Accountability, Government and Surveillance

Cybersecurity Governance: The Road Ahead in an Era of Constant Evolution

SecureWorld News

FEBRUARY 17, 2025

Cybersecurity governance has undergone a dramatic transformation over the past few decades. From its early days, where security was an afterthought to business operations, to the present, where it has become a board-level discussion, governance has had to adapt to an ever-evolving digital landscape.

Government

Government Cybersecurity CISO Risk

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

Security Affairs

DECEMBER 23, 2024

Will Cathcart of WhatsApp called the ruling a major privacy victory, emphasizing accountability for spyware firms after a five-year legal battle. The WIS, among other things, allows defendants clients to send cipher files with installation vectors that ultimately allow the clients to surveil target users.” ” The U.S.

Spyware

Spyware Surveillance Hacking Software

Texas Passes Most Comprehensive AI Governance Bill

SecureWorld News

JULY 2, 2025

Texas is making waves in AI governance. Governor Greg Abbott recently signed House Bill 149 , formally titled the Texas Responsible Artificial Intelligence Governance Act (TRAIGA), on June 22, 2025. Critics may argue this misses major commercial threats from AI used in surveillance, retail profiling, or hiring tools.)

Government

Government Artificial Intelligence Risk Technology

Meta Scores $168M Legal Victory Over NSO Group for Spyware Abuse

SecureWorld News

MAY 13, 2025

company has successfully held a commercial spyware vendor accountable in a court of law, Reuters reports. It's a pivotal moment for digital civil liberties, responsible surveillance governance, and the role of private enterprise in defending the cyber ecosystem. million in punitive damages, marking the first time a U.

Spyware

Spyware Surveillance CISO Government

Report from the Cambridge Cybercrime Conference

Schneier on Security

JULY 14, 2025

’ They should have been investigating all government sponsored activities. Clive Robinson • July 14, 2025 7:08 PM @ Bruce, A brief look through suggests that there is no “original crime” being demonstrated. It’s something I noted long ago on this blog and in other places.

Cybercrime

Cybercrime Adware Surveillance Antivirus

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Security Affairs

MARCH 21, 2025

The company exclusively sells exploits to the Russian government and local firms. Russian intelligence agencies could use these exploits for surveillance and espionage purposes. Despite the ban on military and government devices, Ukrainian users rely heavily on Telegram to communicate and receive news on ongoing conflicts.

Government

Government Surveillance Hacking Mobile

AI tool GeoSpy analyzes images and identifies locations in seconds

Malwarebytes

JANUARY 21, 2025

Graylark Technologies who makes GeoSpy says its been developed for government and law enforcement. Aside from the contribution towards a surveillance society, the risks of such a tool are obvious. Protect your social media accounts by using Malwarebytes Identity Theft Protection.

Identity Theft

Identity Theft Media Artificial Intelligence Surveillance

How Solid Protocol Restores Digital Agency

Schneier on Security

JULY 24, 2025

Your personal information is scattered across hundreds of locations: social media companies, IoT companies, government agencies, websites you have accounts on, and data brokers you’ve never heard of. pushed us toward centralized platforms and surveillance capitalism, but there has always been a better way. Unlike Web 2.0

Architecture

Architecture Healthcare Insurance Financial Services

NSO Group used WhatsApp exploits even after Meta-owned company sued it

Security Affairs

NOVEMBER 16, 2024

Court filing revealed that NSO Group used WhatsApp exploits after the instant messaging firm sued the surveillance company. NSO Group developed malware that relied on WhatsApp exploits to infect target individuals even after the Meta-owned instant messaging company sued the surveillance firm. from April 29, 2018, to May 10, 2020).

Spyware

Spyware Surveillance Malware Hacking

Why SMS two-factor authentication codes aren't safe and what to use instead

Zero Day

JUNE 17, 2025

PT kontekbrothers/Getty We've probably all received confirmation codes sent via text message when trying to sign into an account. Those codes are supposed to serve as two-factor authentication to confirm our identity and prevent scammers from accessing our accounts through a password alone. Your MacBook is getting a big upgrade.

