Malware, Privacy, Threat Intelligence

UN Security Council launches 1st discussion tackling commercial spyware

The logo of the United Nations is seen in the General Assembly hall before heads of state begin to address the 76th Session of the U.N. General Assembly at UN Headquarters on September 21, 2021 in New York City. International and cyber policy experts are grappling with how much involvement private industry should have when it comes to shaping cyber...
(Photo by Eduardo Munoz-Pool/Getty Images)

The United Nations Security Council convened recently to discuss the implications of commercial spyware for international peace and security, marking the first formal UN discussion on this topic, TechCrunch reports.

The meeting, which was called for by the United States and 15 other nations, sought to address the proliferation and misuse of government and mercenary spyware. While no formal resolutions were proposed, most participating nations, including France, South Korea, and the United Kingdom, emphasized the need for tighter regulation. In contrast, Russia and China dismissed the concerns and criticized the U.S. for its history of surveillance activities. Representatives from Poland and Greece shared their nations’ legislative efforts to regulate spyware following domestic scandals involving software from NSO Group and Intellexa. John Scott-Railton of The Citizen Lab highlighted the global threat posed by spyware, attributing its rise to "a secretive global ecosystem of developers, brokers, middlemen, and boutique firms." He noted that Europe, particularly Barcelona, has become a hotspot for spyware firms.

Related

New AsyncRAT campaign uncovered

Attacks commenced with the delivery of phishing emails with a Dropbox link that downloads a ZIP archive containing an internet shortcut file with a TryCloudflare URL that fetches an LNK file for further compromise, a report from Forcepoint X-Labs showed.

New Lazarus Group campaign targets cryptocurrency wallets

After luring targets into providing their curriculum vitae or GitHub link for fake cryptocurrency, finance, or travel job offers, attackers proceed to share a malicious repository with the project's "minimum viable product," which executes nefarious code eventually resulting in the deployment of stealer malware that targets Windows, macOS, and Linux systems.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

AuthenticityDarknetDeauthentication AttackDictionary AttackDistributed ScansDumpSecDumpster DivingFault Line AttacksGeolocationInference Attack

You can skip this ad in 5 seconds