NEW: Pegasus spyware maker NSO Group just got publicly rebuffed by the US.

They came to DC to get off the US blacklist.

It did not work out. Thanks to their own actions.

You know about the human rights issues, but let me tell you why NSO is no friend to the United States. 1/ 2/ First, it's important to know that NSO was shady in how they set up the meeting.

For close observers, this is no surprise.

NSO constantly thinks that they can play the United States.

Part of what got them in trouble in the first place, but let's go deeper.

BREAKING: jury awards massive $167 million in punitive damages against spyware company NSO Group.

Precedent-setting win against the notorious #Pegasus spyware maker.

Congratulations to @WhatsApp on sticking this case through since 2019. Some thoughts 1/ 2/ After years of every trick & delay tactic it only took a California jury one days deliberation to the heart of the matter:

NSO makes millions hacking mostly-🇺🇸American tech companies... so that dictators can hack dissidents.

Their conduct deserved to be punished.

Friends don't let friends get their eyeballs scanned to buy a coffee.

Sam Altman's Orwellian "Tools for Humanity" says this dystopia machine could help distinguish between #AI agents & humans... or verify at Point of Sale..or..?

Looks to me like a big biometric data grab 1/ 2/ Surely they didn't just start with the idea of invasively harvesting eyeball scans...and then look around for potential justifications.

And then add in some AI hype.

Right?

Fear is dictatorship glue.

You can't imprison everyone with a dissenting thought.

Or inconvenient factual observation.

But fear teaches self censorship. It's a scalable system of control.

The autocrat's challenge is to keep the fear going. 1/ 2/ In the 20th century, keeping fear alive required massive human investment.

Informants... archives...exemplary punishments... information control.

Looked like a linear scale.

A post-cold war school of thought said: once everyone is connected, these systems won't work.

🚨NEW REPORT: first forensic confirmation of #Paragon mercenary spyware infections in #Italy...

Known targets: Activists & journalists.

We also found deployments around the world. Including ...Canada?

And a lot more... Thread on our @citizenlab investigation 1/
2/ So #Paragon makes zero-click spyware marketed as better than NSO's Pegasus...

Harder to find...

...And more ethical too!

This caught our attention @citizenlab & we were skeptical.

By @iblametom forbes.com/sites/thomasbr…

BREAKING: #Paragon reportedly terminates spyware contract with #Italy.

Right on heels of reported targeting of journalist & activists in Italy.

BIG DEAL: puts Italian government in the hot seat, since they denied knowing about it only hours ago.👇

https://x.com/jsrailton/status/1887255424560472247

2/ Read this slowly.

The implication is clear: the Italian government was a #Paragon customer & had their contract terminated...

Even as @GiorgiaMeloni's office was issuing denials.

Likely to make the scandal worse.

Exceptional reporting from The Guardian
theguardian.com/technology/202…

NEW: @WhatsApp says Israeli mercenary spyware company #Paragon targeted scores of users around world.

The infection happened with no interaction. No link to click or attachment to open.

This is called a "zero-click" attack.

WA says targets included journalists & members of civil society.

They dismantled the attack vector & notified users.

Good.

We at @citizenlab shared some info instrumental to their investigation of the vector.

This is a BIG deal. Here's why 1/


2/ For a few years the only source of information about #Paragon... has been Paragon.

They marketed themselves as the anti-NSO.

(NSO makes the notorious #Pegasus spyware)

It's easier to frame yourself as virtuous in the spyware game if nobody can look over your shoulder.

By @iblametom
forbes.com/sites/thomasbr…

By @RonanFarrow
newyorker.com/magazine/2022/…

NEW: US seeks extradition of Israeli private spy over sprawling hacking against 🇺🇸American nonprofits.

Amit Forlit's alleged customer? US lobbying firm @DCIGroup... representing @exxonmobil

Extradition filings in UK give fresh peek into this wild case 1/


2/ The case was triggered back in 2018, when US-based nonprofits targeted by hackers requested that @citizenlab notify the authorities.

In 2020, we went public with the investigation, alongside @jc_stubbs @razhael & @Bing_Chris 👇

https://x.com/jsrailton/status/1774958322841432443

The volume of scam phone calls targeting elderly people in the US is insane.

Anyone that has visited an aging person knows what I'm talking about.

Ring after ring.

Several calls a day isn't out of the ordinary each of them a risk of wiping out their savings.

It's an untenable situation and will only get worse without focused government action. Phone predators constantly target your parents.

Foreign scam call centers are running on an industrial scale.

Efforts phone companies are making are obviously not up to the task.

Just ask any retired person you know when they last got a scam call.

VPN advertising is the most common source of security misinformation that I encounter.

By far.

So many people misplace their trust in dubious consumer VPN products.

The industry is a scourge. VPNs don't do most of the things that podcasters imply they do.

Security:
Coffee shop attacks on unencrypted logins are a thing of a decade ago.

VPNs won't stop even the dumbest spyware & phishing.

Privacy:
Advertisers still know it's you when you turn on a VPN... they use many other identifying signals from your device, like your browser & advertising IDs. Those don't change when you turn on a VPN.

BREAKING: NSO Group liable for #Pegasus hacking of @WhatsApp users.

Big win for spyware victims.

Big loss for NSO.

Bad time to be a spyware company.

Landmark case. Huge implications. 1/ 🧵


2/ In 2019, 1,400 @WhatsApp users were targeted with #Pegasus.

WhatsApp did the right thing & sued NSO Group.

NSO has spent 5 years trying to claim that they are above the law.

And engaged in all sorts of maneuvering.

With this order, the music stopped and NSO is now without a chair.

NEW: US considering ban on @TPLINK routers.

