Thanks to @odanettverk for inviting me to keynote Inspiration Day yesterday! Really enjoyed being back in Oslo and talking about the importance of end-to-end encryption.

Had the pleasure of being a guest on the Adventures of Alice & Bob Podcast recently! Check out the interview for stories about my work with journalists and high-risk people — and that one time I hacked a smart-rifle in 2015.

The Kaspersky researchers who discovered Careto more than a decade ago privately concluded that the group was run by the Spanish government. Careto relied heavily on phishing emails impersonating Spanish newspapers.

I’ll be in Stockholm in mid-June! Available for consulting, presentations, workshops for journalists and security folks. Also planning on spending some time in the wind tunnel. 🥳.

A team of journalists in Norway spent a year secretly monitoring a credit card fraud gang to uncover who's behind it and how they operate. Here's the story -- in English -- of how they unmasked Darcula and the crime-as-a-service software Magic Cat.

I’m really looking forward to speaking at @odanettverk Inspiration Day in Oslo on May 28! I’ll be there a couple of days prior and would love to meet folks for coffee and/or work.

News articles often focus on spyware victims who had their devices checked and opted to go public. We rarely hear about those who didn’t. New court documents from WhatsApp v. NSO shed some light on the true scale of the targeting in a 2019 campaign.

More of this, please.

As @AlecMuffett noted yesterday, it looks like the U.K. government has quietly scrubbed all encryption advice from government web pages.

Italy’s national union for journalists is demanding answers from the authorities following news that seven phones in the country were targeted with spyware from Paragon — including a journalist.

All the newsrooms I’ve spoken to say having a confidential tip line is incredibly helpful, even if you do have to deal with some non-tips and other spam.

If you’re interested in aviation security, check out this fantastic 2013 talk from @hteso on leveraging ADS-B, ACARS, and on-board systems to attack virtual airplanes systems.

In September 2018, @citizenlab published a report identifying "45 countries where Pegasus operators may be conducting surveillance operations” – including Libya. Operator BLACKBIRD was active between – at least – September 2016 and September 2018.

In November, Apple told @DavidYambio he was targeted by “a mercenary spyware attack.” Yambio, an activist in Italy, has long criticized Italy’s dealings with Libya. He did not receive a notification from WhatsApp, so unclear what he was targeted with.

In Chasing Shadows, @RonDeibert writes that @NYTBen was the first case “of an American journalist being targeted with Pegasus.” Hubbard was targeted in June 2018, but due to “concerns of New York Times management about going public,” @citizenlab didn’t publish until early 2020.

In December 2023, the U.K. National Cyber Security Centre published digital security guidance for high-risk people. I always found it odd that the guide made no mention of encrypting data at rest, be it on the device or in the cloud.

Apple’s Lockdown Mode feature for iOS, iPadOS, macOS, and watchOS remains the best protection we have against sophisticated spyware. Here’s what you should know about the feature, to turn it on: Settings > Privacy & Security.

The U.K. government doesn't want you to encrypt your iCloud data, which means you should definitely turn on Advanced Data Protection under Settings and iCloud.

Arne Treholt was a journalist, diplomat, and part of Norway's delegation to the UN in 1979. The FBI helped Norway surveil Treholt and his wife in NYC. He was arrested in January 1984, convicted of spying for the Soviets and Iraq, and sentenced to 20 years.

In May 1984, two top officials from the Norwegian Police Surveillance Agency visited FBIHQ and participated “as guest lecturers at an Advanced Techniques In-Service” at Quantico. The two men uncovered several illegal Soviet spies in Norway, including Arne Treholt.