BREAKING: US @StateDept imposes visa restrictions on 13 mercenary spyware proliferators / immediate family.

First known application of policy rolled out in Feb.
state.gov/promoting-acco…
2/ Visa restrictions are a promising tool in the fight against mercenary spyware.

Spyware developers & investors want big returns.

But they also want to spend some of that money on travel to the US & their kids' Ivy League tuition.

https://twitter.com/jsrailton/status/1754674515055968286

SEEN THESE ADS?

Producer is a declared foreign agent, paid ~$6.8m to make Kremlin propaganda on #Ukraine, etc.

He's claimed in filings that those videos wouldn't target the US audiences.

By @taylorgiorno_ & @annalecta opensecrets.org/news/2022/08/r…
Please REPLY if you are seeing "Zelenskyy Unmasked" ads in the US.

In FARA registrations, Ben Swann claims Russian millions are *not* for content targeting the the US.

So who is funding this massive advertising spend to attack #Ukraine?

FARA Example: efile.fara.gov/docs/7151-Supp…

Report: Russia seeking to interfere in US elections & undermine support for #Ukraine.

Tactics include propaganda-laundering.👇 1/

By @selectedwisdom
blogs.microsoft.com/on-the-issues/…
2/ Rigged courts. Election Fraud... Sound familiar?

It's the work of another #Russian propaganda operator highlighted by @Microsoft that amplifies socially divisive narratives.

Good morning to everyone except the "OSINT" accounts that spent last night spreading fake, alarmist & unconfirmed content. 2/ OSINT: Open Source INtelligence.

Owes its good reputation to groups like @Bellingcat that carefully VERIFY material before using it in analysis.

But today, if you find "OSINT" in the handle, there's a good chance that you will find neither verification nor analysis.

Be wary of OSINT-branded accounts recycling faked & old footage of airstrikes, explosions, interceptions etc.

It happens every time, but in New Twitter they have a direct financial incentive to push out inflammatory nonsense.

There's more 1/ 2/ The annoying practice of some OSINT-branded accounts of repeating headlines ginned up & borrowed from somewhere without citation as if it's their own...

Is reckless & dangerous during fast moving conflict where there is huge potential for *consequential* misunderstandings.

IMPORTANT: has @Apple recently sent you a #MercenarySpyware threat notification?

This is serious. Seek expert help.

If you're a journalist, activist, dissident, academic, etc. etc: ✅contact the @accessnow Digital Security Helpline.

accessnow.org/help/ 2/ @Apple's notifications continue to play critical role in helping #MercenarySpyware targets get help & take action.

And they keep leading to accountability.

To date, Apple says they have notified users in 150 countries.

That's a jaw-dropping illustration of the scale of the mercenary spyware proliferation.

You can learn more about the notifications here: support.apple.com/en-us/102174

WHOA: Judgments thrown out after role of hackers-for-hire revealed + Judge orders millions in damages.

New chapter in accountability for law firms using shady services.

Both @reuters & we @citizenlab have investigated #DarkBasin group 1/

By @razhael reuters.com/world/uk/us-ex…


2/ In 2020, alongside @reuters we @citizenlab exposed a massive Indian hack-for-hire operation.

In sprawling target list... a slew of US nonprofits working on climate change.

Whose presumably-hacked emails wound up in hostile PR & litigation.

Report: citizenlab.ca/2020/06/dark-b…

On new Twitter, experts are harassed & drowned out.

Exceptionally bad during crises.

Any chance of follow-up questions or dialogue in replies is buried under a dismal scroll of blue check throwaway taunts, abuse & ignorance.

No wonder experts are stepping away. If you've watched the last 24h, you saw the consequences of Twitter's war on expertise:

Expert voices on #Baltimore got profoundly less engagement & impressions than clout-chasing accounts monetizing misinformation, sensationalism & conspiracy theorizing.

Growing push to spread misleading cybersecurity claims about voting in the run-up to November.

Nothing to do with actual cybersecurity research into election integrity.

This is a perception-shaping strategy to create the option for a Trump-led rejection of a genuine result. 2/ Cybersecurity experts saying most things are, in theory, hackable...

...are NOT confirming misinformation about the November election.

'In theory we could go to Mars' doesn't manifest a rocket ship on the pad, ready to launch in November.

Good lord.

US warned Russia of possible imminent terror attack.

Putin publicly dismissed the warnings on March 19th.

Those attacks seem to have just happened.

The State media report of Putin dismissing the terrorism warnings is still online.

Link to the archived copy in case it is deleted.

(Note Screenshot in my 1st tweet = machine translated)
Via @internetarchive @waybackmachine
web.archive.org/web/2024031913…

BREAKING: more 🇺🇸American officials hacked with mercenary spyware...

...and six more countries join anti-spyware-proliferation pact at #SummitForDemocracy.

Europe:#Finland #Germany #Ireland #Poland
Asia:#Japan #SouthKorea

Big deal 1/

By @snlyngaas
cnn.com/2024/03/17/pol…






2/ Discovery of more hacked 🇺🇸US officials underscores: mercenary spyware proliferation remains a blinking threat to US #NationalSecurity

A growing list of governments (16 pledge signatories by my count) clearly sees the same risk.

The signatory list is extremely interesting..

