Blog

Week Ending: 23rd July - A Roundup in I.T. & Tech News

Back to Blog

WEEK ENDING: 23rd July – A ROUNDUP IN I.T. & TECH NEWS

Thank goodness it’s Friday. It’s certainly been a hot week, so grab yourself a cold drink because it’s time for our Weekly Roundup. Bringing you up to date on the latest developments in the I.T. and Tech world.

This week we cover everything from Amnesty International releasing a new tool to check whether invasive spyware has been secretly installed on your mobile, hackers demanding $50m from Saudi Aramco following a data leak and Zoom offering team-building games.

Let’s get you up to speed.

Pegasus: Amnesty releases new tool to check if invasive spyware is installed on mobiles

Not-for-profit organisation, Amnesty International, has this week released a toolkit called Mobile Verification Toolkit (MVT) to help people identify if their phone was secretly monitored by Pegasus, the military-grade spyware.

The announcement came after a leaked list of 50,000 phone numbers was obtained by journalism non-profit, Forbidden Stories and Amnesty.

The spyware, Pegasus, built by Israeli firm NSO Group, infects iPhones and Android devices allowing operators to extract messages, photos and emails, record calls and secretly activate microphones and cameras.

Early versions of the software required users to click malicious links, giving unauthorised access to the victim’s private data including passwords, calls, texts, and emails, however, experts now believe the software has advanced so that targets don’t need to click anything to have the spyware installed.

NSO Group said the software is intended for use against criminals and terrorists and made available to only military, law enforcement and intelligence agencies.

However, the list of 50,000 numbers of alleged potential targets has been released following the NSO Group hack. This list has caused an uproar as one of the numbers belonged to French President, Emmanuel Macron.

So how does the toolkit work? It starts by scanning a backup of the phone for any evidence that it has been hacked. This then creates a number of files that show the results of the scan, if the phone has been compromised the files will say so.

Claudio Guarnieri, director of Amnesty International’s Security Lab, commented:

“There are a bunch of different pieces, essentially, and they all fit together very well. There’s no doubt in my mind that what we’re looking at is Pegasus because the characteristics are very distinct and all of the traces that we see confirm each other.”

Of those who were on the list, 67 agreed to give Forbidden Stories their phones for forensic analysis. The research, conducted by Amnesty International Security Labs, found evidence of potential targeting by Pegasus on 37 of them!

Read more here.

Hackers reportedly demand $50m from Saudi Aramco over data leak

Global energy giant, Saudi Aramco, is currently being held ransom by cybercriminals following a recent data breach. The data which is currently held by the hackers is being used to extort $50m (£36.5m) from the business, leading many to criticise their lack of cyber security.

The Saudi Arabian oil and gas provider has announced this incident was due to a contractor, however they do not mention which one was affected nor whether the contractor has been hacked or if the files were leaked.

According to the Associated Press (AP), one terabyte (1,000 gigabytes) of Aramco’s data is being held by extortionists, citing a page on the darknet. The hacker has offered to delete the data in exchange for $50m in a niche cryptocurrency, Monero, which is particularly difficult for authorities to trace. However, the post also offered prospective buyers the chance to purchase the data for roughly $5m.

Aramco commented to the press:

“We have recently become aware of the indirect release of a limited amount of company data which was held by third-party contractors. We confirm that the release of data was not due to a breach of our systems, has no impact on our operations, and the company continues to maintain a robust cyber security posture.”

This is the second time this year that an industry player has come under attack from cyber criminals, after the Colonial Pipeline in the US was targeted by hackers in May. These attacks have led to fear that critical national infrastructure assets could increasingly come under assault from cyber criminals.

Explore more here.

Zoom rolls out new product offering geared at the hybrid workforce

Video conferencing platform, Zoom, is integrating third-party apps into its meetings to stay ahead post-pandemic. Zoom Apps will have all the functionality of video meetings with the addition of apps and games designed to make meetings more engaging, more productive, and even more fun.

With many companies opting for a hybrid approach to working, Zoom wishes to maintain the 300 million daily meeting participants and compete with rivals, Microsoft Teams. The launch of its latest product, Zoom Apps is therefore perfectly timed.

Zoom Apps is designed to boost productivity and let users stay focused on workflows by incorporating their favourite apps into meetings.

There are over 50 Zoom Apps available now, ranging from enterprise to consumer use cases, including whiteboarding, project management, note-taking, and video games. Some of the popular apps available include the meeting planning app Asana, Dropbox Spaces, Dot Collector and Heads Up! which allows for real-time feedback, polling, file storage and interactive games.

Ross Mayfield, Zoom’s product lead explains how he sees apps being used in Zoom:

“Using apps for things like taking notes, whiteboarding, logging action items and managing your tasks to make you more productive. Game developers are actually building games specifically for team-building exercises, icebreakers and kind of keeping that social connectivity in the changing world.”

It is not yet clear how much people will continue to use Zoom and similar video conferencing services as the world continues to ease lockdowns after the Covid-19 pandemic, however, Zoom Apps will bring a new level of engagement to remote working.

Discover more here.

Those were just some of this week’s top stories but if you want more content, follow us across our four social media channels: