<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>spyware &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/spyware/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Tue, 14 Oct 2025 16:06:49 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>Apple’s Bug Bounty Program</title>
		<link>https://noise.getoto.net/2025/10/15/apples-bug-bounty-program/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 15 Oct 2025 11:02:18 +0000</pubDate>
				<category><![CDATA[Apple]]></category>
		<category><![CDATA[exploits]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[vulnerabilities]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70981</guid>

					<description><![CDATA[<p>Apple is now offering a <a href="https://arstechnica.com/security/2025/10/apple-ups-the-reward-for-finding-major-exploits-to-2-million/">$2M</a> <a href="https://www.csoonline.com/article/4071044/apple-bumps-rce-bug-bounties-to-2m-to-counter-commercial-spyware-vendors.html">bounty</a> for a zero-click exploit. According to <a href="https://security.apple.com/blog/apple-security-bounty-evolved/">the Apple website</a>:</p>
<blockquote><p>Today we’re announcing the next major chapter for Apple Security Bounty, featuring the industry’s highest rewards, expanded research categories, and a flag system for researchers to objectively demonstrate vulnerabilities and obtain accelerated awards.</p>
<ol>
<li>We’re doubling our top award to $2 million for exploit chains that can achieve similar goals as sophisticated mercenary spyware attacks. This is an unprecedented amount in the industry and the largest payout offered by any bounty program we’re aware of ­ and our bonus system, providing additional rewards for Lockdown Mode bypasses and vulnerabilities discovered in beta software, can more than double this reward, with a maximum payout in excess of $5 million. We’re also doubling or significantly increasing rewards in many other categories to encourage more intensive research. This includes $100,000 for a complete Gatekeeper bypass, and $1 million for broad unauthorized iCloud access, as no successful exploit has been demonstrated to date in either category.
...</li></ol></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Surveying the Global Spyware Market</title>
		<link>https://noise.getoto.net/2025/09/19/surveying-the-global-spyware-market/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 19 Sep 2025 11:01:02 +0000</pubDate>
				<category><![CDATA[reports]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70837</guid>

					<description><![CDATA[<p>The Atlantic Council has published its second annual report: “<a href="https://www.atlanticcouncil.org/in-depth-research-reports/issue-brief/mythical-beasts-diving-into-the-depths-of-the-global-spyware-market/">Mythical Beasts: Diving into the depths of the global spyware market</a>.”</p>
<p>Too much good detail to summarize, but here are two items:</p>
<blockquote><p>First, the authors found that the number of US-based investors in spyware has notably increased in the past year, when compared with the sample size of the spyware market captured in the first Mythical Beasts project. In the first edition, the United States was the second-largest investor in the spyware market, following Israel. In that edition, twelve investors were observed to be domiciled within the United States—­whereas in this second edition, twenty new US-based investors were observed investing in the spyware industry in 2024. This indicates a significant increase of US-based investments in spyware in 2024, catapulting the United States to being the largest investor in this sample of the spyware market. This is significant in scale, as US-based investment from 2023 to 2024 largely outpaced that of other major investing countries observed in the first dataset, including Italy, Israel, and the United Kingdom. It is also significant in the disparity it points to ­the visible enforcement gap between the flow of US dollars and US policy initiatives. Despite numerous US policy actions, such as the addition of spyware vendors on the ...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Paragon Spyware Used to Spy on European Journalists</title>
		<link>https://noise.getoto.net/2025/06/13/paragon-spyware-used-to-spy-on-european-journalists/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 13 Jun 2025 10:17:42 +0000</pubDate>
				<category><![CDATA[hacking]]></category>
		<category><![CDATA[israel]]></category>
		<category><![CDATA[Privacy]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[surveillance]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70346</guid>

					<description><![CDATA[<p>Paragon is an Israeli spyware company, increasingly in the news (now that NSO Group seems to be waning). “Graphite” is the name of its product. Citizen Lab <a href="https://citizenlab.ca/2025/06/first-forensic-confirmation-of-paragons-ios-mercenary-spyware-finds-journalists-targeted/">caught it</a> spying on multiple European journalists with a zero-click iOS exploit:</p>
<blockquote><p>On April 29, 2025, a select group of iOS users were notified by Apple that they were targeted with advanced spyware. Among the group were two journalists that consented for the technical analysis of their cases. The key findings from our forensic analysis of their devices are summarized below:</p>
<ul>
<li>Our analysis finds forensic evidence confirming with high confidence that both a prominent European journalist (who requests anonymity), and Italian journalist Ciro Pellegrino, were targeted with Paragon’s Graphite mercenary spyware.
...</li></ul></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Report on Paragon Spyware</title>
		<link>https://noise.getoto.net/2025/03/25/report-on-paragon-spyware/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 25 Mar 2025 11:05:01 +0000</pubDate>
				<category><![CDATA[israel]]></category>
		<category><![CDATA[reports]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70043</guid>

