they discuss the arrest of a suspected Scattered Spider hacker in the UK and the ongoing costs of the Change Healthcare ransomware attack for UnitedHealth. They also cover a class-action lawsuit against a law firm related to a data breach. The podcast touches on allegations that AWS leased infrastructure to NSO Group, known for its controversial spyware. They also discuss a lawsuit against Patagonia for alleged violations of California privacy law from 1967 and explore the broader trend of CIPA litigation. In AI news, the hosts cover updated USPTO guidance for AI-related patent applications and Meta's decision not to offer future multimodal AI models in the EU. The episode concludes with a brief mention of Google's potential $23 billion acquisition of cybersecurity startup Wiz.   Linkedin: https://www.linkedin.com/company/cyber-matters-podcast/ A breakdown of USPTO Guidance: https://www.intellectualpropertylawblog.com/archives/uspto-issues-ai-subject-matter-eligibility-guidance/

In episode 334, hosts Tom Eston, Scott Wright, and Kevin Johnson discuss two major topics. First, they explore the ongoing legal battle between Citizen Lab and the Israeli spyware company NSO Group. The courts have consistently blocked NSO's attempts to access Citizen Lab's documents to protect victim privacy. Second, they discuss Apple's new AI features […] The post Citizen Lab vs. NSO Group, Apple AI and Privacy appeared first on Shared Security Podcast.

On this edition of Parallax Views, Israeli investigative reporter Meron Rappaport joins the show to discuss a MAJOR story he helped break last week with 972 Magazine, Local Call, and The Guardian: Israel's Covert War Against the ICC. According to the bombshell reporting Meron and others have done, Israel has engaged in a nearly long surveillance program against the International Criminal Court. Surveillance was aimed at both current chief prosecutor and his predecessor Fatou Bensouda. Additionally, Palestinian human rights groups like Al-Haq, Addameer, Al Mezan, and the Palestinian Center for Human Rights (PCHR) were targets of surveillance and there are connections to the controversial and scandal-besieged Israeli private cyber-intelligence firm NSO Group's Pegasus spyware to this story. This story includes allegations of illegal activity, intimidation, and blackmail. Read the story HERE: Surveillance and interference: Israel's covert war on the ICC exposed We'll  discuss a numbe of issues-related to this story including how figures at the highest-levels of Israel's government, specifically Benjamin Netanyahu, figure into the surveillance program as well as the military (ie: IDF) and intelligence services (ie: Shin Bet) tie into it as well. Moreover, we'll look at how Israeli officials were initially enthused about Karim Khan taking over as chief prosecutor at the ICC until "everything changed" with the October 7th Hamas attack and the Gaza War. At the beginning of the conversation Meron will give his thoughts on the state of the Israeli free press in light of the recent attack on Haaretz's Tel Aviv headquarters where the main doors of the HQ's entrance were smashed. In the final portion of the conversation Meron discusses the Land for All movement that he helped cofound which offers a Confederation approach to resolving the Israeli-Palestinian conflict. Many argue that the Confederation approach amounts to a push for a de facto one-state solution, but figures like Dahlia Scheindlin as well as Meron argue that it is actually a two-state solution for the 21st century that addresses the failures and missteps of the Oslo generation. All that and more on this edition of Parallax Views.

(***TIMESTAMPS in description below) ~Jonathan Scott is a Gray Hat Hacker. He is known for exposing the *real* story behind "Hotel Rwanda" and for his expertise on NSO Group's Mysterious Spyware, "Pegasus." - BUY Guest's Books & Films IN MY AMAZON STORE: https://amzn.to/3RPu952 EPISODE LINKS: - Julian Dorey PODCAST MERCH: https://juliandorey.myshopify.com/ - Support our Show on PATREON: https://www.patreon.com/JulianDorey - Join our DISCORD: https://discord.gg/Ajqn5sN6 JONATHON SCOTT'S LINKS: - JONATHON'S YOUTUBE: https://www.youtube.com/c/jonathandata1 JULIAN YT CHANNELS: - SUBSCRIBE to Julian Dorey Clips YT: https://www.youtube.com/@juliandoreyclips - SUBSCRIBE to Julian Dorey Daily YT: https://www.youtube.com/@JulianDoreyDaily - SUBSCRIBE to Best of JDP: https://www.youtube.com/@bestofJDP ***TIMESTAMPS*** 00:00 - Grey Hat Hacker, Pegasus, Bitcoin Controversy Case

