Runa Sandvik
@runasand.bsky.social
Founder of Granitt, securing journalists and at-risk people around the world.
While leading the internal investigation into the leak at Trenchant, voluntarily meeting with the FBI "multiple times," Peter Williams "signed a contract with the unnamed Russian company worth hundreds of thousands of dollars." You can't make this up. www.wired.com/story/peter-...
October 30, 2025 at 12:16 PM
While leading the internal investigation into the leak at Trenchant, voluntarily meeting with the FBI "multiple times," Peter Williams "signed a contract with the unnamed Russian company worth hundreds of thousands of dollars." You can't make this up. www.wired.com/story/peter-...
Peter Williams, former exec at Trenchant, has pleaded guilty to two counts of stealing trade secrets and selling them to a Russian broker. Williams "even agreed to provide three months’ worth of support or software updates to the products he sold." www.wired.com/story/peter-...
October 30, 2025 at 12:12 PM
Peter Williams, former exec at Trenchant, has pleaded guilty to two counts of stealing trade secrets and selling them to a Russian broker. Williams "even agreed to provide three months’ worth of support or software updates to the products he sold." www.wired.com/story/peter-...
Been a while since we heard from Memento Labs / Hacking Team! This time a government client was caught using an “outdated version of the Windows spyware” and the CEO is “not sure which of the company’s customers were caught.” techcrunch.com/2025/10/28/c...
October 29, 2025 at 9:24 AM
Been a while since we heard from Memento Labs / Hacking Team! This time a government client was caught using an “outdated version of the Windows spyware” and the CEO is “not sure which of the company’s customers were caught.” techcrunch.com/2025/10/28/c...
iOS with Lockdown Mode is still the best defense we have against sophisticated spyware. Here's a snippet from @micahflee.com's keynote at @bsidespdx.bsky.social a few days ago. micahflee.com/practical-de...
October 27, 2025 at 3:31 PM
iOS with Lockdown Mode is still the best defense we have against sophisticated spyware. Here's a snippet from @micahflee.com's keynote at @bsidespdx.bsky.social a few days ago. micahflee.com/practical-de...
Last week, the DOJ accused Peter Williams, a former Trenchant exec, of stealing “trade secrets from two unnamed companies” and “selling them to a buyer in Russia.” Unclear if related to the leak that @lorenzofb.bsky.social covered, but what's going on at LH3Harris? techcrunch.com/2025/10/23/u...
October 23, 2025 at 4:50 PM
Last week, the DOJ accused Peter Williams, a former Trenchant exec, of stealing “trade secrets from two unnamed companies” and “selling them to a buyer in Russia.” Unclear if related to the leak that @lorenzofb.bsky.social covered, but what's going on at LH3Harris? techcrunch.com/2025/10/23/u...
Exploit development shop Trenchant, owned by L3Harris, lost a bunch of internal tools in a “damaging leak” recently. A former employee was targeted with spyware, he claims the company designated him as a scapegoat. This should be bigger news, imo. techcrunch.com/2025/10/21/a...
October 22, 2025 at 9:14 AM
Exploit development shop Trenchant, owned by L3Harris, lost a bunch of internal tools in a “damaging leak” recently. A former employee was targeted with spyware, he claims the company designated him as a scapegoat. This should be bigger news, imo. techcrunch.com/2025/10/21/a...
Been really enjoying this new book about Gunvor Galtung Haavik, a nurse turned secretary for the Norwegian MoFA in Moscow — and KGB spy for 30 years. The KGB used her to get closer to Americans, including Marion Peacock, Lloyd Eddenfield, Bernie G. Britain, and Roy Rhodes.
October 8, 2025 at 10:37 AM
Been really enjoying this new book about Gunvor Galtung Haavik, a nurse turned secretary for the Norwegian MoFA in Moscow — and KGB spy for 30 years. The KGB used her to get closer to Americans, including Marion Peacock, Lloyd Eddenfield, Bernie G. Britain, and Roy Rhodes.
Spent the last week in Taiwan! Such a beautiful country and lots of delicious food. Would love to visit again! 🇹🇼
October 7, 2025 at 1:35 PM
Spent the last week in Taiwan! Such a beautiful country and lots of delicious food. Would love to visit again! 🇹🇼
Working on my skydiving license in between security assessments, keynotes, and research. Here’s my first jump in Empuriabrava, Spain with two instructors and my own parachute.
August 11, 2025 at 12:43 PM
Working on my skydiving license in between security assessments, keynotes, and research. Here’s my first jump in Empuriabrava, Spain with two instructors and my own parachute.
Thanks to ODA-Nettverk for inviting me to keynote Inspiration Day yesterday! Really enjoyed being back in Oslo and talking about the importance of end-to-end encryption.
May 29, 2025 at 7:07 AM
Thanks to ODA-Nettverk for inviting me to keynote Inspiration Day yesterday! Really enjoyed being back in Oslo and talking about the importance of end-to-end encryption.
The Kaspersky researchers who discovered Careto more than a decade ago privately concluded that the group was run by the Spanish government. Careto relied heavily on phishing emails impersonating Spanish newspapers. techcrunch.com/2025/05/23/m...
May 26, 2025 at 4:41 PM
The Kaspersky researchers who discovered Careto more than a decade ago privately concluded that the group was run by the Spanish government. Careto relied heavily on phishing emails impersonating Spanish newspapers. techcrunch.com/2025/05/23/m...
In Chasing Shadows, @rondeibert.bsky.social writes that Ben Hubbard was the first case “of an American journalist being targeted with Pegasus.” Hubbard was targeted in June 2018, but due to “concerns of New York Times management about going public,” @citizenlab.ca didn’t publish until early 2020.
