• Spyware: Why the Booming Surveillance Tech Industry Is Vulnerable to Corruption and Abuse

    The latest revelations about NSO Group’s Pegasus spyware are the latest indication that the spyware industry is out of control, with licensed customers free to spy on political and civilian targets as well as suspected criminals. We may be heading to a world in which no phone is safe from such attacks.

  • Growing Unease in Israel over Pegasus Case

    Israel is worried that the Pegasus spyware revelations may turn a PR black eye into a diplomatic crisis. Israel never exhibited any qualms about dealing with and selling arms to pretty unsavory regimes, but such deals were typically kept secret. The fact that the Israeli Ministry of Defense authorized the NSO Group to sell the Pegasus spyware to regimes which then used it to spy on opposition figures, civil society activists, and journalists – and, in the case of Saudi Arabia, to track Jamal Khashoggi and kill him — has raised questions about what did the government know and when did it know it.

  • Detecting, Blocking Grid Cyberattacks

    Researchers have designed and demonstrated a technology that can block cyberattacks from impacting the nation’s electric power grid.

  • Macron’s Secure Mobile Phone Compromised by Pegasus Spyware

    The secure smartphone of French president Emmanuel Macron was compromised by the Pegasus surveillance malware. It was surreptitiously installed by Moroccan intelligence operatives, who introduced the virus into the phones of former Prime Minister Edouard Philippe and fourteen other current and former French cabinet ministers.

  • Journalists, Activists among 50,000 Targets of Israeli Spyware: Reports

    Israeli cyber firm NSO Group claims that its Pegasus surveillance malware is sold to governments so they can better track terrorists and criminals, but many of the 45 governments deploying the surveillance software use it to track journalists, opposition politicians, and civil society activists. Some of these governments are authoritarian (for example, Azerbaijan, Bahrain, Kazakhstan, UAE, Saudi Arabia). Other are democracies (for example, India, Mexico, South Africa). The only EU member country to deploy the surveillance malware is Hungary, which places it in violation of the EU’s strict privacy and surveillance regulations.

  • China Spy Agency Using Contract Hackers to Extort, Destabilize Western Companies

    The United States and its allies in Europe and Asia have charged that China’s Ministry of State Security is employing criminal contract hackers to conduct cyber operations globally, from which the hackers personally profit. The activities include ransomware operations against private companies which are forced to pay millions in ransom demands to regain access to their data.

  • Germany Fights Cyberattacks and Fraud Claims to Ensure Fair Election

    Germany is in the middle of an election year that will see unprecedented use of mail-in ballots as well as hacker attacks against politicians. Election authorities reject claims of potential voter fraud.

  • Empty Threats and Warnings on Cyber

    It is not easy or simple to fashion a retaliation for cyberattacks, and the United States has been offering proof of that. For at least five years, the United States has been subject to a series of intensifying Russian cyberattacks, and public warnings by the Obama, Trump, and Biden administrations about the “consequences” for Russia have so far done little, if anything, to deter Russia. “Even if Biden responds to the latest ransomware operations, and he surely will, it is hard to see how he can impose pain enough to slow the operations while at the same time avoiding a serious risk of on-balance harmful escalation,” Jack Goldsmith writes.

  • Closing the Skills Gap in the Cyber Workforce

    There are currently more than three million unfilled cybersecurity jobs globally, and, as high-profile incidents like the Solar Winds attack demonstrate, it is vital to address that shortage. But it is difficult for organizations to find and recruit the cyber talent they need.

  • An Urgent NATO Priority: Preparing to Protect Civilians

    Russia’s hybrid warfare approach calls for attacking the populations of Russia’s adversaries not through WWII-like carpet bombing, but rather with a combination of disinformation campaigns, cyberattacks on critical infrastructure, supporting proxy forces, and backing terrorist attacks. “Should NATO prepare for this scenario? Absolutely,” Victoria Holt and Marl Keenan write.

  • Automatically Finding Buffer Overflow Vulnerabilities

    A typical buffer overflow occurs when a computer program receives a request to process more data than its physical memory is capable of handling all at once and places the excess into a “buffer.” The buffer itself has a finite capacity, so if the buffer can’t handle the excess, it “overflows,” or crashes.

  • The Kaseya Ransomware Attack Is a Really Big Deal

    If you’re not already paying attention to the Kaseya ransomware incident, you should be. Matt Tait writes that it is likely the most important cybersecurity event of the year. “Bigger than the Exchange hacks by China in January. Bigger than the Colonial Pipeline ransomware incident. And, yes, more important than the SolarWinds intrusions last year.”

  • Holding the World to Ransom: The Top 5 Most Dangerous Criminal Organizations Online Right Now

    Ransomware attacks are growing exponentially in size and ransom demand — changing the way we operate online. Understanding who these groups are and what they want is critical to taking them down. Here, we list the top five most dangerous criminal organizations currently online. As far as we know, these rogue groups aren’t backed or sponsored by any state.

  • Full Impact of Russian Ransomware Attack Hard to Estimate

    Hackers associated with the REvil gang, a major Russian ransomware syndicate have demanded $70 million in Bitcoin in exchange for a decryption tool to free the data of companies targeted, but also indicated they were willing to negotiate.

  • Ransomware Cyberattack Hits Hundreds of U.S. Businesses

    U.S. IT company Kaseya urged its customers to shut down their servers after hackers smuggled ransomware onto its network. Such attacks infiltrate widely used software and demand ransom to regain access. The REvil gang, a major Russian-speaking ransomware syndicate, appears to be behind the attack.