Around the globe, journalists, human rights activists, scholars and others are facing digital attacks from Pegasus, military-grade spyware originally developed to go after criminals. Some of the people targeted have been killed or are in prison.In this episode, Reveal partners with the Shoot the Messenger podcast to investigate one of the biggest Pegasus hacks ever uncovered: the targeting of El Faro newspaper in El Salvador.In the opening story, hosts Rose Reid and Nando Vila speak with El Faro co-founder Carlos Dada and reporter Julia Gavarrete. El Faro has been lauded for its investigations into government corruption and gang violence. The newspaper is no stranger to threats and intimidation, which have increased under the administration of President Nayib Bukele.Reid and Vila also speak with John Scott-Railton of Citizen Lab, a Toronto-based digital watchdog group. Scott-Railton worked to identify the El Faro breach, and it was one of the most obsessive cases of spying Citizen Lab has ever seen.Over the course of one year, 22 members of the newspaper's staff had their phones infected with Pegasus and were surveilled by a remote operator. Researchers suspect Bukele's government was behind the spying, though officials have denied those allegations. The breach forced El Faro's journalists to change the way they work and live and take extreme measures to protect sources and themselves. Then Reid talks with Reveal's Al Letson about growing efforts to hold the NSO Group, the company behind Pegasus, accountable for the massive digital attacks. Support Reveal's journalism at Revealnews.org/donatenow Subscribe to our weekly newsletter to get the scoop on new episodes at Revealnews.org/newsletter Connect with us on Twitter, Facebook and Instagram

In this week's show Patrick Gray and Adam Boileau discuss the week's security news. They talk about: The serious consequences from the Change Healthcare ransomware, and the need for a … nastier response Predator spyware maker getting a stern sanctioning A German military WebEx meeting gets snooped Mem-corrpution is still king And much, much more In this week's sponsor interview Patrick Gray speaks to Karl McGuinness, Okta's chief architect, about some new security improvements they've built into their IDP. Show notes U.S. Air Force employee charged with giving classified information to woman he met on dating site Ransomware attack on U.S. health care payment processor ‘most serious incident of its kind' AlphV's hit on Change Healthcare strikes a sour note for defenders | Cybersecurity Dive Office of Public Affairs | Justice Department Disrupts Prolific ALPHV/Blackcat Ransomware Variant | United States Department of Justice Developing: AlphV allegedly scammed Change Healthcare and its own affiliate (1) Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment | WIRED Ciaran Martin on X: "“We have to find a way of making a ransom ban work” - me for @thetimes US launches antitrust investigation into UnitedHealth, WSJ reports | Reuters Brett Callow on X: "#Lockbit has de-listed Fulton County. Predator spyware endures even after widespread exposure, analysis shows | CyberScoop Predator spyware infrastructure taken down after exposure | CyberScoop U.S. bans maker of spyware that targeted a senator's phone Spyware maker NSO Group ordered to turn over Pegasus code in WhatsApp case Whatsapp Inc vs NSO Group Russia's chief propagandist leaks intercepted German military Webex conversation The White House's Oddly Specific, and Really Quite Good, Software Engineering Advice A leaky database spilled 2FA codes for the world's tech giants | TechCrunch In ConnectWise attacks, Play and LockBit ransomware exploits developed quickly | Cybersecurity Dive How to Secure the SaaS Apps of the Future | Okta Security

