I’ve followed various coverage of Havana Syndrome over the years; still interesting to hear what @jenniferpforde and @bungey uncovered in their podcast ‘Havana Helmet Club’ (and I loved ‘West Cork’ from a few years ago).

Been really enjoying this new book about Gunvor Galtung Haavik, a nurse turned secretary for the Norwegian MoFA in Moscow — and KGB spy for 30 years. The KGB used her to get closer to Americans, including Marion Peacock, Lloyd Eddenfield, Bernie G. Britain, and Roy Rhodes.

I’m very excited to discuss journalism and source protection at the @gijn conference in Kuala Lumpur next month, alongside @sandrinerigaud, @DelphineHalgand, @ArnaudOudraogo1, and @IDashboard.

Spent the last week in Taiwan! Such a beautiful country and lots of delicious food. Would love to visit again! 🇹🇼

Working on my skydiving license in between security assessments, keynotes, and research. Here’s my first jump in Empuriabrava, Spain with two instructors and my own parachute.

Thanks to @odanettverk for inviting me to keynote Inspiration Day yesterday! Really enjoyed being back in Oslo and talking about the importance of end-to-end encryption.

Had the pleasure of being a guest on the Adventures of Alice & Bob Podcast recently! Check out the interview for stories about my work with journalists and high-risk people — and that one time I hacked a smart-rifle in 2015.

The Kaspersky researchers who discovered Careto more than a decade ago privately concluded that the group was run by the Spanish government. Careto relied heavily on phishing emails impersonating Spanish newspapers. https://t.co/z2VKNcd8iE

I’ll be in Stockholm in mid-June! Available for consulting, presentations, workshops for journalists and security folks. Also planning on spending some time in the wind tunnel. 🥳

A team of journalists in Norway spent a year secretly monitoring a credit card fraud gang to uncover who's behind it and how they operate. Here's the story -- in English -- of how they unmasked Darcula and the crime-as-a-service software Magic Cat.

I’m really looking forward to speaking at @odanettverk Inspiration Day in Oslo on May 28! I’ll be there a couple of days prior and would love to meet folks for coffee and/or work.

News articles often focus on spyware victims who had their devices checked and opted to go public. We rarely hear about those who didn’t. New court documents from WhatsApp v. NSO shed some light on the true scale of the targeting in a 2019 campaign.

More of this, please.

As @AlecMuffett noted yesterday, it looks like the U.K. government has quietly scrubbed all encryption advice from government web pages.

Italy’s national union for journalists is demanding answers from the authorities following news that seven phones in the country were targeted with spyware from Paragon — including a journalist.

All the newsrooms I’ve spoken to say having a confidential tip line is incredibly helpful, even if you do have to deal with some non-tips and other spam.

If you’re interested in aviation security, check out this fantastic 2013 talk from @hteso on leveraging ADS-B, ACARS, and on-board systems to attack virtual airplanes systems.

In September 2018, @citizenlab published a report identifying "45 countries where Pegasus operators may be conducting surveillance operations” – including Libya. Operator BLACKBIRD was active between – at least – September 2016 and September 2018.

In November, Apple told @DavidYambio he was targeted by “a mercenary spyware attack.” Yambio, an activist in Italy, has long criticized Italy’s dealings with Libya. He did not receive a notification from WhatsApp, so unclear what he was targeted with.

In Chasing Shadows, @RonDeibert writes that @NYTBen was the first case “of an American journalist being targeted with Pegasus.” Hubbard was targeted in June 2018, but due to “concerns of New York Times management about going public,” @citizenlab didn’t publish until early 2020.