Iranian journalists in London “say they fear for their lives after a recent spate of threats and physical attacks,” and I’m willing to bet the regime is leveraging digital attacks against critics too. www.theguardian.com/global-devel...
Updated my post about journalist and spy Vicky Peláez yesterday to include some quotes from @gordoncorera.bsky.social’s book, including that the FBI listened in as she discussed Moscow’s feedback on her husband’s intelligence reports. www.journalistandspy.com/p/vicky-pelaez
She was forced to comply, I don’t know that Denmark or Sweden would be the same.
Have there been any cases in Denmark or Sweden where the authorities have gained access to a journalist’s device using Touch ID or Face ID? Ref: the FBI and WaPo in January.
An investigation by journalists with NRK in Norway and SVT in Sweden found that a multimillion-dollar, prestige ferry project in Lofoten, Norway relies on hydrogen fuel cell technology that "cannot live up to what it promises." www.nrk.no/trondelag/xl...
You have to install the profile before you turn Lockdown Mode on, after that it all works together nicely. www.glitchcat.xyz/p/four-thing...
What’s the issue?
Apple’s Lockdown Mode feature is the best defense we have against spyware on iOS, macOS, watchOS, and iPadOS. Apple launched the feature four years ago and has not yet seen a device with Lockdown Mode on be compromised. techcrunch.com/2026/03/27/a...
We still don't know if Trenchant and L3Harris notified Apple once it learned its iPhone-hacking toolkit had been stolen/leaked. The toolkit was later used to target people in China and Ukraine. techcrunch.com/2026/03/09/a...
Nomma Zarubina, who once drunk-texted an FBI agent saying "Catch me baby. So many spies," is heading to U.S. prison for spying for Russian intelligence. www.occrp.org/en/news/russ...
Worth noting that while the judge rejected the DOJ's request to search the devices seized from Washington Post reporter Hannah Natanson, they did decide that the court "will conduct an independent judicial review of the seized materials" instead. storage.courtlistener.com/recap/gov.us...
Huge win for Hannah Natanson and the Washington Post today: the judge ruled that the government cannot search the devices they seized from her. www.washingtonpost.com/national-sec...
Trenchant and L3Harris had an exec steal internal tools for three *years* — and sell them to a Russian broker — before anyone noticed. cyberscoop.com/l3harris-exe...
Thank you! Happy to chat anytime.
A new investigation from @amnesty.org found that a journalist in Angola was targeted with Predator spyware in 2024. We also know that @citizenlab.ca found links to Predator infrastructure in Angola in 2023, and links to FinFisher infrastructure in 2015. www.amnesty.org/en/latest/ne...
Latest research from @citizenlab.ca shows @cellebrite.bsky.social tech used for human rights abuse in Kenya. Imagine if the company spent more time discussing who *not* to sell to. citizenlab.ca/research/cel...
Two years ago, a Norwegian researcher skeptical that pulsed-energy weapons could do damage to human brains — aka “Havana syndrome” — built a device and tested it on himself. It didn’t go well. Someone from FFI, perhaps? www.washingtonpost.com/national-sec...
Decided to try Claude by revisiting a malware analysis project that I originally presented at OBTS in 2021: the CIA's OS X implant called Green Lambert. It's amazing what you can do with a terminal and ~15 min of free time these days.
My understanding is the emails are only encrypted if sent from one Proton user to another Proton user. So in that case they only have metadata to hand over.
Proton is required to comply with valid legal orders and has a track record of doing so.
The issue here isn’t Signal, but the use of biometrics on the work laptop.
Former exec at exploit development firm Trenchant, owned by L3Harris, admitted to selling internal hacking tools to a Russian broker. Did the company notify the vendors whose products were exploited so that they could be patched? techcrunch.com/2026/02/11/d...
Ah! I was going by work done by the ESET folks, but maybe they only linked Sandworm to parts of the attack?
Russia’s Sandworm is back in the news, having recently been linked to the late December attack on Poland’s power grid. I recommend reading @agreenberg.bsky.social's work on the hacking group, starting with these WIRED articles and his 2019 book. www.wired.com/story/sandwo...
Correct. And because she had linked Signal on the phone to the desktop app, the FBI was able to access her messages.
If you've been laid off by the Washington Post this week and have any questions re: digital security, please email me on runa@granitt.io. I'll help you pro-bono for the rest of the month.
We’ve heard a lot about use of AI to clone the voices of celebrities, execs, and politicians. Here’s a @defcon.bsky.social talk from @helicoptersofdc.bsky.social about cloning the voices of air traffic controllers to give false instructions to pilots. www.youtube.com/watch?v=JKwx...
The issue here was not Signal, but the use of Touch ID for authentication. The agents were able to access her Signal messages because they were able to access the laptop, and she’d linked the mobile app to the desktop app.