					<description><![CDATA[<p>Citizen Lab has a <a href="https://citizenlab.ca/2025/03/a-first-look-at-paragons-proliferating-spyware-operations/">new report</a> on Paragon’s spyware:</p>
<blockquote><p><strong>Key Findings:</strong></p>
<ul>
<li><strong>Introducing Paragon Solutions.</strong> Paragon Solutions was founded in Israel in 2019 and sells spyware called Graphite. The company differentiates itself by claiming it has safeguards to prevent the kinds of spyware abuses that NSO Group and other vendors are notorious for.
</li><li><strong>Infrastructure Analysis of Paragon Spyware.</strong> Based on a tip from a collaborator, we mapped out server infrastructure that we attribute to Paragon’s Graphite spyware tool. We identified a subset of suspected Paragon deployments, including in Australia, Canada, Cyprus, Denmark, Israel, and Singapore.
...</li></ul></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Screenshot-Reading Malware</title>
		<link>https://noise.getoto.net/2025/02/07/screenshot-reading-malware/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 07 Feb 2025 15:26:11 +0000</pubDate>
				<category><![CDATA[kaspersky]]></category>
		<category><![CDATA[Malware]]></category>
		<category><![CDATA[smartphones]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69888</guid>

					<description><![CDATA[Kaspersky is reporting on a new type of smartphone malware.
The malware in question uses optical character recognition (OCR) to review a device&#8217;s photo library, seeking screenshots of recovery phrases for crypto wallets. Based on their assessment...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Journalists and Civil Society Members Using WhatsApp Targeted by Paragon Spyware</title>
		<link>https://noise.getoto.net/2025/02/03/journalists-and-civil-society-members-using-whatsapp-targeted-by-paragon-spyware/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 03 Feb 2025 12:05:20 +0000</pubDate>
				<category><![CDATA[spyware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[whatsapp]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69863</guid>

					<description><![CDATA[<p>This is yet another story of commercial spyware being <a href="https://www.theguardian.com/technology/2025/jan/31/whatsapp-israel-spyware">used against</a> journalists and civil society members.</p>
<blockquote><p>The journalists and other civil society members were being alerted of a possible breach of their devices, with WhatsApp telling the Guardian it had “high confidence” that the 90 users in question had been targeted and “possibly compromised.”</p>
<p>It is not clear who was behind the attack. Like other spyware makers, Paragon’s hacking software is used by government clients and WhatsApp said it had not been able to identify the clients who ordered the alleged attacks...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Spyware Maker NSO Group Found Liable for Hacking WhatsApp</title>
		<link>https://noise.getoto.net/2024/12/24/spyware-maker-nso-group-found-liable-for-hacking-whatsapp/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 24 Dec 2024 12:04:24 +0000</pubDate>
				<category><![CDATA[academic papers]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[israel]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[whatsapp]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69713</guid>

					<description><![CDATA[A judge has found that NSO Group, maker of the Pegasus spyware, has violated the US Computer Fraud and Abuse Act by hacking WhatsApp in order to spy on people using it.
Jon Penney and I wrote a legal paper on the case.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Detecting Pegasus Infections</title>
		<link>https://noise.getoto.net/2024/12/06/detecting-pegasus-infections/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 06 Dec 2024 12:09:12 +0000</pubDate>
				<category><![CDATA[machine learning]]></category>
		<category><![CDATA[Malware]]></category>
		<category><![CDATA[smartphones]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69653</guid>

					<description><![CDATA[<p><a href="https://arstechnica.com/security/2024/12/1-phone-scanner-finds-seven-pegasus-spyware-infections/">This tool</a> seems to do a pretty good job.</p>
<blockquote><p>The company’s Mobile Threat Hunting feature uses a combination of malware signature-based detection, heuristics, and machine learning to look for anomalies in iOS and Android device activity or telltale signs of spyware infection. For paying iVerify customers, the tool regularly checks devices for potential compromise. But the company also offers a free version of the feature for anyone who downloads the iVerify Basics app for $1. These users can walk through steps to generate and send a special diagnostic utility file to iVerify and receive analysis within hours. Free users can use the tool once a month. iVerify’s infrastructure is built to be privacy-preserving, but to run the Mobile Threat Hunting feature, users must enter an email address so the company has a way to contact them if a scan turns up spyware—as it did in the seven recent Pegasus discoveries...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>NSO Group Spies on People on Behalf of Governments</title>
		<link>https://noise.getoto.net/2024/11/27/nso-group-spies-on-people-on-behalf-of-governments/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 27 Nov 2024 12:05:16 +0000</pubDate>
				<category><![CDATA[cyberespionage]]></category>
		<category><![CDATA[espionage]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[israel]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69623</guid>

