Donncha Ó Cearbhaill
@donncha.is
Head of Security Lab - Amnesty International
Hunting spyware and unlawful surveillance targeting activists and civil society.
For help with digital forensics or suspect spyware threats contact: https://securitylab.amnesty.org/get-help/
Hunting spyware and unlawful surveillance targeting activists and civil society.
For help with digital forensics or suspect spyware threats contact: https://securitylab.amnesty.org/get-help/
Reposted by Donncha Ó Cearbhaill
This is amazing research by Nadia Heninger and her co-authors Wenyi Morty Zhang, Annie Dai, Keegan Ryan, Dave Levin and Aaron Schulman. TL;DR a huge number of satellite links over our heads are totally unencrypted. satcom.sysnet.ucsd.edu
🛰️ SATCOM Security
Research project homepage for SATCOM Security: papers, source code, and recent satellite communications vulnerabilities.
satcom.sysnet.ucsd.edu
October 14, 2025 at 1:16 AM
This is amazing research by Nadia Heninger and her co-authors Wenyi Morty Zhang, Annie Dai, Keegan Ryan, Dave Levin and Aaron Schulman. TL;DR a huge number of satellite links over our heads are totally unencrypted. satcom.sysnet.ucsd.edu
Reposted by Donncha Ó Cearbhaill
SCOOP: Spyware maker NSO Group confirmed to us that the company has been acquired by a U.S. investment group.
NSO's spokesperson said the group "has invested tens of millions of dollars in the company and has acquired controlling ownership," but declined to say who is behind the investment.
NSO's spokesperson said the group "has invested tens of millions of dollars in the company and has acquired controlling ownership," but declined to say who is behind the investment.
Spyware maker NSO Group confirms acquisition by US investors | TechCrunch
NSO Group confirmed to TechCrunch that an unnamed group of American investors has taken “controlling ownership” of the surveillance tech maker.
techcrunch.com
October 10, 2025 at 3:54 PM
SCOOP: Spyware maker NSO Group confirmed to us that the company has been acquired by a U.S. investment group.
NSO's spokesperson said the group "has invested tens of millions of dollars in the company and has acquired controlling ownership," but declined to say who is behind the investment.
NSO's spokesperson said the group "has invested tens of millions of dollars in the company and has acquired controlling ownership," but declined to say who is behind the investment.
Reposted by Donncha Ó Cearbhaill
If you're based in Berlin, there's an event this Tuesday on spyware, hosted by @amnestyuk.bsky.social and @papertrailmedia.de. It includes workshops by @donncha.is, @jurrevanbergen.nl, and others, drop-in sessions, and a panel. Tickets are still available: www.hebbel-am-ufer.de/programm/pde...
Amnesty International
Digital Surveillance: How States Are Spying on the Resistance
www.hebbel-am-ufer.de
September 28, 2025 at 12:11 PM
If you're based in Berlin, there's an event this Tuesday on spyware, hosted by @amnestyuk.bsky.social and @papertrailmedia.de. It includes workshops by @donncha.is, @jurrevanbergen.nl, and others, drop-in sessions, and a panel. Tickets are still available: www.hebbel-am-ufer.de/programm/pde...
Reposted by Donncha Ó Cearbhaill
Reposted by Donncha Ó Cearbhaill
Join us?
💥Workshops w/ @papertrailmedia.de @amnesty.de @interseclab.bsky.social
💥Dig. Security Clinic w/ @accessnow.org, @pressefreiheit.bsky.social&Tact. Tech
💥Panel w/ @donncha.is @sophieintveld.bsky.social @davidyambio.bsky.social @anjaosterhaus.bsky.social
&Art by @forensicarchi.bsky.social
💥Workshops w/ @papertrailmedia.de @amnesty.de @interseclab.bsky.social
💥Dig. Security Clinic w/ @accessnow.org, @pressefreiheit.bsky.social&Tact. Tech
💥Panel w/ @donncha.is @sophieintveld.bsky.social @davidyambio.bsky.social @anjaosterhaus.bsky.social
&Art by @forensicarchi.bsky.social
September 26, 2025 at 9:46 AM
Join us?
