…unless you are a company promising only to sell the spyware to approved governments and law enforcement. Australian spyware developer charged after 14,500 sales • The Register
Commercialised cyberweapons
For when you have time, here are two articles from Microsoft looking at cyberweapons: Continuing the fight against private sector cyberweapons – Microsoft On the Issues Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits – Microsoft Security Blog The view from the US Government Pegasus spyware: Just ‘tip of …
Zero-day targeted attack against journalists using Google Chrome
This attack was highly targeted, using spyware from an Israeli cyber weapons company Candiru. To get the spyware onto the target machines the threat actors exploited, what was then, a zero-day vulnerability in Google Chrome. Zero-day used to infect Chrome users could pose threat to Edge and Safari users, too …
Continue reading “Zero-day targeted attack against journalists using Google Chrome”
Air-gapped systems used to be among the most secure IT systems – but they may be not anymore…
An air-gapped system is designed to be very secure. It is not connected to any other system, network or internet – literally a physical gap between it and the rest of the IT world. If it is not connected, then threat actors cannot connect to it. Mordechai Guri, from Ben-Gurion …
Who decides who the good guys are? Don’t worry though NSO only sells it’s spyware to approved governments and law enforcement agencies
Here is another report from the well respected Citizen Lab about the use/misuse, sale/mis-sale of the spyware Pegasus by the Israeli NSO Group. GeckoSpy: Pegasus Spyware Used Against Thailand’s Pro-Democracy Movement – The Citizen Lab The sale of these types of cyber weapons on the open market, is enabling governments …