					<description><![CDATA[<p>The Israeli company NSO Group sells Pegasus spyware to countries around the world (including countries like Saudi Arabia, UAE, India, Mexico, Morocco and Rwanda). We assumed that those countries use the spyware themselves. Now we’ve  <a href="https://www.theguardian.com/technology/2024/nov/14/nso-pegasus-spyware-whatsapp">learned</a> that that’s not true: that NSO Group employees operate the spyware on behalf of their customers.</p>
<blockquote><p>Legal documents released in <a href="https://www.theguardian.com/technology/2024/feb/29/pegasus-surveillance-code-whatsapp-meta-lawsuit-nso-group">ongoing US litigation between NSO Group and WhatsApp</a> have revealed for the first time that the Israeli cyberweapons maker ­ and not its government customers ­ is the party that “installs and extracts” information from mobile phones targeted by the company’s hacking software...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Why Italy Sells So Much Spyware</title>
		<link>https://noise.getoto.net/2024/11/19/why-italy-sells-so-much-spyware/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 19 Nov 2024 12:05:31 +0000</pubDate>
				<category><![CDATA[Italy]]></category>
		<category><![CDATA[Privacy]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69606</guid>

					<description><![CDATA[<p>Interesting <a href="https://therecord.media/how-italy-became-an-unexpected-spyware-hub">analysis</a>:</p>
<blockquote><p>Although much attention is given to sophisticated, zero-click spyware developed by companies like Israel’s NSO Group, the Italian spyware marketplace has been able to operate relatively under the radar by specializing in cheaper tools. According to an Italian Ministry of Justice <a href="https://www.documentcloud.org/documents/25260169-mod-bp-22-071-232_5622_1-4">document</a>, as of December 2022 law enforcement in the country could rent spyware for €150 a day, regardless of which vendor they used, and without the large acquisition costs which would normally be prohibitive.</p>
<p>As a result, thousands of spyware operations have been carried out by Italian authorities in recent years, according to a ...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Apple Is Alerting iPhone Users of Spyware Attacks</title>
		<link>https://noise.getoto.net/2024/07/11/apple-is-alerting-iphone-users-of-spyware-attacks/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 11 Jul 2024 15:09:32 +0000</pubDate>
				<category><![CDATA[Apple]]></category>
		<category><![CDATA[cybersecurity]]></category>
		<category><![CDATA[iPhone]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69139</guid>

					<description><![CDATA[Not a lot of details:
Apple has issued a new round of threat notifications to iPhone users across 98 countries, warning them of potential mercenary spyware attacks. It&#8217;s the second such alert campaign from the company this year, following a simil...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>On the Zero-Day Market</title>
		<link>https://noise.getoto.net/2024/05/24/on-the-zero-day-market/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 24 May 2024 11:07:53 +0000</pubDate>
				<category><![CDATA[academic papers]]></category>
		<category><![CDATA[cyberespionage]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[zero day]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=68950</guid>

					<description><![CDATA[<p>New paper: “<a href="https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4626426">Zero Progress on Zero Days: How the Last Ten Years Created the Modern Spyware Market</a>“:</p>
<blockquote><p>Abstract: Spyware makes surveillance simple. The last ten years have seen a global market emerge for ready-made software that lets governments surveil their citizens and foreign adversaries alike and to do so more easily than when such work required tradecraft. The last ten years have also been marked by stark failures to control spyware and its precursors and components. This Article accounts for and critiques these failures, providing a socio-technical history since 2014, particularly focusing on the conversation about trade in zero-day vulnerabilities and exploits. Second, this Article applies lessons from these failures to guide regulatory efforts going forward. While recognizing that controlling this trade is difficult, I argue countries should focus on building and strengthening multilateral coalitions of the willing, rather than on strong-arming existing multilateral institutions into working on the problem. Individually, countries should focus on export controls and other sanctions that target specific bad actors, rather than focusing on restricting particular technologies. Last, I continue to call for transparency as a key part of oversight of domestic governments’ use of spyware and related components...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Spying through Push Notifications</title>
		<link>https://noise.getoto.net/2023/12/07/spying-through-push-notifications/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 07 Dec 2023 12:02:07 +0000</pubDate>
				<category><![CDATA[metadata]]></category>
		<category><![CDATA[national security policy]]></category>
		<category><![CDATA[Privacy]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[surveillance]]></category>
		<category><![CDATA[transparency]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=68174</guid>

