Counter Spyware Solutions by Numbers Station

חוב של מאות מיליונים נמחק: הניסיון החדש להציל את NSO | בלעדי  

🚨Hollywood producer Robert Simonds of STX Entertainment, together with a group of 🇺🇸US private investors, has taken over #spyware vendor NSO Group to “save it from debt and help rescue it from the US Dept. of Commerce’s blacklisting,” 🇮🇱 business outlet Globes reports.
www.globes.co.il/news/article...

Italian businessman's phone reportedly targeted with Paragon spyware | TechCrunch The alleged targeting of prominent Italian businessman Francesco Gaetano Caltagirone now widens the Paragon spyware scandal in Italy to victims beyond journalists and activists.

The alleged targeting of Caltagirone now widens the ongoing Paragon #spyware scandal in 🇮🇹Italy to victims beyond journalists and activists, writes @lorenzofb.bsky.social.

techcrunch.com/2025/10/09/i...

Given that the primary exploit here is in iOS (in the image processing library), the one in WhatsApp just allowed the other to be triggered easily, it is very likely that Signal is at risk too. Accept a message in Signal that contains an "image" from a malicious sender and your device is owned.

WhatsApp fixes 'zero-click' bug used to hack Apple users with spyware | TechCrunch A spyware vendor was behind a recent campaign that abused a vulnerability in WhatsApp to deliver an exploit capable of hacking into iPhones and Macs.

NEW: WhatsApp has fixed a "zero-click" security flaw in its iOS and Mac apps that was being used to stealthily hack into Apple devices. Amnesty said the hacks were part of an "advanced spyware campaign."

WhatsApp tells me they sent fewer than 200 threat notifications to affected users.

Don't forget to scan your iPhone with Am I Secure? to detect installed spyware. Available on the App Store.

#BreakingNews #CyberSecurity #iPhoneHack #spyware

Still a problem for sure, but quite different than spyware being installed on her phone.

Advanced threat actors don’t burn million-dollar iOS exploits by compromising a phone and then immediately using the contacts list on it to cause trouble. They stay quiet and collect intel for months or years.

Before everyone freaks out about Susie Wiles phone getting “hacked” — yes, it’s possible her phone was compromised...

...but far more likely: a third-party account with her contact info (like GMail) was breached due to classic password reuse or some other security issue.

Consultez Am I Secure? car il ne repose pas sur des indicateurs de compromission (IoC) publics qui changent rapidement une fois exposés. C'est pourquoi les gouvernements membres de l'OTAN font confiance à nos outils d'analyse forensic pour détecter les menaces qui, autrement, resteraient cachées.

Appeals court rejects attempt by Khashoggi widow to renew suit against NSO Group An appeals court has upheld the dismissal of a lawsuit by Jamal Khashoggi's widow against spyware maker NSO Group, citing lack of jurisdiction.

An appeals court on Wednesday rejected a bid by the widow of murdered Washington Post journalist Jamal Khashoggi to revive a lawsuit against spyware maker #NSOGroup, whom she alleged played a role in her husband’s death. via @timstarks.bsky.social cyberscoop.com/appeals-cour...

Para los periodistas, ofrecemos asistencia gratuita contra el software espía. Ponte en contacto con support@numbersstation.app para acceder gratuitamente a nuestra solución Am I Secure? (disponible en la App Store).

‎TM SGNL Unlisted ‎This is not the official Signal application! The TM SGNL app uses the public open-source APIs https://github.com/signalapp and communicates over the Signal protocols https://github.com/signalapp/li...

So I think this is the TeleMessage iOS app? apps.apple.com/us/app/tm-sg...

Ideally they'd be using a completely closed network so only specific users could send/receive messages, to reduce the chance of a message/attachment/notification containing a 0/1-click exploit being delivered to the app and being processed. Wonder if all global TeleMessage users can msg each other?

If you've received a threat notification from Apple, get in touch, we provide free forensic assistance as well as ongoing spyware detection via our Am I Secure? app. A unique solution that performs deep analysis of system diagnostic data from your iPhone.

apps.apple.com/app/am-i-sec...

Google Confirms 75 Zero-Day Attacks: Phones And Browsers Were Targeted Google threat intelligence analysts have confirmed that they tracked a staggering 75 zero-day vulnerabilities being exploited in the wild during 2024.

By me @forbes.com: Great work from the Google Threat Intelligence Group in tracking 75 zero-days, half of which were linked to spyware.

#infosec

www.forbes.com/sites/daveyw...

Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis | Google Cloud Blog This Google Threat Intelligence Group report presents an analysis of detected 2024 zero-day exploits.

