Security News

The Israeli cyberweapons arms manufacturer - and human rights violator, and probably war criminal - NSO Group has been added to the US Department of Commerce's trade blacklist. Aside from the obvious difficulties this causes, it'll make it harder for them to buy zero-day vulnerabilities on the open market.

The U.S. Commerce Department on Wednesday added four companies, including Israel-based spyware companies NSO Group and Candiru, to a list of entities engaging in "Malicious cyber activities." The agency said the two companies were added to the list based on evidence that "These entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers."

The U.S. Commerce Department on Wednesday added four companies, including Israel-based spyware companies NSO Group and Candiru, to a list of entities engaging in "Malicious cyber activities." The agency said the two companies were added to the list based on evidence that "These entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers."

The US government's Dept of Commerce on Wednesday sanctioned four companies in Israel, Russia, and Singapore for selling software used to break into computer systems and by foreign governments to suppress dissent. "The United States is committed to aggressively using export controls to hold companies accountable that develop, traffic, or use technologies to conduct malicious activities that threaten the cybersecurity of members of civil society, dissidents, government officials, and organizations here and abroad," said US Secretary of Commerce Gina Raimondo in a statement.

The U.S. has sanctioned four companies located in Israel, Russia, and Singapore for the development of spyware or the sale of hacking tools used by state-sponsored hacking groups. Israeli companies NSO Group and Candiru are being sanctioned for creating and selling spyware used to target journalists and activists.

A new national cyber strategy will be launched by year-end, the National Cyber Security Centre's chief exec has promised - while calling out spyware vendor NSO Group as a "Red flag" for the UK infosec community. Lindy Cameron told the Chatham House international affairs think tank that NSO Group was "Something we raised a red flag about before, that the commercial market for sophisticated cyber exploitation products is an issue."

Cherie Blair tipped off a Jordanian princess that the royal's estranged husband, the Sheikh of Dubai, had deployed NSO Group's Pegasus malware against her and her lawyers, a series of explosive High Court judgments [PDFs] have revealed. Sheikh Mohammed bin Rashid al Maktoum, the absolute ruler of Dubai, was found to have ordered the deployment of one of the world's most potent malware strains against Princess Haya bint Hussein, his former wife and a member of the Jordanian royal family, during a bitter court battle over custody of their children.

A previously undisclosed "Zero-click" exploit in Apple's iMessage was abused by Israeli surveillance vendor NSO Group to circumvent iOS security protections and target nine Bahraini activists. "The hacked activists included three members of Waad, three members of the Bahrain Center for Human Rights, two exiled Bahraini dissidents, and one member of Al Wefaq," researchers from University of Toronto's Citizen Lab said in a report published today, with four of the targets hacked by an actor it tracks as LULU and believed to be the government of Bahrain.

A previously undisclosed "Zero-click" exploit in Apple's iMessage was abused by Israeli surveillance vendor NSO Group to circumvent iOS security protections and target nine Bahraini activists. "The hacked activists included three members of Waad, three members of the Bahrain Center for Human Rights, two exiled Bahraini dissidents, and one member of Al Wefaq," researchers from University of Toronto's Citizen Lab said in a report published today, with four of the targets hacked by an actor it tracks as LULU and believed to be the government of Bahrain.

The United Nations has called for a moratorium on the sale of "Life threatening" surveillance technology and singled out the NSO Group and Israel for criticism. The UN announcement then zeroes in on NSO Group, calling on it to "Disclose whether or not it ever conducted any meaningful human rights due diligence in line with the UN Guiding Principles on Business and Human Rights and publish fully the findings of any internal probes it may have undertaken on this issue".