					<description><![CDATA[<p>When you get a push notification on your Apple or Google phone, those notifications go through Apple and Google servers. Which means that those companies can spy on them—either for their own reasons or in response to government demands.</p>
<p>Sen. Wyden is trying to <a href="https://www.reuters.com/technology/cybersecurity/governments-spying-apple-google-users-through-push-notifications-us-senator-2023-12-06/">get to the bottom of this</a>:</p>
<blockquote><p>In a statement, Apple said that Wyden’s letter gave them the opening they needed to share more details with the public about how governments monitored push notifications.</p>
<p>“In this case, the federal government prohibited us from sharing any information,” the company said in a statement. “Now that this method has become public we are updating our transparency reporting to detail these kinds of requests.”...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Spyware in India</title>
		<link>https://noise.getoto.net/2023/11/02/spyware-in-india/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 02 Nov 2023 11:07:43 +0000</pubDate>
				<category><![CDATA[Apple]]></category>
		<category><![CDATA[Privacy]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[surveillance]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=68031</guid>

					<description><![CDATA[<p>Apple has <a href="https://thewire.in/rights/apple-india-state-sponsored-spyware">warned</a> leaders of the opposition government in India that their phones are being spied on:</p>
<blockquote><p>Multiple top leaders of India’s opposition parties and several journalists have received a notification from Apple, saying that “Apple believes you are being targeted by state-sponsored attackers who are trying to remotely compromise the iPhone associated with your Apple ID ….”</p></blockquote>
<p>AccessNow puts this in <a href="https://www.accessnow.org/press-release/spyware-india-apple-notifications/">context</a>:</p>
<blockquote><p>For India to uphold fundamental rights, authorities must initiate an immediate independent inquiry, implement a ban on the use of rights-abusing commercial spyware, and make a commitment to reform the country’s surveillance laws. These latest warnings build on repeated instances of cyber intrusion and spyware usage, and highlights the surveillance impunity in India that continues to flourish despite the public outcry triggered by the ...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Analysis of Intellexa’s Predator Spyware</title>
		<link>https://noise.getoto.net/2023/10/18/analysis-of-intellexas-predator-spyware/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 18 Oct 2023 11:06:19 +0000</pubDate>
				<category><![CDATA[cyberweapons]]></category>
		<category><![CDATA[Privacy]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[surveillance]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67965</guid>

					<description><![CDATA[Amnesty International has published a comprehensive analysis of the Predator government spyware products.
These technologies used to be the exclusive purview of organizations like the NSA. Now they&#8217;re available to every country on the planet&#38;#821...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Fake Signal and Telegram Apps in the Google Play Store</title>
		<link>https://noise.getoto.net/2023/09/14/fake-signal-and-telegram-apps-in-the-google-play-store/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 14 Sep 2023 11:05:51 +0000</pubDate>
				<category><![CDATA[cyberespionage]]></category>
		<category><![CDATA[espionage]]></category>
		<category><![CDATA[open source]]></category>
		<category><![CDATA[signal]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[Telegram]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67779</guid>

					<description><![CDATA[<p>Google <a href="https://arstechnica.com/security/2023/08/google-removes-fake-signal-and-telegram-apps-hosted-on-play/">removed</a> fake Signal and Telegram apps from its Play store.</p>
<blockquote><p>An app with the name Signal Plus Messenger was available on Play for nine months and had been downloaded from Play roughly 100 times before Google took it down last April after being tipped off by security firm ESET. It was also available in the Samsung app store and on signalplus[.]org, a dedicated website mimicking the official Signal.org. An app calling itself FlyGram, meanwhile, was created by the same threat actor and was available through the same three channels. Google removed it from Play in 2021. Both apps remain available in the Samsung store...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Zero-Click Exploit in iPhones</title>
		<link>https://noise.getoto.net/2023/09/13/zero-click-exploit-in-iphones/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 13 Sep 2023 11:13:39 +0000</pubDate>
				<category><![CDATA[Apple]]></category>
		<category><![CDATA[exploits]]></category>
		<category><![CDATA[ios]]></category>
		<category><![CDATA[iPhone]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[vulnerabilities]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67777</guid>