💥Workshops w/ @papertrailmedia.de @amnesty.de @interseclab.bsky.social
💥Dig. Security Clinic w/ @accessnow.org, @pressefreiheit.bsky.social&Tact. Tech
💥Panel w/ @donncha.is @sophieintveld.bsky.social @davidyambio.bsky.social @anjaosterhaus.bsky.social
&Art by @forensicarchi.bsky.social
💥Workshops w/ @papertrailmedia.de @amnesty.de @interseclab.bsky.social
💥Dig. Security Clinic w/ @accessnow.org, @pressefreiheit.bsky.social&Tact. Tech
💥Panel w/ @donncha.is @sophieintveld.bsky.social @davidyambio.bsky.social @anjaosterhaus.bsky.social
&Art by @forensicarchi.bsky.social
Reposted by Donncha Ó Cearbhaill
For more than a year I’ve spoken with Scattered Spider “caller” Noah Urban from a Florida jail. I wanted to know how they chose victims, their methods and how Noah became entangled in a virtually and physically violent world.
We’re publishing his story today: www.bloomberg.com/news/feature...
We’re publishing his story today: www.bloomberg.com/news/feature...
‘I Was a Weird Kid’: Jailhouse Confessions of a Teen Hacker
Noah Urban’s role in the notorious Scattered Spider gang was talking people into unwittingly giving criminals access to sensitive computer systems.
www.bloomberg.com
September 19, 2025 at 11:46 AM
For more than a year I’ve spoken with Scattered Spider “caller” Noah Urban from a Florida jail. I wanted to know how they chose victims, their methods and how Noah became entangled in a virtually and physically violent world.
We’re publishing his story today: www.bloomberg.com/news/feature...
We’re publishing his story today: www.bloomberg.com/news/feature...
Reposted by Donncha Ó Cearbhaill
Staatliche digitale Überwachung der Zivilgesellschaft: Am 30.9. bringen Amnesty und das HAU in Berlin Journalist*innen, Aktivist*innen, Technolog*innen, politische Entscheidungsträger*innen und die von Spionageprogrammen Betroffenen zusammen. Infos & Anmeldung 👇
www.hebbel-am-ufer.de/programm/pde...
www.hebbel-am-ufer.de/programm/pde...
Amnesty International
Digital Surveillance: How States Are Spying on the Resistance
www.hebbel-am-ufer.de
September 17, 2025 at 8:55 AM
Staatliche digitale Überwachung der Zivilgesellschaft: Am 30.9. bringen Amnesty und das HAU in Berlin Journalist*innen, Aktivist*innen, Technolog*innen, politische Entscheidungsträger*innen und die von Spionageprogrammen Betroffenen zusammen. Infos & Anmeldung 👇
www.hebbel-am-ufer.de/programm/pde...
www.hebbel-am-ufer.de/programm/pde...
Reposted by Donncha Ó Cearbhaill
There is no more time for excuses: as the evidence of Israel’s genocide continues to mount the international community cannot claim they didn’t know.
September 16, 2025 at 1:37 PM
There is no more time for excuses: as the evidence of Israel’s genocide continues to mount the international community cannot claim they didn’t know.
Reposted by Donncha Ó Cearbhaill
We are announcing Bugbane, an open-source Android app that makes consensual mobile forensics more accessible. It's compatible with MVT and AndroidQF.
Now in an open-beta, we are calling for community feedbacks before a general public release by EOY!
osservatorionessuno.org/blog/2025/09...
Now in an open-beta, we are calling for community feedbacks before a general public release by EOY!
osservatorionessuno.org/blog/2025/09...
Bugbane: Simplifying consensual Android forensics
Bugbane: Simplifying consensual Android forensics
osservatorionessuno.org
September 6, 2025 at 2:42 PM
We are announcing Bugbane, an open-source Android app that makes consensual mobile forensics more accessible. It's compatible with MVT and AndroidQF.
Now in an open-beta, we are calling for community feedbacks before a general public release by EOY!
osservatorionessuno.org/blog/2025/09...
Now in an open-beta, we are calling for community feedbacks before a general public release by EOY!
osservatorionessuno.org/blog/2025/09...
Reposted by Donncha Ó Cearbhaill
🚨Out today: In Pakistan können jederzeit über 4 Mill. Menschen gleichzeitig willkürlich überwacht werden.
Die Technik („LIMS“) stammt vom deutschen Unternehmen Utimaco und ist eigentlich im Export kontrolliert. Unsere neue, einjährige Recherche von @amnesty.de @amnesty.org & Partner*innen zeigt:
Die Technik („LIMS“) stammt vom deutschen Unternehmen Utimaco und ist eigentlich im Export kontrolliert. Unsere neue, einjährige Recherche von @amnesty.de @amnesty.org & Partner*innen zeigt:
September 9, 2025 at 8:31 AM
🚨Out today: In Pakistan können jederzeit über 4 Mill. Menschen gleichzeitig willkürlich überwacht werden.
