This report describes an extensive malware, phishing, and disinformation campaign active in several Latin American countries, including Ecuador, Argentina, Venezuela, and Brazil. The nature and geographic spread of the targets seems to point to a sponsor, or sponsors, with regional, political interests. The attackers, whom we have named Packrat, have shown a keen and systematic interest in the political opposition and the independent press in so-called ALBA countries (Bolivarian Alternative for the Americas), and their recently allied regimes.

A number of journalists, activists, politicians, and public figures in Latin America have been targeted by a large-scale hacking campaign since 2008, according to a new report from the University of Toronto’s Citizen Lab.

A second audit of South Korea’s Smart Sheriff application reveals that there are numerous unresolved vulnerabilities that put minor children and parental users of the application at serious risk.

두 번째 스마트보안관 감사에서 해당 앱의 자녀용과 부모용을 사용하는 이용자들을 심각한 위험에 노출시키는 취약점이 무수히 해결되지 않은 채 남아있음이 확인되었다.

تقوم شركة فلترة محتوى انترنت كندية بحجب محتوى الانترنت خلال الصراع المسلح في اليمن بطلب من الجماعة المتمردة (الحوثيون) وذلك حسب تقرير جديد من مركز ستيزن لاب في جامعة تورونتو.

A Canadian Internet filtering company, Netsweeper, is blocking Internet content during armed conflict in Yemen following the dictates of the rebel group, the Houthis, according to a new report from the University of Toronto’s Citizen Lab.

Citizen Lab Postdoctoral Fellow Christopher Parsons published a paper titled “Beyond Privacy: Articulating the Broader Harms of Pervasive Mass Surveillance” in Media and Communication. The paper explores how dominant theories of privacy grapple with the pervasive mass surveillance activities undertaken by western signals intelligence activities, including those of the NSA, CSE, GCHQ, GCSB, and ASD.

This report analyzes a campaign of targeted attacks against an NGO working on environmental issues in Southeast Asia. Our analysis reveals connections between these attacks, recent strategic web compromises against Burmese government websites, and previous campaigns targeting groups in the Tibetan community.

This post describes the results of Internet scanning we recently conducted to identify the users of FinFisher, a sophisticated and user-friendly spyware suite sold exclusively to governments. We devise a method for querying FinFisher’s “anonymizing proxies” to unmask the true location of the spyware’s master servers. Since the master servers are installed on the premises of FinFisher customers, tracing the servers allows us to identify which governments are likely using FinFisher. In some cases, we can trace the servers to specific entities inside a government by correlating our scan results with publicly available sources.

As the United Nations General Assembly begins its milestone 70th session, international digital security is high on the agenda. One starting point for discussion is likely to be the International Code of Conduct for Information Security (the “Code”). This analysis explores how the Code has developed over time, impetus behind the changes made, and the potential impact of the Code on international human rights law and its application. It is accompanied by an interactive comparison of the 2015 and 2011 versions of the Code.