Authentication

Authentication Password Management Small Business Passwords

Increased GDPR Enforcement Highlights the Need for Data Security

Security Affairs

NOVEMBER 18, 2024

government surveillance. The Irish Data Protection Commission found that Instagram’s default settings made children’s accounts visible to the public, exposing personal information like phone numbers and email addresses. After the invalidation of the EU-U.S.

Data privacy

Data privacy Risk Surveillance Government

WhatsApp fixed zero-day flaw used to deploy Paragon Graphite spyware

Security Affairs

MARCH 19, 2025

The Meta-owned company linked the hacking campaign to Paragon, an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024. This is the latest example of why spyware companies must be held accountable for their unlawful actions. ” reads the report published by Citizien Labs.

Spyware

Spyware Surveillance Hacking Media

Serbian student activist’s phone hacked using Cellebrite zero-day exploit

Security Affairs

MARCH 3, 2025

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming. reads the advisory.

Hacking

Hacking Spyware Technology Surveillance

APT trends report Q3 2024

SecureList

NOVEMBER 28, 2024

The secure USB drive was developed by a government entity in Southeast Asia to securely store and transfer files between machines in sensitive environments. Chinese-speaking activity In July 2021, we detected a campaign called ExCone targeting government entities in Russia.

Malware

Malware Government Software Spyware

Privacy Roundup: Week 12 of Year 2025

Security Boulevard

MARCH 24, 2025

While MFA is primarily a security feature, its primary privacy benefit is adding another layer of security to prevent unauthorized access to information contained in particular important or sensitive accounts. Surveillance Tech in the News This section covers surveillance technology and methods in the news.

Surveillance

Surveillance Telecommunications Data breaches Spyware

Security Affairs newsletter Round 507 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 19, 2025

CISA adds Aviatrix Controllers vulnerability to its Known Exploited Vulnerabilities catalog ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems Russia-linked APT Star Blizzard targets WhatsApp accounts Prominent US law firm Wolf Haldenstein disclosed a data breach Clop Ransomware exploits Cleo File Transfer flaw: dozens (..)

Spyware

Spyware DNS Data breaches Firewall

16 billion passwords leaked across Apple, Google, more: What to know and how to protect yourself

Zero Day

JUNE 22, 2025

Here's how to check if your accounts are at risk and what to do next. You should always use different and strong, complex passwords to secure your accounts (another area a password manager can help), and this is why: once one service is compromised, the same password and user combination could lead to an exposed account elsewhere.

Passwords

Passwords Data breaches Password Management Identity Theft

Russia’s FSB used spyware against a Russian programmer

Security Affairs

DECEMBER 7, 2024

. “The spyware bears many similarities to the Monokle family of spyware, previously reported on by Lookout Mobile Security , which they attribute to the Special Technology Center, a contractor to the Russian government.” These extended capabilities suggest that the malware aims for comprehensive surveillance of the target device.

Spyware

Spyware Passwords Encryption Surveillance

Security Affairs newsletter Round 510 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 9, 2025

Here’s how data awareness can help HTTP Client Tools Exploitation for Account Takeover Attacks Dangerous hacker responsible for more than 40 cyberattacks on strategic organizations arrested Whos Behind the Seized Forums Cracked & Nulled? What are the risks?

Spyware

Spyware Cybercrime Scams Social Engineering

Canadian Man Arrested in Snowflake Data Extortions

Krebs on Security

NOVEMBER 5, 2024

At the end of 2023, malicious hackers learned that many large companies had uploaded huge volumes of sensitive customer data to Snowflake accounts that were protected with little more than a username and password (no multi-factor authentication required). government agencies and first responders. “The rest is just ransom.”

Cybercrime

Cybercrime Mobile Telecommunications Hacking

Key Cybersecurity Trends for 2025. My Predictions

Jane Frankland

JANUARY 12, 2025

These challenges include bias and discrimination embedded in algorithms, privacy violations due to enhanced surveillance capabilities, and the difficulty of assigning accountability for decisions made by AI systems. Ethics The ethical challenges posed by advancing AI technologies will demand urgent attention in 2025.