⚠️ Google Threat Intelligence Group (GTIG) tracked 75 zero-day vulnerabilities exploited in the wild in 2024, a decrease from the number identified in 2023 (98 vulnerabilities), but still an increase from 2022 (63 vulnerabilities).

cloud.google.com/blog/topics/...

If you are on an iOS device, Apple's Safety Check is highly recommended for domestic abuse scenarios.

support.apple.com/en-gb/guide/...

Judge limits evidence about NSO Group customers, victims in damages trial A U.S. judge limits what evidence NSO Group can present in the WhatsApp spyware trial, blocking arguments about suspected criminal targets and focusing the case on NSO’s conduct.

A 🇺🇸federal judge has placed strict limits on the kind of evidence NSO Group can raise during a trial on damages in the lawsuit WhatsApp brought against the spyware vendor over allegations it hacked 1,400 of the messaging platform’s users, writes @timstarks.bsky.social.
cyberscoop.com/whatsapp-nso...

NSO lawyer names Mexico, Saudi Arabia, and Uzbekistan as spyware customers behind 2019 WhatsApp hacks | TechCrunch This is the first time representatives for the spyware maker have publicly named its government customers.

NEW: In a hearing last week, an NSO Group lawyer said that Mexico, Saudi Arabia, and Uzbekistan were among the governments responsible for a 2019 hacking campaign against WhatsApp users.

This is the first time representatives of the spyware maker admit who its customers are.

As spyware market continues to expand, diplomatic Pall Mall Process hits a pivot point The Pall Mall Process — a diplomatic initiative designed to reform the commercial spyware and hacking market — has added more nations as it confronts an industry that is more complex than ever.

So it turns out a delegate from the U.S. National Security Council managed to fluster quite a few European counterparts by suggesting the U.S. might take lethal action against irresponsible spyware companies during the Pall Mall Process conference in Paris last week...

By me...

Judges strike skeptical note of NSO Group’s argument to dismiss case from El Salvadoran journos Dada et al v. NSO Group has been one of many cases where alleged spyware victims have run into jurisdictional hurdles.

Another spyware story I wrote today. Very spyware-y week... cyberscoop.com/nso-group-sp...

True enough, it is a step in the right direction. We are just worried that many will look at this and go "problem solved" or think a large barrier has been erected to bad behaviour by these companies.

Regulations against spyware vendors are largely ineffective because these actors can easily sidestep enforcement by dissolving and reconstituting under new names, using front companies, shell corporations, or proxies in permissive jurisdictions.

Voluntary ‘Pall Mall Process’ seeks to curb spyware abuses The 21 signatories support a number of steps, such as banning vendors who behave illegally, in a document agreed to last week in Paris.

Voluntary ‘Pall Mall Process’ seeks to curb spyware abuses, by me. cyberscoop.com/voluntary-pa...

iOS: free access to “Am I Secure?” & “Am I Secure? for Work” apps (App Store)
Android: Upload system diagnostic data for free analysis

Email electionsecurity@numbersstation.app from a party or media org email address (for verification of being affiliated with one)

Ottawa-based, Canadian-owned.

🇨🇦 To stop election interference, we’re offering FREE mobile spyware detection to Canadian political parties & journalists for #Election2025.

Same tools used to protect NATO governments from Pegasus, Predator & Graphite — now offered for free across party lines.

Details below
#cndpoli #CanadaSky

The recent attacks utilizing Paragon's Graphite, installed via WhatsApp, was focussed on Android, not iOS. Since we have successfully detected other families of spyware though, we suspect we would also detect an iOS version of it.

Barcelona-based spyware startup Variston reportedly shuts down | TechCrunch Variston, a Barcelona-based spyware vendor, is reportedly being liquidated. Intelligence Online, a trade publication that covers the surveillance and

Barcelona-based spyware vendor Variston has reportedly gone into liquidation.

This comes almost exactly a year after TechCrunch reported that Variston was in the process of shutting down after letting go of more than half-a-dozen employees techcrunch.com/2025/02/13/b...

Am I Secure? can now check Apple Watches for spyware too! The first security solution for Apple Watch. See the article by
@happygeek.bsky.social in @forbes.com

www.forbes.com/sites/daveyw...

Paragon spyware used to target citizens across Europe, says Italian government | TechCrunch WhatsApp said users in several European countries were targeted with Paragon spyware, according to the Italian government.

NEW: The Italian government denied having targeted a journalist and an activist with spyware.

According to the Italian government, WhatsApp told it that there are also targets in other EU countries such as Belgium, Germany, the Netherlands,and Spain.

techcrunch.com/2025/02/05/p...