In this week's show Patrick Gray and Adam Boileau discuss the week's security news. They talk about: The serious consequences from the Change Healthcare ransomware, and the need for a … nastier response Predator spyware maker getting a stern sanctioning A German military WebEx meeting gets snooped Mem-corrpution is still king And much, much more In this week's sponsor interview Patrick Gray speaks to Karl McGuinness, Okta's chief architect, about some new security improvements they've built into their IDP. Show notes U.S. Air Force employee charged with giving classified information to woman he met on dating site Ransomware attack on U.S. health care payment processor ‘most serious incident of its kind' AlphV's hit on Change Healthcare strikes a sour note for defenders | Cybersecurity Dive Office of Public Affairs | Justice Department Disrupts Prolific ALPHV/Blackcat Ransomware Variant | United States Department of Justice Developing: AlphV allegedly scammed Change Healthcare and its own affiliate (1) Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment | WIRED Ciaran Martin on X: "“We have to find a way of making a ransom ban work” - me for @thetimes US launches antitrust investigation into UnitedHealth, WSJ reports | Reuters Brett Callow on X: "#Lockbit has de-listed Fulton County. Predator spyware endures even after widespread exposure, analysis shows | CyberScoop Predator spyware infrastructure taken down after exposure | CyberScoop U.S. bans maker of spyware that targeted a senator's phone Spyware maker NSO Group ordered to turn over Pegasus code in WhatsApp case Whatsapp Inc vs NSO Group Russia's chief propagandist leaks intercepted German military Webex conversation The White House's Oddly Specific, and Really Quite Good, Software Engineering Advice A leaky database spilled 2FA codes for the world's tech giants | TechCrunch In ConnectWise attacks, Play and LockBit ransomware exploits developed quickly | Cybersecurity Dive How to Secure the SaaS Apps of the Future | Okta Security