Cybersecurity

Cybersecurity CISO Insurance IoT

Protect Your Privacy: Best Secure Messaging Apps in 2025

eSecurity Planet

JUNE 25, 2025

It uses blockchain-level cryptography and decentralized peer-to-peer connections to power secure video calls and messaging: with no accounts, no servers, and no stored data. It requires no phone number, email, or account setup. Briar Briar is built for when traditional networks fail, or surveillance is everywhere.

Encryption

Encryption Data collection Backups Accountability

Getting the Most Value Out of the OSCP: The Exam

Security Boulevard

APRIL 22, 2025

Your time-management strategy should also account for the maintenance of your own body: plan your meals in advance, step away from the screen while eating, and stay well hydrated. In 2018, in response to growing concerns about cheating, OffSec introduced an online proctoring system to the exam.

Penetration Testing

Penetration Testing Engineering Risk Social Engineering

Heard about the 16 billion passwords leak? Here are the facts and how to protect yourself

Zero Day

JUNE 20, 2025

Here's how to check if your accounts are at risk and what to do next. You should always use different and strong, complex passwords to secure your accounts (another area a password manager can help), and this is why: once one service is compromised, the same password and user combination could lead to an exposed account elsewhere.

Passwords

Passwords Data breaches Password Management Identity Theft

Protect Your Privacy: Best Secure Messaging Apps in 2025

eSecurity Planet

JUNE 25, 2025

It uses blockchain-level cryptography and decentralized peer-to-peer connections to power secure video calls and messaging: with no accounts, no servers, and no stored data. It requires no phone number, email, or account setup. Briar Briar is built for when traditional networks fail, or surveillance is everywhere.

Encryption

Encryption Data collection Backups Accountability

Apple removes iCloud encryption in UK following backdoor demand

Security Affairs

FEBRUARY 22, 2025

Apple removed iClouds Advanced Data Protection in the UK after the government requested encryption backdoor access. Apple ends iCloud end-to-end encryption in the United Kingdom following the government’s request for encryption backdoor access. Advanced Data Protection is now unavailable for new UK users. said Sen. In 2022 U.K.

Encryption

Encryption Backups Government Surveillance

3 Percent ($30B) of U.S. Military Funding Dedicated to Cybersecurity

SecureWorld News

JANUARY 9, 2025

government than anything else," said Staynings. government (and many other national governments) have determined ransomware to be a form of terrorism. This needs to include their time and expenses to attend court hearings and government committees of inquiry. This omission continues to allow warrantless access to U.S.

Cybersecurity

Cybersecurity Manufacturing Surveillance Ransomware

Hacker in Snowflake Extortions May Be a U.S. Soldier

Krebs on Security

NOVEMBER 26, 2024

At the end of 2023, malicious hackers discovered that many companies had uploaded huge volumes of sensitive customer data to Snowflake accounts that were protected with nothing more than a username and password (no multi-factor authentication required). A surveillance photo of Connor Riley Moucka, a.k.a. Also on Nov. I am a u.s.

DDOS

DDOS Cybercrime Accountability Government

The Ultimate ISO 27001 Checklist: Step-by-Step Guide to Simplify Your Compliance Journey

Centraleyes

MAY 5, 2025

Here, you define the ISMSs scope and objectives, set up governance, and secure executive sponsorship. Document Roles & Responsibilities: Identify key stakeholders, from the steering group to operational teams, ensuring accountability and smooth communication. This is where you define what success looks like.

Risk

Risk Information Security Firewall Education

Trade Wars: How U.S. Tariffs Are Reshaping Cyber Risk and Resilience

SecureWorld News

MARCH 5, 2025

This article explores how the latest tariffs could reshape cybersecurity for enterprises, cybersecurity vendors, and government agencies. That headache is real, of course, but accountants and lawyers will step up to sort it out," said Mike Wilkes , Former CISO, MLS; Adjunct Professor, NYU. RELATED: AI Diffusion Rule to Protect U.S.

