The Citizen Lab co-founded the program with OTF and has been a host organization since its inception. We welcome proposals from fellowship candidates for research projects related to our current thematic areas and applications are open to people from a variety of backgrounds and disciplines and can include students and junior to mid-career practitioners.
In a new study, Citizen Lab sheds light on the massive security threats facing Latin Americans. Citizen Lab and Open Technology Fund (OTF) fellow Beau Kujath in collaboration with SocialTIC finds that mobile applications in Latin America puts millions of users at a security and privacy risk. Beau’s research focuses on three types of mobile… Read more »
We confirm that two members of Serbian civil society were targeted with spyware earlier this year. Both have publicly criticized the Serbian government. We are not naming the individuals at this time by their request. The Citizen Lab’s technical analysis of forensic artifacts was conducted in support of an investigation led by Access Now in collaboration with the SHARE Foundation. Researchers from Amnesty International independently analyzed the cases and their conclusions match our findings.
On June 14, 2022, Bill C-26, an Act respecting cybersecurity, amending the Telecommunications Act and making consequential amendments to other Acts, was introduced into Parliament for the first reading by Canada’s Minister of Public Safety, Marco Mendicino. Hearings on Bill C-26 are scheduled to begin in SECU (the Parliament’s Standing Committee on Public Safety and… Read more »
This report provides a comprehensive guide to geolocation-related threats sourced from 3G, 4G, and 5G network operators. Case studies, references, examples, and evidence are provided to give a complete and contextual understanding of mobile network-based location tracking in order to formulate policies and actions that protect civil society from current and future geolocation surveillance.
بين شهري مايو وسبتمبر 2023، استُهدِف عضو البرلمان المصري السابق أحمد الطنطاوي ببرنامج التجسس Predator من Cytrox عبر روابط أُرسلت إليه عبر رسائل قصيرة و رسائل WhatsApp. وقع الاستهداف بعد أن صرح الطنطاوي علنًا بخطته للترشح لمنصب الرئاسة في الانتخابات المصرية لعام 2024.
Amnesty International’s Security Lab has just published Caught in the Net as part of the European Investigative Collaborations‘ Predator Files, which details a threat actor sending what they assess to be Predator infection links on social media in replies to Twitter / X posts by officials, journalists and other members of civil society. The Citizen… Read more »
Between May and September 2023, former Egyptian MP Ahmed Eltantawy was targeted with Cytrox’s Predator spyware via links sent on SMS and WhatsApp after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian elections. As Egypt is a known customer of Cytrox’s Predator spyware, and the spyware was delivered via network injection from a device located physically inside Egypt, we attribute the attack to the Egyptian government with high confidence.
In an investigative collaboration with Access Now, the Citizen Lab has analyzed forensic artifacts from the iPhone of award-winning exiled Russian investigative journalist Galina Timchenko and found with high confidence that on or around February 10th, 2023 it was infected with NSO Group’s Pegasus spyware.
In this report, we analyze the Windows, Android, and iOS versions of Tencent’s Sogou Input Method, the most popular Chinese-language input method in China. Our analysis found serious vulnerabilities in the app’s custom encryption system and how it encrypts sensitive data. These vulnerabilities could allow a network eavesdropper to decrypt sensitive communications sent by the app, including revealing all keystrokes being typed by the user. Following our disclosure of these vulnerabilities, Sogou released updated versions of the app that identified all of the issues we disclosed.