Company has a majority of the US market share for homes & small biz.

Concerns stem from repeated use in cyberattacks from #China & concerns over supply chain security.

Reportedly an office of @CommerceGov has subpoenaed the company. 1/

Story by @heathersomervil @dnvolz & @aviswanatha


2/ @TPLINK has quickly grown market share, even as concerns have grown over vulnerabilities in the routers being used in #China-linked hacking operations.

wsj.com/politics/natio…

Use only end-to-end encrypted communications says @CISAgov.

YES!

End-to-end encryption is critical infrastructure for a safe society.

Plenty of other solid guidance for mobile users at risk here.

Let's look at their #iPhone & #Android-specific recs... 1/

2/ @CISAgov's top recommendation for Apple users is to✅ enable #LockdownMode

It's my top guidance for high-risk #iPhone users..

Because as researchers tracking sophisticated threats we see Lockdown Mode blunt advanced attacks...

Other solid guidance:

✅Protect your DNS
✅Disable fallback to SMS
✅Enroll in iCloud Private Relay
✅Trim App permissions.

NEW: #China #Russia #Iran & #Israel are spying on 🇺🇸Americans using telecom weaknesses says @DHSgov

Deeply concerning on heels of #SaltTyphoon breaches.

All US carriers vulnerable to some extent.

We know this thanks to Sen @RonWyden's tireless work to expose #SS7 & #Diameter vulnerabilities.

Here's how they work...

Story by @josephfcox 1/
2/ Here's the thing about the global network for routing calls.

Requests are trusted by default. Whatever operator they come from!

Since requests can let you do things like intercept calls, texts & track phones locations...

...a lot of governments & some shady companies have come running.

All they needed was a "Global Title" which is not hard to get in some jurisdictions.

Result? A tidal wave from around the globe of shady requests for the purpose of spying on people.

Including Americans. In the US.

We @citizenlab exposed Circles, one such player...

Story: 404media.co/dhs-says-china…

NEW: police in #Serbia caught unlocking activists phones with @Cellebrite's mobile forensic tools & planting spyware on them.

Incredibly troubling investigation by @AmnestyTech delves into how the Serbian authorities mix a toxic brew of repression out of homegrown + foreign mercenary spyware like #Pegasus + $CLBT's forensic tools possibly supplied as part of foreign assistance from #Norway. 1/

Read: amnesty.org/en/documents/e…


2/ From Traffic Stop to Spyware Victim...

As costs increase for zero-click spyware, expect to see authorities getting creative...

Rolling their own tech & finding novel ways to plant it on activists' devices with physical access.

https://x.com/DonnchaC/status/1868572455809548770

🚨NEW INVESTIGATION: Russia's 🇷🇺 FSB beat & detained this programmer.

They demanded he inform on contacts in #Ukraine.

When he was finally released, Kirill Parubets got his phone back.

It was bugged with spyware. 1/

Investigative collab by us @citizenlab w/@DeptFirst.
2/ Russian authorities descended on Kirill Parubets & his spouse. Raiding their apartment.

Beating him for his passwords.

Accusation? Money transfers to #Ukraine.

Then they threw the couple into custody.

The #FSB threatened life imprisonment if he didn't agree to become an informant.

citizenlab.ca/2024/12/device…

Good! Finally a path to crackdown on data brokers.

Americans are constantly victimized by these companies.

Privacy shouldn't be partisan, so pay close attention to see who comes out against these common-sense plans from the @CFPB. 1/

By Dell Cameron & Andrew Couts @wired.

2/ The volume of data constantly collected & sold on Americans puts the US at a global disadvantage.

The data-broker firehose is a hostile foreign intelligence service's delight.

But that's just the beginning.

Meet 'decolonization' expert Nomma Zarubina.

FSB codename "Alyssa"

All over the Washington DC think tank circuit. Had a knack for meeting US officials. Even attended some protests against Russia.

Just last week she spoke at an event on Parliament Hill in #Canada.

She's just been charged by the #FBI for lying about taking direction from the FSB. 1/


2/ Nomma Zarubina was collecting photos with current & former officials like Pokemon.

Wearing some NGO bona-fides, she also shows up at a lot of events with prominent exiles from #Russia & figures from #Ukraine.

She also got into all sorts of meetings...

BREAKING: #ExxonMobil lobbyist investigated over hacking of American nonprofits.

Hacked material fed PR campaigns & lawsuits against environmental advocacy orgs. 1/

By @razhael & @Bing_Chris


2/ The case goes back years & centers around a massive hack-for-hire operation based in #India....

...that did the dirty work for powerful people & companies around the world.

https://x.com/jsrailton/status/1774958322841432443

First time I've seen what I think is AI-generated fake satellite imagery.*

Interesting. 1/

https://twitter.com/NGA_GEOINT/status/1860707476745703641

2/ With a squint this vibes. Try it for yourself on the first pic without zooming in.

Notice anything that just isn't quite right?

First thing: the marina / oceanfront areas don't follow a coherent logic.

Whoa: NSO Group allegedly rolled a @WhatsApp exploit to implant #Pegasus spyware even after WhatsApp sued them.

This previously-unrevealed "Erised" vector was later disabled by #WhatsApp.

These un-redacted filings are quite the read. Even some footnotes have scoops. 1/ 2/ We learn that NSO Group had at least three @whatsapp exploits: Heaven, Eden & Erised.

The first, called Heaven, was active some time prior to Sept-Dec 2018. It worked by using manipulated messages to direct targeted devices to a malicious WhatsApp relay controlled by NSO Group.

Heaven was ultimately disabled by changes made in Sept & December 2018 by WhatsApp.

storage.courtlistener.com/recap/gov.usco…