Cyber Risk

Cyber Risk Risk Cyber Insurance Small Business

How New U.S. Legislation Changes Global Digital Sovereignty as We Know It

Thales Cloud Protection & Licensing

MAY 28, 2025

Foreign Intelligence Surveillance Act (FISA) 702 and Clarifying Lawful Overseas Use of Data (CLOUD) Act in detail FISA 702 FISA Section 702 now authorizes U.S. government can compel access to data about non-U.S. Recent regulatory shifts raise questions The complex web of global and local regulations just got more complex as the U.S.

Authentication

Authentication Digital transformation Software Surveillance

Security Affairs newsletter Round 513 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 2, 2025

Spreads via Impersonation of Official Email to Target Users in Taiwan Belgian prosecutor probes alleged Chinese hacking of intelligence service Exclusive: Hegseth orders Cyber Command to stand down on Russia planning Cybersecurity Trump 2.0

Cybercrime

Cybercrime Hacking Ransomware Cryptocurrency

IVPN review: This VPN takes privacy to the next level

Zero Day

JUNE 27, 2025

The company publishes annual security and transparency audit reports, including government requests it has received. With just one click, I generated my account on the website, paid for a subscription, and that was it -- no need to navigate through many pages and enter personal information.

VPN

VPN Password Management Small Business DNS

Trump Officials Want to Prosecute Over the ICEBlock App. Lawyers Say That’s Unconstitutional

WIRED Threat Level

JULY 3, 2025

Speaking alongside President Donald Trump outside a migrant detention center known as “Alligator Alcatraz” in Florida on Tuesday, Homeland Security secretary Kristi Noem said the government was looking into prosecuting CNN. Prior to WIRED, Reece covered streaming at Business Insider. We break down what’s included and how much it costs.

Accountability

Accountability Media Surveillance Technology

ISO 42001 Certification: Step-by-Step Guide to Achieve

Centraleyes

JULY 3, 2025

The standard introduces structured governance, risk assessments, and oversight. Developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), the standard sets out a structured framework to help organizations deploy and govern AI systems responsibly.

Government

Government Risk Accountability Artificial Intelligence

Bulk Surveillance of Money Transfers

Schneier on Security

JANUARY 24, 2023

Just another obscure warrantless surveillance program. US law enforcement can access details of money transfers without a warrant through an obscure surveillance program the Arizona attorney general’s office created in 2014.

Surveillance

Surveillance Government Accountability

Spying through Push Notifications

Schneier on Security

DECEMBER 7, 2023

Which means that those companies can spy on them—either for their own reasons or in response to government demands. “In this case, the federal government prohibited us from sharing any information,” the company said in a statement.

Surveillance

Surveillance Government Accountability Spyware

On the Zero-Day Market

Schneier on Security

MAY 24, 2024

New paper: “ Zero Progress on Zero Days: How the Last Ten Years Created the Modern Spyware Market “: Abstract: Spyware makes surveillance simple. Last, I continue to call for transparency as a key part of oversight of domestic governments’ use of spyware and related components.

Marketing

Marketing Spyware Surveillance Government

Regulating International Trade in Commercial Spyware

Schneier on Security

AUGUST 5, 2019

Deibert, and John Scott-Railton of Citizen Lab published an editorial calling for regulating the international trade in commercial surveillance systems until we can figure out how to curb human rights abuses. The purchase of surveillance technology by law enforcement in any state must be transparent and subject to public debate.

Spyware

Spyware Surveillance Technology Accountability

Pegasus Project – how governments use Pegasus spyware against journalists

Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Spyware

Spyware Government Surveillance Media

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

Security Affairs

SEPTEMBER 16, 2024

The IT giant fears that the disclosures of its threat intelligence related to commercial spyware operations could aid NSO and other surveillance firms. Because of these efforts, along with the efforts of others in the industry and national governments to combat the rise of commercial spyware, Defendants have been substantially weakened.”

