EUVD-2023-24219

Malicious code in bioql PyPI...

EUVD-2024-18098

Malicious code in bioql PyPI...

Court Rules Against NSO Group

The case is over: A jury has awarded WhatsApp $167 million in punitive damages in a case the company brought against Israel-based NSO Group for exploiting a software vulnerability that hijacked the phones of thousands of users. I'm sure it'll be appealed. Everything always is...

WhatsApp hack: Meta wins payout over NSO Group spyware

Meta has won almost $170m in damages from Israel-based NSO Group, maker of the Pegasus spyware. The ruling comes after a six-year legal case against the company after Meta accused it of misusing its servers to spy on users. According to the original complaint against NSO Group, filed in October...

Israeli NSO Group Fined $168M for Pegasus Spyware Attack on WhatsApp

US jury orders NSO Group to pay $168M to WhatsApp and Meta over Pegasus spyware use in 2019…...

NSO Group Fined $168M for Targeting 1,400 WhatsApp Users With Pegasus Spyware

A federal jury on Tuesday decided that NSO Group must pay Meta-owned WhatsApp WhatsApp approximately $168 million in monetary damages, more than four months after a federal judge ruled that the Israeli company violated U.S. laws by exploiting WhatsApp servers to deploy Pegasus spyware, targeting...

WhatsApp Case Against NSO Group Progressing

Meta is suing NSO Group, basically claiming that the latter hacks WhatsApp and not just WhatsApp users. We have a procedural ruling: Under the order, NSO Group is prohibited from presenting evidence about its customers' identities, implying the targeted WhatsApp users are suspected or actual...

Spyware Maker NSO Group Is Paving a Path Back Into Trump’s America

The Israeli spyware maker, still on the US Commerce Department’s “blacklist,” has hired a new lobbying firm with direct ties to the Trump administration, a WIRED investigation has found...

Blasting Past Webp

An analysis of the NSO BLASTPASS iMessage exploit Posted by Ian Beer, Google Project Zero On September 7, 2023 Apple issued an out-of-band security update for iOS: Around the same time on September 7th 2023, Citizen Lab published a blog post linking the two CVEs fixed in iOS 16.6.1 to an "NSO Gro...

Targeted spyware and why it’s a concern to us

Experts are again warning about the proliferating market for targeted spyware and espionage. Before we dive into the world of targeted spyware, it's worth looking at a few of the main players that are active in and against this industry. Paragon Solutions is an Israeli company which sells high-en...

WhatsApp Wins Lawsuit Against Israeli Spyware Maker NSO Group

A US court ruled against NSO Group, an Israeli spyware maker, finding them liable for hacking WhatsApp users. The ruling has major implications for the surveillance technology industry."...

Spyware Maker NSO Group Found Liable for Hacking WhatsApp

A judge has found that NSO Group, maker of the Pegasus spyware, has violated the US Computer Fraud and Abuse Act by hacking WhatsApp in order to spy on people using it. Jon Penney and I wrote a legal paper on the case...

U.S. Judge Rules Against NSO Group in WhatsApp Pegasus Spyware Case

Meta Platforms-owned WhatsApp scored a major legal victory in its fight against Israeli commercial spyware vendor NSO Group after a federal judge in the U.S. state of California ruled in favor of the messaging giant for exploiting a security vulnerability to deliver Pegasus. "The limited...

NSO Group Spies on People on Behalf of Governments

The Israeli company NSO Group sells Pegasus spyware to countries around the world including countries like Saudi Arabia, UAE, India, Mexico, Morocco and Rwanda. We assumed that those countries use the spyware themselves. Now we've learned that that's not true: that NSO Group employees operate the...

Why Italy Sells So Much Spyware

Interesting analysis: Although much attention is given to sophisticated, zero-click spyware developed by companies like Israel’s NSO Group, the Italian spyware marketplace has been able to operate relatively under the radar by specializing in cheaper tools. According to an Italian Ministry of...

CVE-2021-1132 Cisco Network Services Orchestrator Path Traversal Vulnerability

A vulnerability in the API subsystem and in the web-management interface of Cisco Network Services Orchestrator NSO could allow an unauthenticated, remote attacker to access sensitive data. This vulnerability exists because the web-management interface and certain HTTP-based APIs do not properly...

NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta's Lawsuit

Legal documents released as part of an ongoing legal tussle between Meta's WhatsApp and NSO Group have revealed that the Israeli spyware vendor used multiple exploits targeting the messaging app to deliver Pegasus, including one even after it was sued by Meta for doing so. They also show that NSO...

Bitfinex Hacker Gets 5 Years for $10 Billion Bitcoin Heist

Plus: An “AI granny” is wasting scammers’ time, a lawsuit goes after spyware-maker NSO Group’s executives, and North Korea–linked hackers take a crack at macOS malware...

THN Cybersecurity Recap: Last Week's Top Threats and Trends (September 16-22)

Hold on tight, folks, because last week's cybersecurity landscape was a rollercoaster! We witnessed everything from North Korean hackers dangling "dream jobs" to expose a new malware, to a surprising twist in the Apple vs. NSO Group saga. Even the seemingly mundane world of domain names and cloud...

Apple Drops Spyware Case Against NSO Group, Citing Risk of Threat Intelligence Exposure

Apple has filed a motion to "voluntarily" dismiss its lawsuit against commercial spyware vendor NSO Group, citing a shifting risk landscape that could lead to exposure of critical "threat intelligence" information. The development was first reported by The Washington Post on Friday. The iPhone...