CyberSecurityBoard
Sponsor Register Login

Citizen Lab details ongoing battle against spyware vendors

Citizen Lab senior researcher Bill Marczak said that while the organization has achieved some important wins against spyware proliferation, the progress is inevitably hindered by vendors that continually adapt their technologies and practices.
The Citizen Lab at the University of Toronto's Munk School has become one of the foremost authorities on commercial spyware and surveillance technology for mobile devices.
One of the main challenges Citizen Lab faces, he said, is vendors constantly adapting and changing tactics to allow the continuation of spyware use.
NSO Group was one significant spyware player he highlighted, known for developing the Pegasus spyware used against U.K. government officials in 2022.
In 2014, for example, a hacker leaked files allegedly stolen from Gamma Group International, a surveillance software vendor behind the FinFisher spyware product.
The spyware vendors must be on hand to aid customers in their attempts to target specific individuals and bypass security features while remaining undetected.
Although spyware is marketed for use against criminals and terrorists, Marczak said it's often abused for political purposes.
That's where mercenary spyware comes in, Marczak said.
A lawsuit filed by Khashoggi's widow claimed that the Saudi government and NSO Group deployed spyware to intercept her husband's communications.
Citizen Lab investigations often involve tracking NSO spyware through IP address scans and fingerprinting.
Another challenge with spyware vendors is how they assist customers in circumventing precautions that the target is taking on their own or protections that are built into users' devices.
Targets receive SMS messages with links to spyware vendors' infrastructure, which Citizen Lab analyzes.
Marczak emphasized the importance of log analysis in the spyware fight.
Commercial spyware vendors aren't the only companies to change their technology or practices.
Another significant threat to mobile devices is zero-click exploits, which require no user interaction for attackers to deploy spyware.
Pegasus is one example of spyware that uses zero-click exploits for Android or Apple devices.
In the 2021 lawsuit, Apple claimed that the zero-click exploit was used to spread spyware through its servers.
Mobile technology companies have made some progress in curbing the spyware threat.
Though victims can still be targeted, Marczak said it prevents many types of spyware infections.
In response to ForcedEntry in 2021, Apple started sending out notifications to warn users if they were targeted by mercenary spyware and nation-state threats.


This Cyber News was published on www.techtarget.com. Publication date: Tue, 30 Jan 2024 00:43:04 +0000