NOW: #Navalny's Chief of Staff just attacked.

Assailant smashed @leonidvolkov's car window then teargassed & beat him with hammer.

Occurred at his home in #Lithuania just now.

Developing story at @meduza_en
meduza.io/en/news/2024/0…


2/ Countries like #Lithuania are a (relative) safe haven for Russian dissidents to continue work.

Tonight's brutal assault of @leonidvolkov threatens to chill this sense of protection.

It must be quickly, comprehensively & transparently investigated by competent authorities.

BREAKING: US Treasury sanctions commercial spyware consortium & key enablers for spyware abuses.

OFAC designations = America’s big gun.

First time they’re used against a mercenary spyware company.

Huge deal, let me break the #sanctions against #Intellexa down 1/

2/. The @USTreasury OFAC sanctions hit across the #Intellexa consortium, a multi-jurisdictional web of spyware & surveillance dealing.

(most notorious for #Predator spyware)

They start at the top: the notorious Tal Dilian. And Sara Hamou, a corporate shell specialist.

PROTECT YOUR PRIVACY: turn off Twitter calls.

The feature was just enabled for everyone.

Cue spam, harassment & privacy risks.

Troublingly, the feature exposes your IP address in calls.

PICS: instructions on how to turn it off.

Via: tomsguide.com/computing/chan…




2/ Security side: Adding a call stack = big new attack surface.

In the context of X's gutted security teams, you have a recipe for trouble.

There's a reason device-to-device call apps are heavily targeted by sophisticated attackers.

Story @iblametom
forbes.com/sites/thomasbr…

Progressives saying they won't vote...

Will be out protesting when Trump wins & begins the evil things he's promised to do.

It will be too late. I remember the protest vote conversations in 2016.

And the post-election regret when the harm was done.

The writing is on the wall for another Trump presidency.

Fortunately, there's something YOU, fellow voter, can do to stop it.

The Tucker Carlson grocery price video (Russia is so cheap you'll be radicalized, folks!) is tragic & funny.

My guy, the grocery bill you're rhapsodizing about is ~SEVENTY PERCENT of a median Russian weekly salary (13.4k RUB) 🧵

Data: en.wikipedia.org/wiki/List_of_R…




2/ Ignore Tucker & the many accounts spamming the video.

Russia is in a well-documented food affordability crisis.

Even before Putin's disastrous invasion, Russians struggled to afford food.

Now it's so bad Putin felt compelled to apologize for skyrocketing *egg prices*

BREAKING: #Pegasus used in 🇵🇱#Poland, confirms PM @donaldtusk.

"Very, very long" victim list.

Vindication.

When we @citizenlab first confirmed the hacking we & victims were targeted w/harassment & disinformation.

Via (PL machine trans.) h/t @RonDeibert polskieradio24.pl/5/1222/artykul…
2/ PM @donaldtusk's announcement opens next chapter in journey towards accountability for #Pegasus abuses in #Poland.

Our first investigation was triggered when @Apple's threat notifications began landing in Poland in 2021. Underling their value.👇

https://twitter.com/jsrailton/status/1720345059475034148

NEW INVESTIGATION: uncovers #PAPERWALL a global 🇨🇳pro-Beijing *targeted* harassment & disinformation operation.

Runs websites posing as news outlets in 30 countries.

My @citizenlab colleague @albefittarelli has attributed it to a Chinese PR firm.. 1/
citizenlab.ca/2024/02/paperw…






2/ #PAPERWALL hides disinformation plain sight amidst a flood of unrelated junk content & press releases.

And supports highly-targeted attacks on individuals perceived as threats to 🇨🇳#Beijing

Recommended THREAD by @albefittarelli 👇 #China

https://twitter.com/albefittarelli/status/1755215514421338598

WOW: ~ 50% of 0day exploits against Google/Android products now come from commercial vendors.

"if governments ever had a monopoly on the most sophisticated capabilities, that era is certainly over"

Timely NEW REPORT by @Google TAG

Some takeaways🧵 1/
blog.google/threat-analysi…


2/ First, Google's own investigations are surfacing harms associated with mercenary spyware.

Key area: it's being being used around elections & key issues.

(Side note, I really appreciate that TAG w/ help from @Jigsaw chose to highlight victim stories up front)

NEW: @StateDept won't give visas to individuals involved in mercenary #spyware abuses.

No 🇺🇸Disneyworld trip if you...

❌Abused commercial spyware
❌Got financial benefit from the misuse (e.g. your company sold it)

This is targeted & will hurt 1/
state.gov/announcement-o…




2/ Linking mercenary spyware targeting to extrajudicial killings...

@SecBlinken & @StateDept are not mincing words.

Crystal clear: US sees the unchecked proliferation of commercial / mercenary spyware as a major problem for human rights AND 🇺🇸national security...

Twitter's AI bot problem:

Pic 1: spam account posts AI-generated *description* of an image without the image.

Pics 2-4
Swarms of blue-check verified bots reply with equally generated replies complimenting the nonexistent image.

h/t @chrismohney





Just zombies responding to zombies. I love @chrismohney's take.

And when you do actually read a real popular post, you feel blue check bot accounts gumming up any possibility of actual conversation with generated garbage.

What a death spiral.

https://twitter.com/chrismohney/status/1753788219982819449