Cybersecurity firm Lookout found several samples of a North Korean spyware it calls KoSpy.

Lookout researchers have discovered a novel Android surveillance tool dubber KoSpy. It is attributed to APT 37 aka ScarCruft

Amnesty International’s Security Lab uncovers sophisticated Cellebrite zero-day exploit, impacting billions of Android devices.

Amnesty International said that Google fixed previously unknown flaws in Android that allowed authorities to unlock phones using forensic tools. On

Security researchers found evidence that Cellebrite was used by Serbian police to hack into the cellphones of a local journalist and an activist.

Italian company SIO, which sells to government customers, is behind an Android spyware campaign called Spyrtacus that spoofed popular apps like WhatsApp, per security researchers.

As an undercover journalist covering Italian politics, Francesco Cancellato is used to reporting on scandals. But he never thought he would be part of the story.

Following allegations of potential abuse, Paragon Solutions has cut off Italy from its spyware systems.

Barcelone se mue en “capitale européenne de la cyberguerre”. Depuis un an et demi, “au moins trois équipes renommées d’experts en piratage informatique”, venus d’Israël, se sont installées dans la capitale de la Catalogne, détaille El Periódico de Catalunya. Le journal espagnol s’appuie sur les informations du quotidien de Tel-Aviv Ha’Aretz, qui a publié le 26 décembre un article sur les hackers “délocalisés” d’Israël vers des pays de l’Union européenne, dont l’Espagne.

Cybersecurity experts, who work with human rights defenders and journalists, agree that Apple is doing the right thing by sending notifications to victims of mercenary spyware — and at the same time refusing to forensically analyze the devices.

The precedent-setting ruling from a Northern California federal judge could lead to massive damages against NSO Group, whose notorious spyware has been reportedly used by various governments worldwide.

Apple rejects requests for a copy of a Harris campaign staffer's iPhone.

Serbian authorities are using spyware and Cellebrite forensic extraction tools to hack journalists and activists in a surveillance campaign.

Amnesty said it found NoviSpy, an Android spyware linked to Serbian intelligence, on the phones of several members of Serbian civil society following police stops.

Officials from EU anti-fraud office were allegedly followed, wiretapped and had their laptops hacked by Hungary’s intelligence agency.

Key findings from our analysis include:

Advanced Surveillance Capabilities:

• Utilizes technologies like WebRTC for real-time audio and video streaming.
• Abuses Accessibility Services to intercept user interactions.

Comprehensive Data Exfiltration:

• Collects and transmits a wide range of personal data, including messages, call logs, and location information.

Persistence Mechanisms:

• Employs techniques to remain active on the device, such as auto-start on boot and misuse of device administrator privileges.

Abuse of Legitimate Services:

• Utilizes Firebase Cloud Messaging to establish command and control channels, disguising its communications as legitimate traffic.

Indicators of Compromise (IoCs):

• Identified specific URLs, IP addresses, file hashes, and other artifacts associated with Celular 007.

Need for Collective Protection:

• Highlights the importance of collective defense strategies and community awareness to combat such invasive tools.

Italy is home to six major spyware vendors and one supplier, with many smaller and harder-to-track enterprises emerging all the time, experts say.

Four victims of Pegasus spyware in the UK have this week filed a criminal complaint with the Metropolitan Police.

Apple said there’s “too significant a risk” of exposing the anti-exploit work needed to fend off the very adversaries involved in the case.

Intellexa’s Predator spyware infrastructure re-emerges after sanctions. Learn how this mercenary spyware is evolving, targeting high-profile individuals, and what defensive measures can be taken.