					<description><![CDATA[<p>Make sure you <a href="https://www.bleepingcomputer.com/news/security/apple-zero-click-imessage-exploit-used-to-infect-iphones-with-spyware/">update your iPhones</a>:</p>
<blockquote><p>Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain (dubbed BLASTPASS) to deploy NSO Group’s Pegasus commercial spyware onto fully patched iPhones.</p>
<p>The two bugs, <a href="https://www.bleepingcomputer.com/news/apple/apple-discloses-2-new-zero-days-exploited-to-attack-iphones-macs/">tracked as CVE-2023-41064 and CVE-2023-41061</a>, allowed the attackers to infect a fully-patched iPhone running iOS 16.6 and belonging to a Washington DC-based civil society organization via PassKit attachments containing malicious images.</p>
<p>“We refer to the exploit chain as BLASTPASS. The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim,” Citizen Lab ...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Spyware Vendor Hacked</title>
		<link>https://noise.getoto.net/2023/09/01/spyware-vendor-hacked/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 01 Sep 2023 11:07:01 +0000</pubDate>
				<category><![CDATA[activism]]></category>
		<category><![CDATA[Brazil]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[vulnerabilities]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67737</guid>

					<description><![CDATA[<p>A Brazilian spyware app vendor was <a href="https://techcrunch.com/2023/08/26/brazil-webdetetive-spyware-deleted/">hacked</a> by activists:</p>
<blockquote><p>In an undated note seen by TechCrunch, the unnamed hackers described how they found and exploited several security vulnerabilities that allowed them to compromise WebDetetive’s servers and access its user databases. By exploiting other flaws in the spyware maker’s web dashboard—used by abusers to access the stolen phone data of their victims—the hackers said they enumerated and downloaded every dashboard record, including every customer’s email address.</p>
<p>The hackers said that dashboard access also allowed them to delete victim devices from the spyware network altogether, effectively severing the connection at the server level to prevent the device from uploading new data. “Which we definitely did. Because we could. Because #fuckstalkerware,” the hackers wrote in the note...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Paragon Solutions Spyware: Graphite</title>
		<link>https://noise.getoto.net/2023/06/08/paragon-solutions-spyware-graphite/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 08 Jun 2023 11:30:42 +0000</pubDate>
				<category><![CDATA[israel]]></category>
		<category><![CDATA[national security policy]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67429</guid>

					<description><![CDATA[<p>Paragon Solutions is yet another <a href="https://www.ft.com/content/11cb394d-a13e-4826-b580-823b9367fedb">Israeli spyware company</a>. Their product is called “Graphite,” and is a lot like NSO Group’s Pegasus. And Paragon is working with what seems to be US approval:</p>
<blockquote><p>American approval, even if indirect, has been at the heart of Paragon’s strategy. The company sought a list of allied nations that the US wouldn’t object to seeing deploy Graphite. People with knowledge of the matter suggested 35 countries are on that list, though the exact nations involved could not be determined. Most were in the EU and some in Asia, the people said...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Cyberweapons Manufacturer QuaDream Shuts Down</title>
		<link>https://noise.getoto.net/2023/04/25/cyberweapons-manufacturer-quadream-shuts-down/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 25 Apr 2023 10:09:08 +0000</pubDate>
				<category><![CDATA[cyberweapons]]></category>
		<category><![CDATA[Human Rights]]></category>
		<category><![CDATA[israel]]></category>
		<category><![CDATA[spyware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67270</guid>

					<description><![CDATA[<p>Following a <a href="https://citizenlab.ca/2023/04/spyware-vendor-quadream-exploits-victims-customers/">report on its activities</a>, the Israeli spyware company QuaDream has <a href="https://www.haaretz.com/israel-news/security-aviation/2023-04-16/ty-article/.premium/offensive-israeli-cyber-firm-quadream-closes-and-fires-all-employees/00000187-8b5c-d484-adef-ebdc048c0000">shut down</a>.</p>
<p>This was QuadDream:</p>
<blockquote><p>Key Findings</p>
<ul>
<li>Based on an analysis of samples shared with us by <i>Microsoft Threat Intelligence</i>, we developed indicators that enabled us to identify at least five civil society victims of QuaDream’s spyware and exploits in North America, Central Asia, Southeast Asia, Europe, and the Middle East. Victims include journalists, political opposition figures, and an NGO worker. We are not naming the victims at this time.</li>
<li>We also identify traces of a suspected iOS 14 zero-click exploit used to deploy QuaDream’s spyware. The exploit was deployed as a zero-day against iOS versions 14.4 and 14.4.2, and possibly other versions. The suspected exploit, which we call ...</li></ul></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 32/295 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-09 07:24:36 by W3 Total Cache
-->