Security News

Pegasus spyware-maker NSO Group announced on Sunday it will reorganize, replacing its CEO and letting go of around 100 workers. A statement from NSO Group reportedly said the reorg, which reduces the size of the company by around 15 percent, "Will examine all aspects of its business, including streamlining its operations to ensure NSO remains one of the world's leading hi-tech cyber intelligence companies, focusing on NATO-member countries."

We forensically confirmed that at least 30 individuals were infected with NSO Group's Pegasus spyware. A sample of the victims was independently analyzed by Amnesty International's Security Lab which confirms the methodology used to determine Pegasus infections.

US security technology provider L3Harris has courted controversial Israeli spyware firm NSO with an aim to buy it, according to reports. The New York Times claims L3Harris in recent months sent a team to Israel to try to smooth passage of the deal, which was made challenging by US president Joe Biden's decision to blacklist NSO following the use of its Pegasus software to crack phones of politicians and campaigners.

Ronan Farrow has a long article in The New Yorker on NSO Group, which includes the news that someone — probably Spain — used the software to spy on domestic Catalonian sepratists.

An unknown zero-click exploit in Apple's iMessage was used by Israeli-based NSO Group to plant either Pegasus or Candiru malware on iPhones owned by politicians, journalists and activists. Citizen Lab, in collaboration with Catalan-based researchers, released the finding in a report on Monday that claims 65 people were targeted or infected with malware via an iPhone vulnerability called HOMAGE. It asserts the controversial Israeli firm the NSO Group and a second firm Candiru were behind the campaigns that took place between 2017 and 2020.

The controversial Pegasus spyware, developed by NSO Group, has been found on the devices of Finland's diplomatic corps serving outside the country as part of a wide-ranging espionage campaign, according to Finnish officials. Last summer, the Guardian newspaper published a report from journalists who reviewed data leaked from NSO Group that found 50,000 phone numbers they believe were being monitored for their clients, dating back to 2016, including Amnesty International employees, human rights lawyers and more.

Finland's Ministry for Foreign Affairs says devices of Finnish diplomats have been hacked and infected with NSO Group's Pegasus spyware in a cyber-espionage campaign. "Finnish diplomats have been targets of cyber espionage by means of the Pegasus spyware, developed by NSO Group Technologies, which has received wide publicity," the Ministry said in a statement published today.

Citizen Lab published another report on the spyware used against two Egyptian nationals. The other was hacked both by Pegasus and by the spyware from another cyberweapons arms manufacturer: Cytrox.

Eighteen US Democratic lawmakers have asked the Treasury Department and State Department to punish Israel-based spyware maker NSO Group and three other surveillance software firms for enabling human rights abuses. In a letter [PDF] signed by US Senator Ron Wyden, House Intelligence Committee Chairman Adam Schiff, and 16 others, the legislators urge Secretary of the Treasury Janet Yellen and Secretary of State Antony Blinken to apply sanctions to the NSO Group, UAE-based DarkMatter Group, and EU-based Nexa Technologies and Trovicor, under the Global Magnitsky Act.

NSO Group's descent into Internet pariah status continues. Its Pegasus spyware was used against nine US State Department employees.