惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Secure Thoughts
Recent Commits to openclaw:main
Recent Commits to openclaw:main
H
Heimdal Security Blog
SecWiki News
SecWiki News
H
Hacker News: Front Page
N
News | PayPal Newsroom
L
LINUX DO - 最新话题
N
News and Events Feed by Topic
TaoSecurity Blog
TaoSecurity Blog
AI
AI
C
Cybersecurity and Infrastructure Security Agency CISA
Scott Helme
Scott Helme
PCI Perspectives
PCI Perspectives
S
Securelist
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Cyberwarzone
Cyberwarzone
A
Arctic Wolf
Forbes - Security
Forbes - Security
T
Tor Project blog
Spread Privacy
Spread Privacy
WordPress大学
WordPress大学
I
Intezer
Martin Fowler
Martin Fowler
Help Net Security
Help Net Security
P
Proofpoint News Feed
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Cisco Talos Blog
Cisco Talos Blog
Latest news
Latest news
博客园 - 司徒正美
W
WeLiveSecurity
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
V
V2EX
P
Palo Alto Networks Blog
Google DeepMind News
Google DeepMind News
IT之家
IT之家
阮一峰的网络日志
阮一峰的网络日志
V
Vulnerabilities – Threatpost
Jina AI
Jina AI
S
Security Affairs
Hacker News - Newest:
Hacker News - Newest: "LLM"
Simon Willison's Weblog
Simon Willison's Weblog
Project Zero
Project Zero
T
Threatpost
P
Privacy International News Feed
人人都是产品经理
人人都是产品经理
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Application and Cybersecurity Blog
Application and Cybersecurity Blog
博客园 - Franky
Hugging Face - Blog
Hugging Face - Blog
Apple Machine Learning Research
Apple Machine Learning Research

