A U.S. and Greek national who worked on Meta’s security and trust team while based in Greece was placed under a yearlong wiretap by the Greek national intelligence service and hacked with a powerful cyberespionage tool, according to documents obtained by The New York Times and officials with knowledge of the case.

Haaretz reveals NFV Systems’ surveillance tools; firm under investigation by secretive Israeli body for skirting arms export controls, in case that may ‘damage national security’

The iPhone security flaw was discovered by a Google unit that uncovers nation-state spyware, hacking and cyberattacks.

Auditionnée par le Parlement européen, la directrice du Centre national espagnol s’est contentée de rappeler le cadre juridique, selon les eurodéputés.

Christopher Wray, the F.B.I.’s director, told Congress last December that the bureau purchased the phone hacking tool Pegasus for research and development purposes.

Le droit à la vie privée est de plus en plus menacé par l’utilisation de technologies numériques modernes en réseau, dont les caractéristiques en font de formidables outils de surveillance, de contrôle et d’oppression, selon un nouveau rapport de l’ONU. Il est donc essentiel que ces technologies soient encadrées par une réglementation efficace reposant sur le droit international des droits de l’homme et les normes applicables en la matière
PDF Document link

‘Democracy and rule of law are at stake,’ says MEP Saskia Bricmont.

La sorveglianza europea parte da un’azienda italiana

An Italian surveillance company is tracking people all over the world on a grand scale on behalf of its clients – including in countries with a recent history of corruption and human rights abuses. Its powerful spyware was recently found in Kazakhstan and Romania. Europe’s parliamentarians voice growing concern about an out-of-control surveillance industry and call for it to be regulated.

The head of Greek intelligence told a parliamentary committee his agency had spied on a journalist, two sources present said, in a disclosure that coincides with growing pressure on the government to shed light on the use of surveillance malware.

MSTIC and MSRC disclose technical details of a private-sector offensive actor (PSOA) tracked as KNOTWEED using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European and Central American customers.

We recently discovered a zero-day vulnerability in Google Chrome (CVE-2022-2294) when it was exploited in the wild in an attempt to attack Avast users in the Middle East. The vulnerability was a memory corruption in WebRTC that was abused to achieve shellcode execution in Chrome’s renderer process. We reported this vulnerability to Google, who patched it on July 4, 2022.

ESET uncovers CloudMensis, a macOS backdoor that spies on users of Mac devices and communicates with its operators via public cloud storage services.

Forensic analysis by CitizenLab says government is the likeliest perpetrator.

As civil society and media organisations expose EU Member States' use of the Pegasus commercial spyware, one of the most high-profile spying scandals of recent years is coming to light in Europe.

Today, alongside Google’s Project Zero, we are detailing capabilities provided by RCS Labs, an Italian vendor that uses a combination of tactics, including atypical drive-by downloads as initial infection vectors to target mobile users on both iOS and Android.

Lookout Les chercheurs de Threat Lab ont découvert un logiciel de surveillance Android de niveau entreprise utilisé par le gouvernement du Kazakhstan à l'intérieur de ses frontières. D'après notre analyse, le logiciel espion est probablement développé par le fournisseur italien de logiciels espions RCS Lab S.p.A.

New details connect police in India to a plot to plant evidence on victims' computers that led to their arrest.

This technical achievement follows a complex investigation involving law enforcement authorities of Australia, Belgium, Finland, Hungary, Ireland, Spain, Sweden, Switzerland, the Netherlands and the United States, with the coordination of international activity carried out by Europol’s European Cybercrime Centre (EC3).  The investigation is ongoing to identify the individuals behind this global malware campaign.  Here is how FluBot worked  First spotted...

Two Egyptians—exiled politician Ayman Nour and the host of a popular news program (who wishes to remain anonymous)—were hacked with Predator spyware, built and sold by the previously little-known mercenary spyware developer Cytrox. The phone of Ayman Nour was simultaneously infected with both Cytrox’s Predator and NSO Group’s Pegasus spyware, operated by two different government clients.