»#Apple released software updates on Thursday to address two #zeroday vulnerabilities that researchers said were used to deliver #NSOGroup’s #Pegasus spyware to at least one victim.« https://therecord.media/apple-discloses-two-zero-days-in-new-updates

Ars Technica: Apple patches “clickless” 0-day image processing vulnerability in iOS, macOS https://arstechnica.com/?p=1966414 #Tech #arstechnica #IT #Technology #macosVentura #Security #iPadOS16 #nsogroup #macOS13 #pegasus #watchos #iPadOS #Apple #apple #iOS16 #MacOS #Tech #iOS

@davidhaller @yacc143 @Nonya_Bidniss @BNetzA @bsi

Still, I'm convinced consumer protecion [ @verbraucherzentrale ] will agree that demaing someone to do so via a 3rd party that is outside of Germany / the EU as only option is indeed a violation of one's consumer rights, as there's no means to enforce #GDPR in #Israel due to lack of bilateral agreements.

Otherwise victims of #Pegasus would've sued #NSOgroup years ago and forced them to purge all data in their #SaaS #Govware ...

#Cybersecurity #NSOGroup #Surveillance #Spyware #Pegasus: "NSO Group is an Israeli cyber surveillance firm notorious for Pegasus – an intrusive malware capable of covertly taking control of smartphones and remotely extracting their contents. In 2019, after a series of unflattering reports on governments’ use of Pegasus to infiltrate the phones of activists and journalists, NSO embarked on an uncharacteristically public legitimation campaign. This article focuses on this campaign and explores how this otherwise secretive spyware company publicly legitimizes its surveillance. Based on an empirical analysis of hundreds of public documents across various media, we explore NSO's legitimacy management practices and identify the audiences and contexts of this legitimation. Our analysis identified four legitimation practices: securitization, Zionist patriotism, ethics washing, and normalization. We argue that these legitimation strategies operate across two interrelated axes of legitimation: a local axis that echoes a particularly Israeli ‘security-driven populism’; and a universal axis that follows Silicon Valley's ethics washing. We show that these legitimation axes are designed to simultaneously ensure the company's survivability and to sustain surveillance realism – the perception of surveillance as the only viable option This article contributes to the emerging literature on cyber surveillance firms and to the burgeoning research on the legitimation of surveillance by shedding light on the discursive infrastructures behind contemporary cyber espionage. Moreover, while surveillance is often understood as a global phenomenon, this article highlights the need to focus on the local contexts from which surveillance originates to understand its sustainability, expansion, and vulnerabilities."

https://www.tandfonline.com/doi/full/10.1080/1369118X.2023.2245873

Spain: ‘Lack of cooperation’ from Israel on #Pegasus spyware firm highlights impunity https://www.amnesty.org/en/latest/news/2023/07/spain-lack-of-cooperation-from-israel-on-pegasus-spyware-firm-highlights-impunity/ #Staatstrojaner #NSOGroup

#Spain #EU #Cybersecurity #Spyware #Surveillance #NSOGroup #Pegasus: "Spain's High Court on Monday shelved an investigation into the use of Israeli cyber-intelligence firm NSO Group's "Pegasus" software to spy on Spanish politicians, including Prime Minister Pedro Sanchez and several ministers.

Judge Jose Luis Calama, whose court investigates crimes against government ministers, said the lack of cooperation from Israeli authorities made it impossible to keep the probe open, in a case that had "jeopardized the very security of the State".

Last year the government said Pegasus software was used to spy on ministers, triggering a political crisis in Spain that led to the resignation of its spy chief."

https://www.reuters.com/world/europe/spains-high-court-shelves-israeli-spyware-probe-lack-cooperation-2023-07-10/

Ars Technica: Cyberweapon manufacturers plot to stay on the right side of US https://arstechnica.com/?p=1943094 #Tech #arstechnica #IT #Technology #Cyberwarfare #surveillance #Security #nsogroup #pegasus #Policy

@marcel @cryptoparty nach der Logik müsste #FinFisher als #Govware "#MadeInGermany" ja #WassenaarArrangement kippen und von der @bafa_bund@social.bund.de ständig durchgewunken werden, weil gegenüber #NSOgroup "benachteiligt"...
https://mstdn.social/@kkarhan/110440915836567081

@marcel @cryptoparty wieso?

Die haben effektiv #aufgegeben, weil sonst würde kein Unternehmen sich #Govware mit #Backdoors wie #Windows antun...

Außerdem werden die sich wieder #Ausnahmen lobbyiieren, genauso wie #Verschlüsselung als tTeil von #DRM nicht unter cyberfaschistische Kackshice wie #ITAR & #WassenaarArrangement fällt...

Wärhenddessen verkaufen #Cybersöldner wie #NSOgroup ihren shice wie #Pegasus und ich wette auch die Leute bei #FinFisher landen am Ende nicht im #Knast!