Die Technik („LIMS“) stammt vom deutschen Unternehmen Utimaco und ist eigentlich im Export kontrolliert. Unsere neue, einjährige Recherche von @amnesty.de @amnesty.org & Partner*innen zeigt:
Die Technik („LIMS“) stammt vom deutschen Unternehmen Utimaco und ist eigentlich im Export kontrolliert. Unsere neue, einjährige Recherche von @amnesty.de @amnesty.org & Partner*innen zeigt:
Great Firewall Export: A new investigation by @amnesty.org
and partners reveals how Geedge Networks, a Chinese company is commercializing the tech behind China's notorious "Great Firewall".
A huge leak of Geedge data reveal their products, deployed in China, Pakistan, and Myanmar among others.
and partners reveals how Geedge Networks, a Chinese company is commercializing the tech behind China's notorious "Great Firewall".
A huge leak of Geedge data reveal their products, deployed in China, Pakistan, and Myanmar among others.
September 9, 2025 at 12:51 PM
Great Firewall Export: A new investigation by @amnesty.org
and partners reveals how Geedge Networks, a Chinese company is commercializing the tech behind China's notorious "Great Firewall".
A huge leak of Geedge data reveal their products, deployed in China, Pakistan, and Myanmar among others.
and partners reveals how Geedge Networks, a Chinese company is commercializing the tech behind China's notorious "Great Firewall".
A huge leak of Geedge data reveal their products, deployed in China, Pakistan, and Myanmar among others.
Reposted by Donncha Ó Cearbhaill
BREAKING: Amnesty International research found illegal surveillance mass targeted surveillance with LIMS from Utimaco and Datafusion and Chinese commercialized Great Firewall provider active in Pakistan through a leak of documents of Geedge Networks. 🧵#BreakTheFirewall
September 9, 2025 at 7:19 AM
BREAKING: Amnesty International research found illegal surveillance mass targeted surveillance with LIMS from Utimaco and Datafusion and Chinese commercialized Great Firewall provider active in Pakistan through a leak of documents of Geedge Networks. 🧵#BreakTheFirewall
Reposted by Donncha Ó Cearbhaill
If youre going to the Global Gathering. I'd like to invite you on the 9th of September at 15:00-1600 to circle 3 where we'll detail our new investigation "Inside a Cross-Border Investigation on Surveillance and Censorship Tech" w/ InterSecLab.
wiki.digitalrights.community/index.php?ti...
wiki.digitalrights.community/index.php?ti...
September 9 2025 Agenda - TCU Wiki
wiki.digitalrights.community
September 7, 2025 at 3:35 PM
If youre going to the Global Gathering. I'd like to invite you on the 9th of September at 15:00-1600 to circle 3 where we'll detail our new investigation "Inside a Cross-Border Investigation on Surveillance and Censorship Tech" w/ InterSecLab.
wiki.digitalrights.community/index.php?ti...
wiki.digitalrights.community/index.php?ti...
Reposted by Donncha Ó Cearbhaill
A spyware vendor was behind a recent campaign that abused a vulnerability in WhatsApp to deliver an exploit capable of hacking into iPhones and Macs.
WhatsApp fixes 'zero-click' bug used to hack Apple users with spyware | TechCrunch
A spyware vendor was behind a recent campaign that abused a vulnerability in WhatsApp to deliver an exploit capable of hacking into iPhones and Macs.
techcrunch.com
August 29, 2025 at 6:19 PM
A spyware vendor was behind a recent campaign that abused a vulnerability in WhatsApp to deliver an exploit capable of hacking into iPhones and Macs.
Reposted by Donncha Ó Cearbhaill
I can’t believe we are watching the deliberate starvation in Gaza and are this helpless. How is this 2025? How did we as a human race allow this to happen? How?
July 26, 2025 at 7:58 PM
I can’t believe we are watching the deliberate starvation in Gaza and are this helpless. How is this 2025? How did we as a human race allow this to happen? How?
Reposted by Donncha Ó Cearbhaill
🚨BREAKING: The last journalists working for AFP in Gaza have said they can no longer work for the news agency.
They are out of energy and they are starving to death.
I have never seen a statement from a news organisation like it.
🧵
They are out of energy and they are starving to death.
I have never seen a statement from a news organisation like it.
🧵
July 21, 2025 at 8:55 PM
🚨BREAKING: The last journalists working for AFP in Gaza have said they can no longer work for the news agency.
They are out of energy and they are starving to death.
I have never seen a statement from a news organisation like it.
🧵
They are out of energy and they are starving to death.
I have never seen a statement from a news organisation like it.
