The Former Israeli Spies Working in Top Jobs at Google, Facebook and Microsoft – MintPress - June 2023

AMintPress study has found that hundreds of former agents of the notorious Israeli spying organization, Unit 8200, have attained positions of influence in many of the world’s biggest tech companies, including Google, Facebook, Microsoft and Amazon.

The Israeli Defense Forces’ (IDF) Unit 8200 is infamous for surveilling the indigenous Palestinian population, amassing kompromat on individuals for the purposes of blackmail and extortion. Spying on the world’s rich and famous, Unit 8200 hit the headlines last year, after the Pegasus scandal broke. Former Unit 8200 officers designed and implemented software that spied on tens of thousands of politicians and likely aided in the killing of Saudi journalist Jamal Khashoggi.

#NSO #Pegasus #Israel #Unit8200 #ProjectNimbus #Google #Meta #Facebook #Microsoft #Intel #spyware #surveillance

edri@eupolicy.social - 1/2 📨 #OpenLetter: 80 civil society, media, publishers and broadcasters organisations, and trade unions are calling on @EP_Justice to BAN #spyware deployment against journalists without exceptions in the European #MediaFreedom Act

The recently adopted @EUCouncil  approach to the EMFA would permit the use of intrusive spware against journalists on the basis of 'national security' reasons

✊🏾We are urging @EP_Justice  MEPs to oppose this and ensure that the EMFA meaningfully protects journalists.

edri@eupolicy.social - 2/2 As @EP_Justice  negotiations on EMFA reach a critical point, we're calling on MEPs to:

✅ eliminate national security exception
✅ restrict the list of crimes allowing repressive measures against journalists
✅  include strong legal safeguards to protect free & independent press

Read the open letter: https://edri.org/wp-content/uploads/2023/04/Open-Letter-Council-Protection-of-Journalists-Against-Spyware-in-EMFA.pdf

The U.S. government has banned European commercial spyware manufacturers Intellexa and Cytrox - BleepingComputer - July 2023

The U.S. government has banned European commercial spyware manufacturers Intellexa and Cytrox, citing risks to U.S. national security and foreign policy interests.

The Commerce Department's Bureau of Industry and Security (BIS) added four commercial entities to its Entity List: Intellexa S.A. from Greece, Intellexa Limited from Ireland, Cytrox Holdings Zrt from Hungary, and Cytrox AD from North Macedonia.

This decision was motivated by the four companies' involvement in trafficking cyber exploits used to gain unauthorized access to the devices of high-risk individuals worldwide, threatening their security and privacy

#Intellexa #Cytrox #Greece #Macedonia #Hungary #Ireland #EU #US #Spyware

#Predator

China identifies the culprits behind cyberattack on Wuhan Earthquake Monitoring Center; a secretive US global reconnaissance system to be exposed - Global Times –

Investigation into a cyberattack incident targeting the Wuhan Earthquake Monitoring Center affiliated to the city's Emergency Management Bureau, after a joint investigation team formed by the National Computer Virus Emergency Response Center (CVERC) and Chinese cybersecurity company 360 discovered malicious backdoor software that exhibits characteristics of US intelligence agencies, the Global Times learned on Monday. Chinese authorities will publicly disclose a highly secretive global reconnaissance system of the US government, which poses a serious security threat to China's national security and world peace.

#China #Wuhan #NSA #USA #Spyware #backdoor

Israeli Shin Bet opposes Pegasus probe, cites security concerns | Al Mayadeen English – August 2023

The Israeli internal security agency, the Shin Bet, told Israeli Prime Minister Benjamin Netanyahu and the "National Security Council" that it opposed Israeli Justice Minister Yariv Levin's proposal to grant an investigative committee the authority to probe the Pegasus spyware, according to I24news Israeli Website.

Levin is set to propose to the government on Sunday to grant the committee the authority to look into the Pegasus spyware scandal.

The Shin Bet informed Netanyahu and the security council of its opposition to Levin's proposal for several reasons, most notably the exposure of its capabilities to the Israeli public, which may lead to secrets being exposed.

#Pegasus #NSO #Israel #SinBet
#spyware

New Flaw in Apple Devices Led to Spyware Infection, Researchers Say

Researchers at digital watchdog group Citizen Lab said on Thursday they found #spyware they linked to Israeli firm #NSO that exploited a newly discovered flaw in #Apple (AAPL.O) devices.

While inspecting the Apple device of an employee of a Washington-based civil society group last week, Citizen Lab said it found the flaw had been used to infect the device with NSO's Pegasus spyware, it said in a statement.