@eff the sheer capability to do #WarrantlessSurveillance should be outlawed and those that continue to do so - including but not limited to #Cybermercenaries for hire like #NSOgroup - should be prosecuted like the #terorrists they are.

@republica @chaosupdates Außerdem sehen wir den massenhaften Einsatz von #Govware wie #FinFisher's #FinSpy oder #NSOgroup's #Pegasus und keinerlei wirkliche Konsequenzen wie ein #Verbit jener Werkzeuge und Geschäftsmodelle des #Cybersöldner|tums...

#NSOgroup and #Unit8200 should be designated as #TerroristOrganizations...

#Govware is always bad and #NSO is even worse as they're #Cybermercenaries for hire.
https://www.youtube.com/watch?v=uk2jUIVMfQE

Apparently, NSO hacked iPhones without user clicks by finding ways to penetrate Apple software. Talk about intrusive. Next thing you know, they'll be hacking into my cat bed without my permission. 😼 #iPhoneHack #NSOGROUP #CatGodOfMischief

https://it.slashdot.org/story/23/04/18/1135233/nso-hacked-iphones-without-user-clicks-in-3-new-ways-researchers-say?utm_source=rss1.0mainlinkanon&utm_medium=feed

Von Ex-Militärs und früheren Mitarbeitern der #NSOGroup gegründete Firma #QuaDream stellt Geschäftstätigkeit ein https://www.heise.de/news/Zero-Click-Exploit-Israelischer-Spyware-Hersteller-QuaDream-macht-dicht-8968998.html #Pegasus #Staatstrojaner

#India #Cybersecurity #Spyware #Pegasus #NSOGroup: "India is hunting for new spyware with a lower profile than the controversial Pegasus system blacklisted by the US government, with rival surveillance software makers preparing bids on lucrative deals being offered by Narendra Modi’s government.

Defence and intelligence officials from the South Asian country have decided to acquire spyware from less exposed competitors to the NSO Group, the Israeli makers of Pegasus, according to people familiar with the move, seeking to spend up to $120mn through new spyware contracts.

About a dozen competitors are expected to join the bidding process, according to two people with knowledge of the talks, stepping into the void created by the pressure on NSO from human rights groups and the administration of US President Joe Biden."

https://www.ft.com/content/7674d7b7-8b9b-4c15-9047-a6a495c6b9c9

Catalonia bans use of Pegasus spyware https://www.euractiv.com/section/politics/news/catalonia-bans-use-of-pegasus-spyware/?utm_source=dlvr.it&utm_medium=mastodon #Catalonia #NSOGroup #Pegasus #spysoftware #spyware

Catalonia bans use of Pegasus spyware https://www.euractiv.com/section/politics/news/catalonia-bans-use-of-pegasus-spyware/?utm_source=dlvr.it&utm_medium=mastodon #Catalonia #NSOGroup #Pegasus #spysoftware #spyware

#USA #Cybersecurity #Spyware #NSOGroup #Pegasus: "The secret contract was finalized on Nov. 8, 2021, a deal between a company that has acted as a front for the United States government and the American affiliate of a notorious Israeli hacking firm.

Under the arrangement, the Israeli firm, NSO Group, gave the U.S. government access to one of its most powerful weapons — a geolocation tool that can covertly track mobile phones around the world without the phone user’s knowledge or consent.

If the veiled nature of the deal was unusual — it was signed for the front company by a businessman using a fake name — the timing was extraordinary.

Only five days earlier, the Biden administration had announced it was taking action against NSO, whose hacking tools for years had been abused by governments around the world to spy on political dissidents, human rights activists and journalists. The White House placed NSO on a Commerce Department blacklist, declaring the company a national security threat and sending the message that American companies should stop doing business with it.

The secret contract — which The New York Times is disclosing for the first time — violates the Biden administration’s public policy, and still appears to be active. The contract, reviewed by The Times, stated that the “United States government” would be the ultimate user of the tool, although it is unclear which government agency authorized the deal and might be using the spyware. It specifically allowed the government to test, evaluate, and even deploy the spyware against targets of its choice in Mexico."

https://www.nytimes.com/2023/04/02/us/politics/nso-contract-us-spy.html?smid=tw-share

Ars Technica: Biden’s executive order limits government’s use of commercial spyware https://arstechnica.com/?p=1927199 #Tech #arstechnica #IT #Technology #lawfulintercept #nsogroup #spyware #Biz&IT

Donnerstag, 16. März, 19.30 Uhr: Netzpolitischer Abend zu #Staatstrojaner, #Pegasus und #NSOGroup mit Donncha Ó Cearbhaill @donncha https://www.digitale-gesellschaft.ch/event/netzpolitischer-abend-zu-staatstrojaner-pegasus-und-nso-group/