🧵
Reposted by Donncha Ó Cearbhaill
According to a DOJ IG report released this week, the Sinaloa cartel identified an FBI official working at the U.S. Embassy in Mexico, tracked him via phone location data, tapped into Mexico’s surveillance camera network, & killed an unspecified number of informants.
www.reuters.com/world/americ...
www.reuters.com/world/americ...
Sinaloa cartel used phone data and surveillance cameras to find FBI informants, DOJ says
A hacker working for the Sinaloa drug cartel was able to obtain an FBI official's phone records and use Mexico City's surveillance cameras to help track and kill the agency's informants in 2018, the U.S. Justice Department said in a report issued on Thursday.
www.reuters.com
June 27, 2025 at 9:54 PM
According to a DOJ IG report released this week, the Sinaloa cartel identified an FBI official working at the U.S. Embassy in Mexico, tracked him via phone location data, tapped into Mexico’s surveillance camera network, & killed an unspecified number of informants.
www.reuters.com/world/americ...
www.reuters.com/world/americ...
Reposted by Donncha Ó Cearbhaill
Wrote for @theguardian.com about Ballymena and Northern Ireland's long history of violence against women ⬇️
www.theguardian.com/commentisfre...
www.theguardian.com/commentisfre...
The Ballymena violence has nothing to do with ‘protecting women’. It is racism, pure and simple | Sarah Creighton
Northern Ireland has always seen high levels of violence against women and girls. Blaming migrants is a useful way to distract from that, says political commentator from Northern Ireland Sarah Creight...
www.theguardian.com
June 14, 2025 at 8:13 AM
Wrote for @theguardian.com about Ballymena and Northern Ireland's long history of violence against women ⬇️
www.theguardian.com/commentisfre...
www.theguardian.com/commentisfre...
Reposted by Donncha Ó Cearbhaill
The-dog-ate-my-homework pretext for delaying the spyware abuse trial in Greece. One of the rare cases in Europe that made it to the court. Most spyware victims have no real legal remedy, impunity reigns for spyware abuse.
Lost in Translation: Predator Spyware Trial in Greece Delayed Amid Interpreter Shortage
Well, well, isn't that convenient? www.dnews.gr/eidhseis/new...
Well, well, isn't that convenient? www.dnews.gr/eidhseis/new...
Lost in Translation: Predator Spyware Trial in Greece Delayed Amid Interpreter Shortage - Dnews
The high-profile trial linked to Greece’s surveillance scandal has been postponed indefinitely, after a failure to translate key court documents into English. The case, heard at the Athens Single-Memb...
www.dnews.gr
May 19, 2025 at 8:08 PM
The-dog-ate-my-homework pretext for delaying the spyware abuse trial in Greece. One of the rare cases in Europe that made it to the court. Most spyware victims have no real legal remedy, impunity reigns for spyware abuse.
Reposted by Donncha Ó Cearbhaill
I'm thinking of all of the countless victims, only a fraction of which we @citizenlab.ca @accessnow.org @amnesty.org and others identified of NSO Group's malicious sales to ruthless despots and corrupt security agencies.
Never let bullies win.
Never let bullies win.
In a stunning defeat for the #spyware industry, an Oakland jury has directed Pegasus maker NSO Group to pay Meta's WhatsApp $167 million in punitive damages for routing its attacks through the company's servers. GIFT LINK wapo.st/4jLGYKz
Spyware maker NSO ordered to pay $167 million for hacking WhatsApp
Jury hits NSO with punitive damages after first public legal reckoning for Israel-based maker of spy software banned from use in U.S.
wapo.st
May 6, 2025 at 9:17 PM
I'm thinking of all of the countless victims, only a fraction of which we @citizenlab.ca @accessnow.org @amnesty.org and others identified of NSO Group's malicious sales to ruthless despots and corrupt security agencies.
Never let bullies win.
Never let bullies win.
Reposted by Donncha Ó Cearbhaill
⚠️ NSO Group is paving a path back Into Trump’s 🇺🇸America.
The 🇮🇱Israeli #spyware maker, still on the US Commerce Department’s “blacklist,” has hired a new lobbying firm with direct ties to the Trump administration.
Here's my investigation for @wired.com.
The 🇮🇱Israeli #spyware maker, still on the US Commerce Department’s “blacklist,” has hired a new lobbying firm with direct ties to the Trump administration.
Here's my investigation for @wired.com.
The Israeli spyware maker, still on the US Commerce Department’s “blacklist,” has hired a new lobbying firm with direct ties to the Trump administration, a WIRED investigation has found.
Spyware Maker NSO Group Is Paving a Path Back Into Trump’s America
The Israeli spyware maker, still on the US Commerce Department’s “blacklist,” has hired a new lobbying firm with direct ties to the Trump administration, a WIRED investigation has found.
wrd.cm
April 10, 2025 at 6:19 AM
⚠️ NSO Group is paving a path back Into Trump’s 🇺🇸America.
