Security News

Researchers have uncovered a surveillance campaign, dating back to at least 2013, which has used a slew of Android surveillanceware tools to spy on the Uyghur ethnic minority group. Researchers say, the surveillance apps in the campaign were likely distributed through a combination of targeted phishing and fake third-party app stores - however, they fortunately haven't been discovered on official app marketplaces, like Google Play.

Cybersecurity researchers today uncovered new details of watering hole attacks against the Kurdish community in Syria and Turkey for surveillance and intelligence exfiltration purposes. The APT has been linked to a 2018 operation that abused Türk Telekom's network to redirect hundreds of users in Turkey and Syria to malicious StrongPity versions of authentic software.

Amnesty International said Monday that software developed by Israeli security firm NSO Group was used to attack a Moroccan journalist, the latest in a series of allegations against the company. Amnesty said the Moroccan authorities used NSO's Pegasus software to insert spyware onto the cellphone of Omar Radi, a journalist convicted in March over a social media post.

Finally, after years of states' use of this kind of powerful spyware against their rivals and political enemies, the US Congress is planning to order its Director of National Intelligence to keep track of the threat this malware poses to the nation, which foreign governments are using it, and for what. The Senate bill - which lays out funding for the government's intelligence operations for next year - would require the DNI to submit a report to Congress on the threat posed by commercial spyware.

In a paper recently published through the Journal of Cybersecurity, Cornell University assistant professor Karen Levy and security veteran Bruce Schneier argue that intimate relationships open the door to a set of privacy and security risks that haven't been anticipated or adequately addressed by the public, the technical community, and policymakers. "We describe privacy threats that arise in our intimate relationships: families, romances, friendships," said Levy.

According to an investigative journalist team, the Israeli authors of the infamous Pegasus mobile spyware, NSO Group, have been using a spoofed Facebook login page, crafted to look like an internal Facebook security team portal, to lure victims in. The news comes as Facebook alleges that NSO Group has been using U.S.-based infrastructure to launch espionage attacks.

Security researchers at Bitdefender have identified a highly sophisticated Android spyware platform that managed to remain undetected for four years. Dubbed Mandrake, the platform targets only specific devices, as its operators are keen on remaining undetected for as long as possible.

A newly uncovered strain of Android spyware lurked on the Google Play Store disguised as cryptocurrency wallet Coinbase, among other things, for up to four years, according to a new report by Bitdefender. Beginning with an innocuous-looking dropper hosted on the Google Play store, masquerading as one of a number of legitimate apps, Mandrake allowed its Russian operators to snoop on virtually everything unsuspecting targets did on their mobile phone.

Senator Ron Wyden was reacting to Vice's discovery of a brochure by Westbridge Technologies - the US sales wing of the controversial NSO Group - which pitched NSO's Pegasus technology, rebadged as Phantom, to a police force in San Diego, California. The reference to spying on an ex-partner relates to claims that an employee of NSO Group who was caught using the firm's technology to spy on a woman they were interested in romantically.

Senator Ron Wyden was reacting to Vice's discovery of a brochure by Westbridge Technologies - the US sales wing of the controversial NSO Group - which pitched NSO's Pegasus technology, rebadged as Phantom, to a police force in San Diego, California. The reference to spying on an ex-partner relates to claims that an employee of NSO Group who was caught using the firm's technology to spy on a woman they were interested in romantically.