[OPLIN 4cast] OPLIN 4Cast #760: Pegasus spyware was made to fight terrorists, but can (allegedly) pwn everyone" Wrong.

OPLIN OPLIN support at oplin.ohio.gov
Wed Jul 21 10:30:31 EDT 2021 

Email not displaying correctly? View it in your browser.
<http://www.oplin.org/4cast/>
[image: OPLIN 4Cast]

OPLIN 4Cast #760: Pegasus spyware was made to fight terrorists, but can
(allegedly) pwn everyone" Wrong.
July 21st, 2021

[image: Man in dark hood with digital background] "Pegasus" is a spyware
system developed to investigate and prevent terrorism and serious crime.
Made by Israeli cybersecurity company NSO Group, it is sold only to
government intelligence and law enforcement agencies. But human rights
group Amnesty International has released detailed documentation of their
investigation finding the software on more than 50,000 phone numbers,
including activists, journalists, politicians, teachers, business leaders,
and so on. I doubt it's on my phone presently, but I don't really find that
thought at all comforting.

   -
   - Private Israeli spyware used to hack cellphones of journalists,
   activists worldwide
   <https://www.washingtonpost.com/investigations/interactive/2021/nso-spyware-pegasus-cellphones/>
   [*The Washington Post*] "The targeting of the 37 smartphones would
   appear to conflict with the stated purpose of NSO’s licensing of the
   Pegasus spyware, which the company says is intended only for use in
   surveilling terrorists and major criminals. The evidence extracted from
   these smartphones, revealed here for the first time, calls into question
   pledges by the Israeli company to police its clients for human rights
   abuses."
   - Spyware successfully broke into journalists' iPhones by sending
   iMessages that didn't even need to be read
   <https://www.businessinsider.com/nso-group-spyware-iphone-zero-click-imessage-attacks-2021-7>
   [*Insider*] "[Amnesty International] found evidence of 'zero-click'
   iMessage attacks being targeted at journalists going back to 2018, with
   alarming implications for iPhone security. Zero-click attacks don't require
   any interaction from the victim to break into a phone... These most recent
   discoveries indicate NSO Group's customers are currently able to remotely
   compromise all recent iPhone models and versions of iOS."
   - Apple under pressure over iPhone security after NSO spyware claims
   <https://arstechnica.com/information-technology/2021/07/apple-under-pressure-over-iphone-security-after-nso-spyware-claims/>
   [*Ars Technica*] "Bill Marczak, research fellow at Citizen Lab, a
   nonprofit group that has extensively documented NSO’s tactics, said
   Amnesty’s findings suggested that Apple had a 'major blinking red
   five-alarm-fire problem with iMessage security.' A similar kind of
   zero-click Pegasus attack was identified using Facebook-owned WhatsApp
   messenger in 2019."
   - This tool tells you if NSO’s Pegasus spyware targeted your phone
   <https://techcrunch.com/2021/07/19/toolkit-nso-pegasus-iphone-android/https://techcrunch.com/2021/07/19/toolkit-nso-pegasus-iphone-android/>
   [*TechCrunch*] "The toolkit works on the command line, so it’s not a
   refined and polished user experience and requires some basic knowledge of
   how to navigate the terminal... As command line tools go, [it's] relatively
   simple to use, though the project is open source so it won’t be long before
   someone will surely build a user interface for it."

*From the Ohio Web Library <http://ohioweblibrary.org>:*

   - Trew, Bel. “Who Is the NSO Group?
   <http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=cmh&AN=4HGINDDMGTCHPDSTRY000053320261>
   ” *Independent (UK)*, 20 July 2021.
   - Sandro Contenta. “Surveillance Company NSO Group Says It Doesn’t
   Condone Human Rights Violations
   <https://search-ebscohost-com.proxy.oplin.org/login.aspx?direct=true&db=pwh&AN=6FPTS2019121456624330&site=ehost-live>
   .” *Toronto Star (Canada)*, 14 Dec. 2019.
   - Brewster, Thomas. “1,400 WhatsApp Hacks In 2 Weeks - Were You A Target
   Of Israeli Spyware?
   <https://search-ebscohost-com.proxy.oplin.org/login.aspx?direct=true&db=buh&AN=139451692&site=ehost-live>
   ” *Forbes.Com*, Oct. 2019, p. 1.

------------------------------
The *OPLIN 4cast* is a weekly compilation of recent headlines, topics, and
trends that could impact public libraries. You can subscribe to it in a
variety of ways, such as:

   - *RSS feed.* You can receive the OPLIN 4cast via RSS feed by
   subscribing to the following URL:
   http://www.oplin.org/4cast/index.php/?feed=rss2.
   - *E-mail.* You can have the OPLIN 4cast delivered via e-mail (a'la
   OPLINlist and OPLINtech) by subscribing to the 4cast mailing list at
   http://lists.oplin.org/mailman/listinfo/OPLIN4cast.

© 2021 Ohio Public Library Information Network
[image: Find us on Slideshare] <http://www.slideshare.net/oplin>  [image:
Find us on Facebook] <http://www.facebook.com/oplin.org>  [image: Find us
on Google+] <https://plus.google.com/107751358238995507967>  [image: Find
us on Twitter] <http://www.twitter.com/oplin>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oplin.org/pipermail/oplin4cast/attachments/20210721/bc824fe9/attachment.htm>

More information about the OPLIN4cast mailing list