Attacks/Breaches

7/6/2018
11:20 AM
50%
50%

Former NSO Group Employee Steals, Sells Spy Tools

The Israeli hacking firm says its stolen software is worth hundreds of millions of dollars.

NSO Group reports a former employee stole mobile hacking tools and tried to sell them on the Dark Web for $50 million in digital currency, according to a new indictment.

The Israeli hacking firm, primarily known for selling malware to break into iPhones, believes its mobile spy tools might have been sold to threat actors. A former employee allegedly stole malware, worth hundreds of millions of dollars, prior to his dismissal and attempted to sell it. The person he contacted as a potential buyer reported the illicit activity to NSO Group.

On June 5, officials arrested a suspect who previously worked for NSO Group as a senior programmer with access to corporate servers and privately owned tools, Reuters reports. He has been charged with employee theft, attempting to sell security software unlawfully, and attempting to harm property in a way that could prove harmful to state security.

Read more details here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
MelBrandle
50%
50%
MelBrandle,
User Rank: Apprentice
12/23/2018 | 1:15:09 AM
Money is the root of evil.
I wouldn't be surprised that there's a huge demand for such technology and if this employee has felt that the company has done something wrong against him, I wouldn't be surprised that he's felt he needs to try and get a little something-something out of the business before he leaves. It's definitely not the right thing to do, but I can certainly see why he would want to do it. Money is the root of all evil after all.
StephenGiderson
50%
50%
StephenGiderson,
User Rank: Apprentice
12/14/2018 | 3:47:09 AM
Be on guard
This is not the first coverage I have read whereby usually the employees of that very company are the ones to be doing all the dirty work. Most of the time it is about money whereas on other occasions, it could be out of spite. This is when the recruitment department needs to be on guard and perform intense analysis before hiring any new individuals especially for their security department.
New Free Tool Scans for Chrome Extension Safety
Dark Reading Staff 2/21/2019
Making the Case for a Cybersecurity Moon Shot
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  2/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6485
PUBLISHED: 2019-02-22
Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5...
CVE-2019-9020
PUBLISHED: 2019-02-22
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc...
CVE-2019-9021
PUBLISHED: 2019-02-22
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file...
CVE-2019-9022
PUBLISHED: 2019-02-22
An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects php_parser...
CVE-2019-9023
PUBLISHED: 2019-02-22
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regcom...