An Amnesty International staff member has been targeted by a sophisticated surveillance campaign, in what the organization suspects was a deliberate attempt to spy on its staff by a government hostile to its work.
In early June 2018, an Amnesty International staff member received a suspicious WhatsApp message in Arabic. The text contained details about an alleged protest outside the Saudi embassy in Washington D.C., followed by a link to a website. Investigations by Amnesty International’s technology team revealed that clicking the link would have, according to prior knowledge, installed “Pegasus”, a sophisticated surveillance tool developed by the Israel-based company NSO Group.
Read more on Amnesty International.
h/t, Joe Cadillic
Every admin for any company or NGO needs to be much more careful. We are targets. Our systems (work and personal) are targets.
Met a guy at the London Defcon meetup who claimed to be the admin for a well-known NGO and he was constantly being social engineered, his personal workstations, laptops, tablet and phone attacked. The NGO systems were also under constant attacks.
Be careful out there. And make sure your C-Suite people have the knowledge they need to avoid these sorts of things too. 1 tiny mistake, 1 time. That’s all it takes.