Keir Giles, a prominent expert on Russia, was targeted with a new form of social-engineering attack that leverages App-Specific Passwords. Google links the operation to UNC6293, a Russian state-backed group.
Our preliminary analysis of Bill C-2 situates the legislation within the context of existing research by the Citizen Lab about two potential data-sharing treaties that are most relevant to the new proposed powers being introduced in Bill C-2: the Second Additional Protocol to the Budapest Convention (2AP) and the CLOUD Act. Both of which carry significant constitutional and human rights risks.
On April 29, 2025, a select group of iOS users were notified by Apple that they were targeted with advanced spyware. Among the group were two journalists who consented to the technical analysis of their cases. In this report, we discuss key findings from our forensic analyses of their devices.
Our investigation of a spearphishing campaign that targeted senior members of the World Uyghur Congress in March 2025 reveals a highly-customized attack delivery method. The ruse used by attackers replicates a pattern in which threat actors weaponize software and websites aimed at preserving and supporting marginalized and repressed cultures to target those same communities.
The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs & Public Policy, University of Toronto, focusing on research and development at the intersection of information and communication technologies, human rights, and global security. Learn more.
This new piece co-authored by the Citizen Lab’s Gabrielle Lim discusses the risks of privatized space technology. She and her co-authors highlight that the issue is not private-sector involvement, but the concentration of power in the hands of a few private firms that are “incentivized to serve the surveillance state and further a new kind… Read more »
“Transnational repression is a phenomenon that is only growing in scope, scale and sophistication worldwide,” writes Ron Deibert in his new op-ed for the Globe and Mail.
On June 28, join Citizen Lab director Ron Deibert, author of Chasing Shadows, for this book talk at the Toronto International Festival of Authors.
In the past decade, we have seen a significant shift in how governments talk about misinformation. Many countries now consider or intentionally frame misinformation as a matter of national security or public safety in order to justify the passage of new laws that impose penalties for the spread of information deemed false or other administrative… Read more »
On June 29 at REcon, Citizen Lab senior researcher Bill Marczak and co-presenter Daniel Roethlisberger will recount how they discovered a Pegasus exploit targeting iOS 10 devices back in 2017. They will describe their investigation, analyze the root cause of the vulnerability, detail how the exploit leveraged the vulnerability to gain code execution after boot, and explain how the vulnerability was mitigated.
Irene Poetranto examines Indonesia’s use of domain name system (DNS) redirection as a method of internet censorship in a new essay published by the Carnegie Endowment for International Peace. In Techno-Legal Internet Controls in Indonesia and Their Impact on Free Expression Poetranto explains how DNS redirection, a new type of DNS tampering, was introduced in… Read more »