Surveillance

Surveillance Spyware Risk Hacking

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Security Affairs

APRIL 8, 2020

In October 2019, WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. The researchers also spotted other attacks against a Mexican journalist who reported to the public a story of the corruption in the Mexican government. ”the court filing reads.

Surveillance

Surveillance Spyware Government Advertising

Predator Files: A Scathing Indictment of EU Surveillance Regulation

SecureWorld News

NOVEMBER 21, 2023

In a groundbreaking investigative report, the European Investigative Collaborations (EIC) media network, with technical assistance from Amnesty International's Security Lab, has exposed the shocking extent of the global surveillance crisis and the glaring inadequacies of EU regulation in curbing it. Chairman, Cedric Leighton Associates, LLC.

Surveillance

Surveillance Spyware Technology Media

CCTV Remote Surveillance Guide: Benefits of Remote Monitoring

Security Boulevard

JANUARY 20, 2023

Active and ongoing construction projects are worth monitoring for security, accountability and liability. The post CCTV Remote Surveillance Guide: Benefits of Remote Monitoring appeared first on Security Boulevard. There are multiple ways that CCTV remote monitoring can benefit construction companies and property owners.

Surveillance

Surveillance Accountability Security Awareness Risk

Cybersecurity Governance: The Road Ahead in an Era of Constant Evolution

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

Trending Sources

Texas Passes Most Comprehensive AI Governance Bill

Meta Scores $168M Legal Victory Over NSO Group for Spyware Abuse

Report from the Cambridge Cybercrime Conference

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

AI tool GeoSpy analyzes images and identifies locations in seconds

How Solid Protocol Restores Digital Agency

NSO Group used WhatsApp exploits even after Meta-owned company sued it

Why SMS two-factor authentication codes aren't safe and what to use instead

Increased GDPR Enforcement Highlights the Need for Data Security

WhatsApp fixed zero-day flaw used to deploy Paragon Graphite spyware

Serbian student activist’s phone hacked using Cellebrite zero-day exploit

APT trends report Q3 2024

Privacy Roundup: Week 12 of Year 2025

Security Affairs newsletter Round 507 by Pierluigi Paganini – INTERNATIONAL EDITION

16 billion passwords leaked across Apple, Google, more: What to know and how to protect yourself

Russia’s FSB used spyware against a Russian programmer

Security Affairs newsletter Round 510 by Pierluigi Paganini – INTERNATIONAL EDITION

Canadian Man Arrested in Snowflake Data Extortions

Key Cybersecurity Trends for 2025. My Predictions

Protect Your Privacy: Best Secure Messaging Apps in 2025

Getting the Most Value Out of the OSCP: The Exam

Heard about the 16 billion passwords leak? Here are the facts and how to protect yourself

Protect Your Privacy: Best Secure Messaging Apps in 2025

Apple removes iCloud encryption in UK following backdoor demand

3 Percent ($30B) of U.S. Military Funding Dedicated to Cybersecurity

Hacker in Snowflake Extortions May Be a U.S. Soldier

The Ultimate ISO 27001 Checklist: Step-by-Step Guide to Simplify Your Compliance Journey

Trade Wars: How U.S. Tariffs Are Reshaping Cyber Risk and Resilience

How New U.S. Legislation Changes Global Digital Sovereignty as We Know It

Security Affairs newsletter Round 513 by Pierluigi Paganini – INTERNATIONAL EDITION

IVPN review: This VPN takes privacy to the next level

Trump Officials Want to Prosecute Over the ICEBlock App. Lawyers Say That’s Unconstitutional

ISO 42001 Certification: Step-by-Step Guide to Achieve

Bulk Surveillance of Money Transfers

Spying through Push Notifications

On the Zero-Day Market

Regulating International Trade in Commercial Spyware

Pegasus Project – how governments use Pegasus spyware against journalists

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Predator Files: A Scathing Indictment of EU Surveillance Regulation

CCTV Remote Surveillance Guide: Benefits of Remote Monitoring

Stay Connected