A court orders NSO Group to hand over their source code. The Five Eyes reiterate warnings about Ivanti products. Researchers demonstrate a generative AI worm. Fulton County calls LockBit's bluff. SMS codes went unprotected online. Golden Corral serves up a buffet of personal data. Ransom demands continue to climb. A US Senator calls on the FTC to investigate auto industry privacy practices. Dressing up data centers. Our guest is Dominic Rizzo, founder and director of OpenTitan and CEO at zeroRISC, discussing the first open-source silicon project to reach commercial availability. And Cops can't keep their suspects straight.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest is Dominic Rizzo, founder and director of OpenTitan and CEO at zeroRISC, discussing the first open-source silicon project to reach commercial availability. You can find the press release here.  Selected Reading Five Eyes Warn of Ivanti Vulnerabilities Exploitation, Detection Tools Insufficient (Infosecurity Magazine) A leaky database spilled 2FA codes for the world's tech giants (TechCrunch) Report: Average Initial Ransomware Demand in 2023 Reached $600K (Security Boulevard) Here Come the AI Worms (WIRED) Golden Corral restaurant chain data breach impacts 183,000 people (Bleeping Computer) Hackers stole 'sensitive' data from Taiwan telecom giant: ministry(Tech Xplore) CISA adds Microsoft Streaming Service bug to its Known Exploited Vulnerabilities catalog (Security Affairs) Senator asks FTC to investigate automakers' data privacy practices (The Record) Looking good, feeling safe – data center security by design (Data Center Dynamics) Cops visit school of 'wrong person's child,' mix up victims and suspects in epic data fail (The Register) OpenTitan® Partnership Makes History as First Open-Source Silicon Project to Reach Commercial Availability (lowRISC) Creating Connections: Embracing change. (N2K Women in STEM newsletter)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Biden prepares executive order on foreign access to data. Britain's NCSC warns of a significant ransomware increase. Cisco Talos confirms ransomware surge. BuyGoods.com leaks PII and KYC data. Fortra faces scrutiny over slow disclosure. AI fights financial fraud. Intel471 highlights bulletproof hosting. NSO Group lobbies to revamp their image. Tussling in Missouri over election security. Integrating cyber education. Our guests are N2K President Simone Petrella and WiCyS Executive Director Lynn Dohm talking about a new partnership for a comprehensive Cyber Talent Study. And the moral panic of Furbies. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today's guests are N2K President Simone Petrella and WiCyS Executive Director Lynn Dohm talking with Dave Bittner about a new partnership for a comprehensive Cyber Talent Study to deepen the collective understanding of cybersecurity competencies within the industry. Selected Reading Biden Seeks to Stop Countries From Exploiting Americans' Data for Espionage (Bloomberg) British intelligence warns AI will cause surge in ransomware volume and impact (The Record) Significant increase in ransomware activity found in Talos IR engagements, while education remains one of the most-targeted sectors (Talos) Global Retailer BuyGoods.com Leaks 198GB of Internal and User PII, KYC data (HACKREAD) Fortra blasted over slow response to critical GoAnywhere file transfer bug (SC Media) Gen AI Expected to Bring Big Changes to Banking Sector (GovInfo Security) Why Bulletproof Hosting is Key to Cybercrime-as-a-Service (Infosecurity Magazine) Notorious Spyware Maker NSO Group Is Quietly Plotting a Comeback (WIRED) Missouri secretary of state accused of withholding cybersecurity reviews of election authorities (StateScoop) Cybersecurity education from childhood is a vital tool: 72% of children worldwide have experienced at least one type of cyber threat (Check Point)  These Are the Notorious NSA Furby Documents Showing Spy Agency Freaking Out About Embedded AI in Children's Toy (404 Media) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Around the globe, journalists, human rights activists, scholars and others are facing digital attacks from Pegasus, military-grade spyware originally developed to go after criminals. Some of the people targeted have been killed or are in prison. In this episode, Reveal partners with the Shoot the Messenger podcast to investigate one of the biggest Pegasus hacks ever uncovered: the targeting of El Faro newspaper in El Salvador. In the opening story, hosts Rose Reid and Nando Vila speak with El Faro co-founder Carlos Dada and reporter Julia Gavarrete. El Faro has been lauded for its investigations into government corruption and gang violence. The newspaper is no stranger to threats and intimidation, which have increased under the administration of President Nayib Bukele. Reid and Vila also speak with John Scott-Railton of Citizen Lab, a Toronto-based digital watchdog group. Scott-Railton worked to identify the El Faro breach, and it was one of the most obsessive cases of spying Citizen Lab has ever seen. Over the course of one year, 22 members of the newspaper's staff had their phones infected with Pegasus and were surveilled by a remote operator. Researchers suspect Bukele's government was behind the spying, though officials have denied those allegations. The breach forced El Faro's journalists to change the way they work and live and take extreme measures to protect sources and themselves.  Then Reid talks with Reveal's Al Letson about growing efforts to hold the NSO Group, the company behind Pegasus, accountable for the massive digital attacks. Support Reveal's journalism at Revealnews.org/donatenow Subscribe to our weekly newsletter to get the scoop on new episodes at Revealnews.org/newsletter Connect with us on Twitter, Facebook and Instagram

A little over a decade ago, a small Israeli company created what would become the world's most powerful and notorious hacking tool.Mark Mazzetti, who is a Washington investigative correspondent for The Times, explains the surprising story of the NSO Group and why, despite banning its technology, the United States kept trying to use it.Guest: Mark Mazzetti, a Washington investigative correspondent for The New York Times.Background reading: The Biden administration has been trying to choke off use of hacking tools made by the Israeli firm NSO. It turns out that not every part of the government has gotten the message.The president signed an executive order seeking to limit deployment of a tool that has been abused by autocracies — and some democracies — to spy on dissidents, human rights activists and journalists.For more information on today's episode, visit nytimes.com/thedaily. Transcripts of each episode will be made available by the next workday.