In what the White House says is a precedent-setting move, President Biden has signed an executive order prohibiting use by the U.S. Government of “commercial spyware,” powerful cyber technology used by state actors to spy on journalists, dissidents and human rights activists. The White House defined the class of apps as “sophisticated and invasive cyber surveillance tools sold by vendors to access electronic devices remotely, extract their content, and manipulate their components, all without the knowledge or consent of the devices’ users,” explaining such technology “has proliferated in recent years with few controls and high risk of abuse.” Continue reading Biden Restricts the Government Use of Commercial Spyware

Apple is previewing a new security capability for its upcoming iOS 16 release that is designed to help high-value targets fend off state-sponsored cyberattacks. Politicians, journalists, industrial leaders can all benefit from Lockdown Mode, says Apple, which also shared details of a $10 million research grant to help civil society organizations battle mercenary spyware threats. Emphasizing Lockdown Mode is “an extreme, optional protection for the very small number of users who face grave, targeted threats to their digital security,” Apple says it will debut this fall, including for the iPadOS 16 and macOS Ventura. Continue reading Apple’s Lockdown Mode Combats State-Sponsored Spyware

In the security world, “bug bounty” programs are becoming more common, from Facebook to the Department of Defense. Hackers who can reveal the hidden vulnerabilities of a device, system or corporation can reap significant financial rewards. Apple launched its program in 2016 and offers payouts of up to $1 million for the most elusive flaws. The tech giant reportedly spent $3.7 million on such exercises in the 12-month period ending in July 2021, during which time Google shelled out $6.7 million and Microsoft spent $13.6 million. Such programs have become a valuable tool in security maintenance, putting hackers’ inquisitive natures to productive use.  Continue reading Tech Firms Raid Security Flaws with ‘Bug Bounty’ Programs

A consortium of media outlets dubbed the Pegasus Project found that Israeli surveillance firm NSO Group licensed its military-grade spyware Pegasus to governments that used it to hack 37 smartphones of business executives, human rights activists and journalists. Two women close to murdered Saudi journalist Jamal Khasghoggi were also reportedly targeted. Amnesty International and journalism non-profit Forbidden Stories shared a list of 50,000 phone numbers that dates to 2016 and included the 37 targets. New evidence also suggests that thousands of iPhones worldwide may have been compromised.  Continue reading Media Consortium Reveals Extent of Pegasus Spyware Reach

OpenAI’s natural language processing (NLP) model GPT-3 offers 175 billion parameters, compared with its predecessor, GPT-2’s mere 1.5 billion parameters. The result of GPT-3’s immense size has enabled it to generate human-like text based on only a few examples of a task. Now, many users have gained access to the API, and the result has been some interesting use cases and applications. But the ecosystem is still nascent and how it matures — or whether it’s superseded by another NLP model — remains to be seen. Continue reading GPT-3: New Applications Developed for OpenAI’s NLP Model

Hackers have reportedly been injecting Israeli spyware onto smartphones via the popular Facebook-owned messaging service WhatsApp. The surveillance software, named Pegasus, was developed by Israeli firm NSO Group and can access an iPhone with a single missed voice call on WhatsApp. NSO claims that it carefully vets its customers; the company’s software is intended for government agencies to combat crime and terrorism. While it is currently unknown how many users may have been affected at this point (the problem was first discovered in early May), WhatsApp says it has created a patch to address the vulnerability. Continue reading WhatsApp Calls Used to Inject Spyware on Mobile Phones

The NSO Group, an Israeli firm that sells software for invisibly tracking mobile phones, is believed to be responsible for leveraging three security vulnerabilities in Apple devices to spy on journalists and dissidents. The software can reportedly be used to access passwords, emails, text messages, calls, contacts and more. Apple fixed the security flaws 10 days after two researchers provided the tip. The company urges all users to download the latest version of iOS. “Apple on Thursday released a patched version of its mobile software, iOS 9.3.5,” reports The New York Times. “Users can get the patch through a normal software update.” Continue reading Security Alert: Apple Urges iPhone Users to Update Their iOS