ICYMI (story broke late Friday evening): A judge has ordered NSO Group to stop targeting WhatsApp users. At the same time the judge reduced the damages the spyware maker had to pay to WhatsApp from $167 million to $4M, becasue there was no evidence NSO’s behavior was “particularly egregious."
TechCrunch
Spyware maker NSO Group blocked from WhatsApp | TechCrunch
A federal judge has granted Meta-owned WhatsApp’s request for a permanent injunction blocking Israeli cyberintelligence company NSO Group from ta...
SCOOP: ICE's Homeland Security Investigation signed a $3 million contract with Magnet Forensics, which makes phone hacking tech for law enforcement agencies that is "essential to mission of protecting national security & public." Magnet Forensics makes the phone unlocking system Graykey. We also found other recent contracts for the same technology for HSI in Charlotte and Detroit.
TechCrunch
ICE unit signs new $3M contract for phone-hacking tech | TechCrunch
Homeland Security Investigations, the law enforcement arm of ICE, adds phone-unlocking tech made by Magnet Forensics to its arsenal of technology u...
Everyone has their own threat models, so I don't want to make broad, sweeping recommendations here, but if you use Protonmail to talk to sources, you should read this story. The way Protonmail handled this whole thing is quite bad. No transparency, dismissing the story as being "blown out of proportion."
The Intercept
Proton Mail Suspended Journalist Accounts at Request of Cybersecurity Agency
The journalists were reporting on suspected North Korean hackers. Proton only reinstated their accounts after a public outcry.
NEW: The two Harvard students who doxed random people with Meta Ray-Ban glasses are launching "always-on" AI-powered smart glasses that listen, record, and transcribe, everything happening around them. The glasses don't have an indicator that shows people around them that they are being recorded. [@evacide](
Hachyderm.io
evacide (@evacide@hachyderm.io)
2.29K Posts, 308 Following, 75.3K Followers · Director of Cybersecurity @EFF / Co-founder of @stopstalkerware / These are my opinions, not my ...
 ) is not a fan: "Normalizing the use of an always-on recording device, which in many circumstances would require the user to get the consent of everyone within recording distance, eats away at the expectation of privacy we have for our conversations in all kinds of spaces.”
TechCrunch
Harvard dropouts to launch 'always on' AI smart glasses that listen and record every conversation | TechCrunch
After developing a facial-recognition app for Meta’s Ray-Ban glasses and doxing random people, two former Harvard students are now launching a st...
NEW: Two hackers broke into the computer of a hacker allegedly working for the North Korean spy group known as "Kimsuky." The hackers then leaked a treasure trove of stolen data, exposing a North Korean spy operation against South Korean targets. “Kimsuky, you’re not a hacker. You are driven by financial greed, to enrich your leaders, and to fulfill their political agenda. You steal from others and favour your own. You value yourself above the others: You are morally perverted,” the two wrote in their Phrack magazine article. “You hack for all the wrong reasons.”
TechCrunch
Hackers breach and expose a major North Korean spying operation | TechCrunch
Two hackers broke into the computer of a North Korean government hacker and leaked its contents, offering a rare glimpse inside the secretive natio...
NEW: CloudFlare says it detected Perplexity scraping and crawling websites that explicitly block it from scraping them. Based on customers' complaints and its own experiments, the company says Perplexity is using "stealth" bots and changing its bots "user agent" to circumvent restrictions.
TechCrunch
Perplexity accused of scraping websites that explicitly blocked AI scraping | TechCrunch
Internet giant Cloudflare says it detected Perplexity crawling and scraping websites, even after customers had added technical blocks telling Perpl...
NEW: Security researchers and CISA warn that hackers are exploiting a flaw in the Signal clone TeleMessage, which could lead to them stealing "plaintext usernames, passwords, and other sensitive data." @h0wdy, the researcher who analyzed it said they were "in disbelief at the simplicity of this exploit."
TechCrunch
Hackers are trying to steal passwords and sensitive data from users of Signal clone | TechCrunch
The bug in the modified messaging app can expose users' “plaintext usernames, passwords, and other sensitive data,” per GreyNoise.
NEW: Over the weekend, Jack Dorsey launched an open-source chat app called Bitchat, which he promised to be “secure” and “private.” He then later added a warning that the app not been tested or reviewed for security issues, asking people not to trust it as "it does not necessarily meet its stated security goals." Security researchers are already finding flaws in it.
TechCrunch
Jack Dorsey says his 'secure' new Bitchat app has not been tested for security | TechCrunch
Dorsey admitted that his new messaging app had not been reviewed or tested for security issues prior to its launch.