🔗Source: Reuters

Substack | Twitter | Minds

📡 Follow:
@G3News

Citizen Lab (@citizenlab): "🚨🚨WE URGE EVERYONE TO UPDATE THEIR APPLE DEVICES AS SOON AS POSSIBLE. We have found an actively exploited #zero #click vulnerability that was used to deliver #NSO group’s #Pegasus #spyware. https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/" | nitter – https://nitter.net/citizenlab/status/1699873620070191520#m

Israeli Cyber Firms Unveil Groundbreaking Spyware Tool

According to a recent article in Haaretz, the Israeli cyber industry has unveiled a cutting-edge spyware tool that has been dubbed InsaneT.

This highly advanced technology reportedly possesses capabilities that make it virtually impervious to existing defense mechanisms. As the article states, “Israeli cyber firms have developed an insane new spyware tool, and no defense exists.”

The tool’s sophistication has caught the attention of experts and cybersecurity professionals worldwide. It has the potential to reshape the landscape of cyber warfare and espionage, making it both a remarkable achievement and a significant cause for concern.

The InsaneT spyware tool’s capabilities remain shrouded in secrecy, but it is said to be capable of infiltrating even the most secure networks and devices, bypassing traditional security measures with ease

#Israel #Spyware #InsaneT


fud ?

Madagascar Drops Predator Spyware on Citizens in Watering Hole Attack

Madagascar's government services — such as police or domestic intelligence — have apparently purchased and leveraged Predator to conduct political domestic surveillance ahead of a presidential election in November.

According to research by Sekoia, the effort was a watering hole attack: Links to download the spyware were added to WordPress blogs containing genuine articles taken from the Madagascan newspaper Midi Madagasikara. Anyone looking for the legitimate story could have ended up on the malicious page and gone on to download the spyware, according to the firm. The malicious links were obscured with URL shorteners.

Active Lycantrox infrastructure illumination - Sekoia.io

#Predator #Intellexa #spyware #Madagascar

Global: ‘Predator Files’ investigation reveals catastrophic failure to regulate surveillance trade  | Amnesty International –

“The ‘Predator Files’ investigation shows what we have long feared: that highly invasive surveillance products are being traded on a near industrial scale and are free to operate in the shadows without oversight or any genuine accountability. It proves, yet again, that European countries and institutions have failed to effectively regulate the sale and transfer of these products,”

A comprehensive report on the Amnesty International Security Lab’s findings, ‘The Predator Files: Caught in the Net’, will be published on 9 October. 

#Predator #Intellexa #Israel #EU #Spyware

India: Damning new forensic investigation reveals repeated use of Pegasus spyware to target high-profile journalists - Amnesty International –

Forensic investigations by Amnesty International’s Security Lab confirmed that Siddharth Varadarajan, Founding Editor of The Wire, and Anand Mangnale, the South Asia Editor at The Organised Crime and Corruption Report Project (OCCRP), were among the journalists recently targeted with Pegasus spyware on their iPhones, with the latest identified case occurring in October 2023.

#India #Pegasus #NSO #Spyware #Iphones

Kaspersky reveals new method to detect Pegasus spyware | Kaspersky –

Kaspersky's Global Research and Analysis Team (GReAT) has developed a lightweight method to detect indicators of infection from sophisticated iOS spyware such as #Pegasus, #Reign, and #Predator through analyzing Shutdown.log, a previously unexplored #forensic artifact.

The company’s experts discovered Pegasus infections leave traces in the unexpected system log, Shutdown.log, stored within any mobile #iOS device’s sysdiagnose archive. This archive retains information from each reboot session, meaning anomalies associated with the Pegasus malware become apparent in the log if an infected user reboots their device.

Among those identified were instances of ”sticky“ processes impeding reboots, particularly those linked to Pegasus, along with infection traces discovered through cybersecurity community observations.

#Pegasus #NSO #Reign #Predador #iOS #Spyware #Malware #Kapersky #MobileForensics #CyberSec

Some recent cases of Spanish government mafias using israeli #spyware against other gangs or population.
Some Spanish politicians including the president and the minister of war were also targeted by other country government mafias
#pagasus #cellebrite


Hacienda adquiere un 'software' israelí para cribar datos en el móvil de los contribuyentes
https://theobjective.com/economia/2024-01-11/hacienda-software-espia-israel-contribuyente/

La CNMC usa en secreto un 'software' policial israelí para clonar móviles de empresarios
https://theobjective.com/espana/2023-07-06/cnmc-software-cellebrite-clonar-moviles/

La UE rechaza investigar el 'caso Pegasus' porque ya está en los tribunales de España
https://theobjective.com/espana/tribunales/2023-12-12/ue-pegasus-tribunales-espana/

Confirming Large-Scale Pegasus Surveillance of Jordan-based Civil Society | The Citizen Lab

As part of a collaborative investigation led by Access Now, Citizen Lab researchers conducted forensic analysis of iPhones belonging to members of Jordan-based civil society

The investigation into the targeting of Jordanian civil society with Pegasus was led by Access Now, with the collaboration of Access Now’s local partners, alongside Amnesty Tech, the Citizen Lab, Human Rights Watch, and the Organized Crime and the Corruption Reporting Project.

The investigation found that at least 35 individuals were infected or targeted with Pegasus spyware, from at least 2019 until September 2023, but does not preclude the possibility of infections occurring before or after this timeframe.

#Pegasus #NSO #Spyware #Jordan

"Is Pegasus 2.0 coming?

Apple warns iPhone users in India and 91 other countries about potential spyware attacks. The company previously sent similar warnings to Indian politicians, suggesting possible state-sponsored spyware attacks."

Apple warns some Indian users their iPhone may be bugged by Pegasus-type spyware | Technology News - The Indian Express -

#Pegasus #NSO #Apple #iPhone #India #Spyware

iOS LightSpy Returns: Renewed Espionage Campaign Targets Southern Asia, Possibly India

LightSpy possesses modules designed to exfiltrate device information and saved files, including data from popular messenger applications such as QQ, WeChat, and Telegram. It also has a plugin capable of crawling the payment history of the victim from WeChat Pay (Weixin Pay in China). It can additionally access a user’s contacts, SMS messages, phone call history, GPS location, connected WiFi history, and the browser history of Safari and Chrome. This comprehensive set of features can turn a user’s infected phone into a potent spying device.

@androidMalware
#LightSpy #Spyware #India #SouthAsia #Asia #iOS

XAgent Spyware Targeting iOS Devices in Western Europe: Analysis of Capabilities – Linkedin

XAgent is a spyware targeting iOS devices, representing a mobile implant. Publicly attributed to the group APT28 (also known as Sofacy or Fancy Bear), XAgent is consistent with TTPs of targeting government entities, political organizations, and individuals of interest for cyber espionage purposes.

The XAgent iOS implant exhibits advanced functionalities for comprehensive data collection, exfiltration and potential remote control, aligning with APT28's objectives of gathering intelligence and maintaining persistent access to compromised systems.

Via @androidMalware
#iOS #XAgent #Spyware #Espionage #APT #APT28 #Sofacy #FancyBear

Microsoft Recall should make you consider Linux
It was hard to miss the irony in Microsoft’s latest product announcement.

A new feature named “Recall” takes snapshots of whatever is on-screen on a #Windows 11 computer, every few seconds, and then stores it locally on-disk. Unfortunately it turns out that the analyzed data is stored in plaintext, leaving users’ private activity vulnerable to hackers. As security researcher Kevin Beaumont pointed out, “Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code.”

And yet #Microsoft named it “Recall.” It’s an interesting choice, given the problems it’s likely to create...

https://creativegood.com/blog/24/recall-switch-to-linux.html

#why #spyware

Everything you do with a #windows 11 computer is being recorded by microsoft

now a non #microsoft operative has found a way to extract this info

the result ? : info on everything you have been doing with a laptop is possible to be captured by a hacker

https://www.wired.com/story/total-recall-windows-recall-ai/

Dubbed TotalRecall the tool can pull all the information that Recall saves into its main database on a Windows laptop.

>"The database was easy prey," Hagenah says.

Since Microsoft revealed Recall in mid-May, security researchers have repeatedly compared it to spyware or stalkerware that can track everything you do on your device.

They were correct.

>"It's a Trojan 2.0 really, built in," Hagenah says, adding that he built TotalRecall only in order to show what is possible to capture peoples information. He is not going to do it himself but hopes Microsoft takes action after seeing this happen. So that people are safe.

Included in what the database captures are screenshots of whatever is on your desktop -- a potential gold mine for criminal hackers or domestic abusers who may physically access their victim's device. Images include captures of messages sent on encrypted messaging apps Signal and WhatsApp, and remain in the captures regardless of whether disappearing messages are turned on in the apps. There are records of websites visited and every bit of text displayed on the PC.

Once TotalRecall has been deployed, it will generate a summary about the data; it is also possible to search for specific terms in the database. Hagenah says an attacker could get a huge amount of information about their target, including insights into their emails, personal conversations, and any sensitive information that's captured by Recall.

Hagenah's work builds on findings from cybersecurity researcher Kevin Beaumont, who has detailed how much information Recall captures and how easy it can be to extract it.

https://github.com/xaitax/TotalRecall

#why #spyware #recall