The Register - Security: CSO

Anthropic's Mythos has The Kettle crew curious, skeptical 'People's Panel' to check if UK wants controversial Digital ID will cost £630K Top npm package backdoored to drop dirty RAT on dev machines Lightning-fast exploits mean patch fast, says Cisco Talos Lightning-fast exploits mean patch fast, says Cisco Talos Smooth criminals talking their way into cloud environments, Google says Cybercrime up 245% since the start of the Iran war Scattered Lapsus$ Hunters seeks women to defraud helpdesks Every day in every way, passwords are getting worse CISA quietly updated ransomware flags on 59 flaws last year Deepfake job seeker applied to work for an AI security firm Deepfake job seeker applied to work for an AI security firm AI-powered cyberattack kits are 'just a matter of time' AI-powered cyberattack kits are 'just a matter of time' FortiGate SSO bug still exploitable despite December patch FortiGate SSO bug still exploitable despite December patch Judge tosses CrowdStrike shareholder suit over 2024 outage DRAM shortage may drive firewall prices higher: analysts Ransomware attacks kept climbing in 2025 as gangs refused to stay dead Around 1,000 systems compromised in ransomware attack on Romanian water agency 1,000 systems pwned in Romanian Waters ransomware attack Half of exposed React servers remain unpatched amid attacks CISA warns spyware crews are breaking into Signal and WhatsApp accounts FCC guts Salt Typhoon telco rules despite espionage risk CISA orders feds to patch Oracle Identity Manager zero-day SEC drops SolarWinds lawsuit that painted a target on CISOs everywhere SEC bails on SolarWinds lawsuit Palo Alto kit sees massive surge in malicious activity amid mystery traffic flood Palo Alto kit sees massive surge in malicious activity Countries use cyber targeting to plan strikes: Amazon CSO Overconfidence is the new zero-day as teams stumble through cyber simulations UK's Cyber Security and Resilience Bill makes Parliamentary debut Cyber insurers paid out over twice as much for UK ransomware attacks last year Cyberpunks mess with Canada's water, energy, and farm systems Trump's workforce cuts blamed as America's cyber edge dulls Feds flag active exploitation of patched Windows SMB vuln How malware vaccines could stop ransomware's rampage Salesforce refuses to pay ransomware crims' extortion demand Germany slams brakes on EU's Chat Control snoopfest Germany slams brakes on EU's Chat Control snoopfest Employees regularly paste company secrets into ChatGPT Oracle tells Clop-targeted EBS users to apply July patch Red Hat repos raided, claims cybercrew, files stolen Suspected Chinese spies broke into 'numerous' enterprises UK gov acknowledges 'strong case' for JLR financial support JLR extends shutdown – again – as toll on workers laid bare UK chancellor blames cyberattacks on Russia despite evidence Fortra discloses 10/10 severity bug in GoAnywhere MFT Entra ID bug could have granted access to every tenant UEFI Secure Boot for Linux Arm64 – where do we stand? JLR says cyber cleanup to take additional week Insider blamed for FinWise data breach affecting nearly 700K Nork snoops whip up fake military ID with help from ChatGPT UK government dragged for incomplete security reforms Church of England abuse victims exposed by lawyer's email US spy chief claims UK backdown on Apple backdoor demand Workday confirms CRM breach via social engineering Black Hat/DEF CON: AI more useful for defense than hacking Ex-White House cyber guru talks Microsoft security fails CISA releases malware analysis for Sharepoint Server attack China: US spies used Microsoft Exchange 0-day to steal info Security pros drowning in threat-intel data Identity attacks surge 156% as phishermen get craftier Organizations can’t keep up with supply chain security musts Amazon CISO: Iranian hacking crews ‘on high alert’ UK data watchdog fines 23andMe £2.3M over 2023 breach Employers are demanding too much from junior cyber recruits FCA warned four staffers who pocketed regulator data Ransomware just wrecked your network – now what? Ivanti RCE attacks 'ongoing,' exploitation hits clouds Ex-NSA listened to Scattered Spider's calls: 'They're good' Snowflake CISO talks lessons learned from breaches, improv Why CVSS is failing us and what we can do about it Infosec pros still aren't nailing the basics of AI security Ransomware crims targeting systems between IT and operations Why aggregating asset inventory leads to better security NCSC and industry at odds over how to tackle shoddy software Powerschool extortionists may not have deleted stolen data CrowdStrike trims workforce by 5 percent, aims to rely on AI Ghost in the shell script: Boffins seek code correctness How Intruder finds what others miss in cloud security Linux malware can avoid syscall-based endpoint protection Infosec pro blabs about alleged malware mishap on LinkedIn The future of AI in cybersecurity in a word – optimistic CVE board 'kept in the dark' on funding, members say Security snafus caused by third parties up from 15% to 30% Blue Shield shared 4.7M people's health info with Google Ads Who needs phishing when your login's already in the wild? US cyber defenses are being dismantled from the inside Bug hunter obtains an SSL cert for Alibaba Cloud in 5 steps
NSO Group must pay Meta $168M in WhatsApp spy case
Iain Thomson Iain Thomson · 2025-05-07 · via The Register - Security: CSO

CSO

Super spyware maker NSO must pay Meta $168M in WhatsApp court battle

Don't f&#k with Zuck

A California jury has awarded Meta more than $167 million in damages from Israeli surveillanceware slinger NSO Group, after the latter exploited a flaw in WhatsApp to allow its government customers to spy on supposedly secure communications.

In May 2019 engineers at WhatsApp discovered a zero-click, zero-day vulnerability in the Meta-owned chat platform that would allow an attacker to install malware on a device with just a single phone call and no requirement on the victim to do anything other than have their handheld switched on. The surveillanceware in question was Pegasus, developed by the NSO Group.

Pegasus is carefully designed to use zero-day vulnerabilities to infect handsets, ideally without any user interaction. Once on a phone, it has access to all and any data the devices contain, including phone records, emails, messages, and video, as well as the location of the device. It can even let its operator turn on the handset's camera and microphone for clandestine recording.