The 🇮🇱Israeli #spyware maker, still on the US Commerce Department’s “blacklist,” has hired a new lobbying firm with direct ties to the Trump administration.
Here's my investigation for @wired.com.
The 🇮🇱Israeli #spyware maker, still on the US Commerce Department’s “blacklist,” has hired a new lobbying firm with direct ties to the Trump administration.
Here's my investigation for @wired.com.
Reposted by Donncha Ó Cearbhaill
Crossing into the United States has become increasingly dangerous for digital privacy, not only for non-citizens but for Americans as well.
Here are a few steps you can take to minimize the risk of Customs and Border Protection accessing your data:
Here are a few steps you can take to minimize the risk of Customs and Border Protection accessing your data:
How to Enter the US With Your Digital Privacy Intact
Crossing into the United States has become increasingly dangerous for digital privacy. Here are a few steps you can take to minimize the risk of Customs and Border Protection accessing your data.
www.wired.com
April 8, 2025 at 2:28 PM
Crossing into the United States has become increasingly dangerous for digital privacy, not only for non-citizens but for Americans as well.
Here are a few steps you can take to minimize the risk of Customs and Border Protection accessing your data:
Here are a few steps you can take to minimize the risk of Customs and Border Protection accessing your data:
📢 NEW: Investigative journalists in Serbia targeted with Pegasus spyware
Our team at @amnesty.org's Security Lab have found new evidence that Serbian authorities continue using NSO Group's Pegasus spyware against Serbian civil society.
securitylab.amnesty.org/latest/2025/...
Our team at @amnesty.org's Security Lab have found new evidence that Serbian authorities continue using NSO Group's Pegasus spyware against Serbian civil society.
securitylab.amnesty.org/latest/2025/...
Journalists targeted with Pegasus spyware - Amnesty International Security Lab
Amnesty International has found evidence that two journalists at the Serbia-based Balkan Investigative Reporting Network (“BIRN”), an award-winning network of investigative journalists, were targeted ...
securitylab.amnesty.org
March 27, 2025 at 1:08 PM
📢 NEW: Investigative journalists in Serbia targeted with Pegasus spyware
Our team at @amnesty.org's Security Lab have found new evidence that Serbian authorities continue using NSO Group's Pegasus spyware against Serbian civil society.
securitylab.amnesty.org/latest/2025/...
Our team at @amnesty.org's Security Lab have found new evidence that Serbian authorities continue using NSO Group's Pegasus spyware against Serbian civil society.
securitylab.amnesty.org/latest/2025/...
Reposted by Donncha Ó Cearbhaill
NEW REPORT: Our first investigation into Israel-based spyware company Paragon Solutions reveals multiple threads linked to the proliferation of its mercenary #spyware operations across the globe.
Read it here: citizenlab.ca/2025/03/a-fi...
Read it here: citizenlab.ca/2025/03/a-fi...
Virtue or Vice? A First Look at Paragon’s Proliferating Spyware Operations - The Citizen Lab
In our first investigation into Israel-based spyware company, Paragon Solutions, we begin to untangle multiple threads connected to the proliferation of Paragon's mercenary spyware operations across t...
citizenlab.ca
March 19, 2025 at 2:33 PM
NEW REPORT: Our first investigation into Israel-based spyware company Paragon Solutions reveals multiple threads linked to the proliferation of its mercenary #spyware operations across the globe.
Read it here: citizenlab.ca/2025/03/a-fi...
Read it here: citizenlab.ca/2025/03/a-fi...
Reposted by Donncha Ó Cearbhaill
📢NEW: The alarming discovery that Paragon’s Graphite spyware has been used against activists and journalists in Italy underscores Europe's worsening digital surveillance crisis, fuelled by a laissez-faire approach to regulation of the industry. via @donncha.is
www.amnesty.org/en/latest/ne...
www.amnesty.org/en/latest/ne...
Europe: Paragon attacks highlight Europe’s growing spyware crisis
The use of Paragon’s Graphite spyware against human rights defenders and journalists highlights the growing spyware crisis in Europe.
www.amnesty.org
March 19, 2025 at 3:04 PM
📢NEW: The alarming discovery that Paragon’s Graphite spyware has been used against activists and journalists in Italy underscores Europe's worsening digital surveillance crisis, fuelled by a laissez-faire approach to regulation of the industry. via @donncha.is
www.amnesty.org/en/latest/ne...
www.amnesty.org/en/latest/ne...