Cyber News related to Citizen Lab details ongoing battle against spyware vendors

Citizen Lab details ongoing battle against spyware vendors - Citizen Lab senior researcher Bill Marczak said that while the organization has achieved some important wins against spyware proliferation, the progress is inevitably hindered by vendors that continually adapt their technologies and practices. The ...
7 months ago Techtarget.com
US Uses Visa Restrictions in Struggle Against Spyware - The United States will impose visa restrictions on foreign individuals who have been involving the misuse of spyware, the latest effort by the Biden Administration to address the dangers of the commercial software that often is used by governments ...
7 months ago Securityboulevard.com
Spyware isn't going anywhere, and neither are its tactics - The illegal use of spyware to target high-profile or at-risk individuals is a global problem, as highlighted by this article from The Register that Talos' Nick Biasini just contributed to. As we've written about, many Private Sector Offensive Actors ...
7 months ago Blog.talosintelligence.com
Intellexa Spyware Adds Persistence with iOS or Android Device - In the shadowy realm of commercial spyware, the spotlight turns to the notorious Intellexa spyware and its Predator/Alien solution, as dissected by Cisco Talos in their comprehensive May 2023 report. This expose navigates the labyrinthine intricacies ...
9 months ago Gbhackers.com
Intellexa and Cytrox: From fixer-upper to Intel Agency-grade spyware - Cisco Talos has a new, in-depth analysis of timelines, operating paradigms and procedures adopted by spyware vendor Intellexa. Talos' analysis revealed that rebooting an iOS or Android device may not always remove the Predator spyware produced by ...
9 months ago Blog.talosintelligence.com
Google says spyware vendors behind most zero-days it discovers - Commercial spyware vendors were behind 80% of the zero-day vulnerabilities Google's Threat Analysis Group discovered in 2023 and used to spy on devices worldwide. Zero-day vulnerabilities are security flaws the vendors of impacted software do not ...
7 months ago Bleepingcomputer.com
What is Spyware? How It Works and How to Protect Yourself Against It - Spyware is a type of malicious software that is designed to collect sensitive data from victims without their knowledge or consent. It is typically installed on computers without the user’s knowledge or consent, and collects sensitive information ...
1 year ago Heimdalsecurity.com
Is Your Organization Infected by Mobile Spyware? - The surge in mobile device usage within organizations has inevitably opened the floodgates to a new kind of cyber threat-mobile spyware. The growing dependence on mobile technology has made it imperative for organizations to recognize and mitigate ...
9 months ago Blog.checkpoint.com
Kaspersky Details Method for Detecting Spyware in iOS - Researchers with cybersecurity firm Kaspersky are detailing a lightweight method for detecting the presence of spyware, including The NSO Group's notorious Pegasus software, in Apple iOS devices. The new method, which calls for looking for traces of ...
8 months ago Securityboulevard.com
US announces visa ban on those linked to commercial spyware - Secretary of State Antony J. Blinken announced today a new visa restriction policy that will enable the Department of State to ban those linked to commercial spyware from entering the United States. As part of this effort, the Biden Administration ...
7 months ago Bleepingcomputer.com
U.S. rolls out visa restriction policy on people who misuse spyware to target journalists, activists - WASHINGTON - The Biden administration announced Monday it is rolling out a new policy that will allow it to impose visa restrictions on foreign individuals involved in the misuse of commercial spyware. The administration's policy will apply to people ...
7 months ago Pbs.org
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
9 months ago Esecurityplanet.com
Pegasus Spyware Targets Jordanian Civil Society in Wide-Ranging Attacks - Journalists, lawyers, and human-rights activists in the Middle Eastern nation of Jordan face increased surveillance from the controversial Pegasus spyware app, with nearly three dozen civilians targeted over the past four years. According to an ...
7 months ago Darkreading.com
US to Roll Out Visa Restrictions on People Who Misuse Spyware to Target Journalists, Activists - The Biden administration announced Monday it is rolling out a new policy that will allow it to impose visa restrictions on foreign individuals involved in the misuse of commercial spyware. The administration's policy will apply to people who've been ...
7 months ago Securityweek.com
Apple fixes two new iOS zero-days in emergency updates - Apple released emergency security updates to fix two zero-day vulnerabilities exploited in attacks and impacting iPhone, iPad, and Mac devices, reaching 20 zero-days patched since the start of the year. "Apple is aware of a report that this issue may ...
9 months ago Bleepingcomputer.com
Days After Google, Apple Reveals Exploited Zero-Day in Browser Engine - Apple has patched an actively exploited zero-day bug in its WebKit browser engine for Safari. Actively Exploited Apple yesterday described the vulnerability as something an attacker could exploit to execute arbitrary code on affected systems. ...
8 months ago Darkreading.com
Meta Disrupts 8 Spyware Firms, 3 Fake News Networks - Meta has identified and interrupted six spyware networks linked to eight companies in Italy, Spain, and the United Arab Emirates, as well as three fake news operations from China, Myanmar, and Ukraine. It outlines how fake news operations - ...
7 months ago Darkreading.com
SentinelLabs uncovers new CapraRAT spyware targeting Android users - A new report released today by SentinelLabs, the research arm of listed cybersecurity company SentinelOne Inc., warns of a resurgence of CapraRAT spyware targeting mobile gamers and weapons enthusiasts through malicious Android applications. CapraRAT ...
2 months ago Siliconangle.com
Vendor Penalized by New York Attorney General for Advertising Unlawful Spyware - The New York Office of the Attorney General has taken action against Patrick Hinchy and the 16 companies he owns for illegally selling and promoting spyware. Since 2011, Hinchy has been running these companies, which offer spyware for Android and iOS ...
1 year ago Securityweek.com
Omdia: Standalone Security Products Outsell Cybersecurity Platforms - In its many briefings with cybersecurity vendors, one of the most consistent themes Omdia hears is why enterprises need cybersecurity platforms. Instead, vendors claim, enterprises could get better outcomes if they give up their multitude of ...
9 months ago Darkreading.com
Critics of Putin and his allies targeted with spyware inside the EU - At least seven journalists and activists who have been vocal critics of the Kremlin and its allies have been targeted inside the EU by a state using Pegasus, the hacking spyware made by Israel's NSO Group, according to a new report by security ...
3 months ago Packetstormsecurity.com
New Android Spyware Employs Tactics to Deceive Malware Analyst - In the dynamic realm of mobile application security, cybercriminals employ ever more sophisticated forms of malware, with code obfuscation standing out as a deceptive technique. This method intentionally distorts code elements, rendering them ...
9 months ago Cybersecuritynews.com
Google Patches Another Chrome Zero-Day as Browser Attacks Mount - For the fourth time since August, Google has disclosed a bug in its Chrome browser technology that attackers were actively exploiting in the wild before the company had a fix for it. Integer Overflow Bug The latest zero-day, which Google is tracking ...
9 months ago Darkreading.com
'GhostRace' Speculative Execution Attack Impacts All CPU, OS Vendors - Researchers at IBM and VU Amsterdam have developed a new attack that exploits speculative execution mechanisms in modern computer processors to bypass checks in operating systems against what are known as race conditions. The attack leverages a ...
6 months ago Darkreading.com
Intellexa: Irish-linked spyware used in 'brazen attacks' - The Irish government is set to investigate a digital surveillance alliance that has been accused of letting its smartphone spyware "Run wild across the world", BBC News NI understands. It comes after Intellexa Limited and its parent company ...
9 months ago Bbc.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)