Pegasus compromised around 1,400 WhatsApp accounts, and WhatsApp's engineers patched the flaw within days. But it's very unwise to f**k with billionaire Meta supremo Mark Zuckerberg; he unleashed the lawyers, who filed a lawsuit against NSO that October. On Tuesday, after less than two days of consideration, the eight-person jury handed out a fine that amounts to nearly three times NSO's annual R&D budget, according to Meta's estimates.

In an extra twist of the knife, the company formerly known as Facebook is sharing transcripts of NSO executives' court depositions on its PR website, "so that these records are available to researchers and journalists studying these threats and working to protect the public." The mega-corp added, "We intend to add official court transcripts once they become available."

In a statement to The Register, Meta warned of the continuing threat from the super spyware. "While we stopped the attack vector that exploited our calling system in 2019, Pegasus has had many other spyware installation methods to exploit other companies’ technologies to manipulate people’s devices into downloading malicious code and compromising their phones."

The statement continued, "NSO was forced to admit that it spends tens of millions of dollars annually to develop malware installation methods including through instant messaging, browsers, and operating systems, and that its spyware is capable of compromising iOS or Android devices to this day."

Meta thanked the Canadian nonprofit Citizen Lab for its help in investigating Pegasus. The social networking giant also pledged that if and when NSO Group pays up, it will donate the funds - which amount to 21 hours of profit in its last quarter - to digital-rights groups.

"For a long time there were a handful of us doing mercenary spyware research," said John Scott-Railton, a senior researcher at Citizen Lab.

"Having WhatsApp independently do serious investigating and publicly attribute hacking to NSO Group was huge for helping the rest of the world see the severity of the issue. Thankfully, today this has changed."

Oh what a tangled web we weave

NSO Group has been fighting Meta's lawsuit tooth and nail, and has tried a variety of different legal tactics in the long case. Meta alleged among other things that NSO broke computer abuse and trespass laws.

The spyware maker lost an initial judgment by default when it failed to show up in court, after claiming Facebook hadn't delivered legal documents on time. It also accused Facebook of hypocrisy, claiming executives had approached NSO Group to use its surveillanceware to spy on its own customers.

Next up, NSO argued Facebook couldn't sue it as the software maker only sold to governments, it didn't operate in the US, and so had legal immunity. However, it then came out that a sister company to NSO Group, Westbridge, was caught trying to sell Pegasus to US police.

By 2020 the judge gave a green light for the case to begin in earnest and the discovery process began, allowing the first official glimpses into how NSO was running its operations. A year later, NSO Group tried to claim sovereign immunity yet again - only to be shot down in court.

In November 2021 Apple joined Meta in suing the NSO Group, calling the business "amoral 21st century mercenaries." The case was based around reports that Pegasus was being used to spy on iPhone users and had been found on US, EU, and UK government devices. A lawsuit also claims that the Saudi Arabian government used it to spy on journalists who disagreed with the monarchy, such as the assassinated journalist Jamal Khashoggi. (NSO denied this.)

The US Supreme Court snubbed NSO Group's last-gasp bid at claiming sovereign immunity in 2023, and the case continued. During the discovery process, NSO was forced to cough up its crown jewels - the source code for Pegasus - so Meta could see it.

Last year, a judge finally found the surveillanceware slinger guilty, and the jury sat down on Monday to decide what the penalties should be. Meta's lawyers suggested that the NSO Group's research budget was $60 million, and so that might be a figure to consider. The jury took less than two days to decide they would like a more punitive fine.

In a statement to The Register, the NSO Group said it was considering going back to court to argue for a more favorable decision.

“Today's jury decision marks another step in a lengthy judicial process. We firmly believe that our technology plays a critical role in preventing serious crime and terrorism and is deployed responsibly by authorized government agencies," it said.

"This perspective, validated by extensive real-world evidence and numerous security operations that have saved many lives, including American lives, was excluded from the jury's consideration in this case. We will carefully examine the verdict's details and pursue appropriate legal remedies, including further proceedings and an appeal." ®