February 15, 2025 at 8:39 AM
In Chasing Shadows, @rondeibert.bsky.social writes that Ben Hubbard was the first case “of an American journalist being targeted with Pegasus.” Hubbard was targeted in June 2018, but due to “concerns of New York Times management about going public,” @citizenlab.ca didn’t publish until early 2020.
In December 2023, the U.K. National Cyber Security Centre published digital security guidance for high-risk people. I always found it odd that the guide made no mention of encrypting data at rest, be it on the device or in the cloud. www.glitchcat.xyz/p/a-look-at-...
February 15, 2025 at 5:42 AM
In December 2023, the U.K. National Cyber Security Centre published digital security guidance for high-risk people. I always found it odd that the guide made no mention of encrypting data at rest, be it on the device or in the cloud. www.glitchcat.xyz/p/a-look-at-...
In May 1984, two top officials from the Norwegian Police Surveillance Agency visited FBIHQ and participated “as guest lecturers at an Advanced Techniques In-Service” at Quantico. The two men uncovered several illegal Soviet spies in Norway, including Arne Treholt.
February 14, 2025 at 4:23 AM
In May 1984, two top officials from the Norwegian Police Surveillance Agency visited FBIHQ and participated “as guest lecturers at an Advanced Techniques In-Service” at Quantico. The two men uncovered several illegal Soviet spies in Norway, including Arne Treholt.
On February 6, The Guardian reported that Paragon had “terminated its client relationship with Italy.” Italy is now denying this, saying “Paragon has never suspended the service and has not terminated its contract.” jpost.com/internationa...
February 13, 2025 at 4:48 PM
On February 6, The Guardian reported that Paragon had “terminated its client relationship with Italy.” Italy is now denying this, saying “Paragon has never suspended the service and has not terminated its contract.” jpost.com/internationa...
Three individuals have publicly stated they received a notification from WhatsApp about being targeted with Paragon spyware. All three have been critical of Giorgia Meloni, Italy's prime minister. The Guardian reported there may be seven victims in Italy. www.theguardian.com/technology/2...
February 8, 2025 at 1:28 PM
Three individuals have publicly stated they received a notification from WhatsApp about being targeted with Paragon spyware. All three have been critical of Giorgia Meloni, Italy's prime minister. The Guardian reported there may be seven victims in Italy. www.theguardian.com/technology/2...
The Guardian reported that Paragon's spyware was "delivered to targets who were placed on group chats without their permission, and sent malware through PDFs in the group chat." Wonder if either of those steps were visible to the victims? theguardian.com/technology/2...
February 8, 2025 at 11:28 AM
The Guardian reported that Paragon's spyware was "delivered to targets who were placed on group chats without their permission, and sent malware through PDFs in the group chat." Wonder if either of those steps were visible to the victims? theguardian.com/technology/2...
Paragon and Pegasus have both leveraged WhatsApp to silently install spyware onto people's devices -- with no user interaction. Paragon used the ability to send malicious PDF documents in 2024, Pegasus used the call functionality in 2019. www.reuters.com/technology/c...
February 8, 2025 at 11:21 AM
Paragon and Pegasus have both leveraged WhatsApp to silently install spyware onto people's devices -- with no user interaction. Paragon used the ability to send malicious PDF documents in 2024, Pegasus used the call functionality in 2019. www.reuters.com/technology/c...
Greece, Hungary, Poland, Spain all have a history of using Pegasus and Predator to target journalists and other members of civil society. Paragon victims include individuals in Greece and Spain. www.euractiv.com/section/tech...
February 6, 2025 at 4:38 PM
Greece, Hungary, Poland, Spain all have a history of using Pegasus and Predator to target journalists and other members of civil society. Paragon victims include individuals in Greece and Spain. www.euractiv.com/section/tech...
I sincerely hope Paragon steps up and doesn’t stick its head in the sand like NSO did. Lots of unanswered questions still. techcrunch.com/2025/02/04/s...
February 6, 2025 at 12:27 PM
I sincerely hope Paragon steps up and doesn’t stick its head in the sand like NSO did. Lots of unanswered questions still. techcrunch.com/2025/02/04/s...
On Tuesday, Paragon confirmed to @lorenzofb.bsky.social that it sells to “the United States and its allies.” Given the news that Paragon spyware was used to target civil society, you have to wonder if EO 14093 on spyware from 2023 will affect this relationship. techcrunch.com/2025/02/04/s...
February 6, 2025 at 12:15 PM
On Tuesday, Paragon confirmed to @lorenzofb.bsky.social that it sells to “the United States and its allies.” Given the news that Paragon spyware was used to target civil society, you have to wonder if EO 14093 on spyware from 2023 will affect this relationship. techcrunch.com/2025/02/04/s...
We now know that Paragon spyware victims include one activist in Sweden; one activist and one journalist in Italy. I suspect this is just the tip of the iceberg. techcrunch.com/2025/02/05/p...
February 6, 2025 at 11:29 AM
We now know that Paragon spyware victims include one activist in Sweden; one activist and one journalist in Italy. I suspect this is just the tip of the iceberg. techcrunch.com/2025/02/05/p...
WhatsApp recently notified individuals in “over two dozen countries” that they’d been targeted with Paragon spyware. Lots of unanswered question still, but good on WhatsApp for referring civil society victims to Citizen Lab for assistance. www.reuters.com/technology/c...
February 3, 2025 at 3:45 PM
WhatsApp recently notified individuals in “over two dozen countries” that they’d been targeted with Paragon spyware. Lots of unanswered question still, but good on WhatsApp for referring civil society victims to Citizen Lab for assistance. www.reuters.com/technology/c...
11 months, 11 tunnels, 13:35 hours.
January 30, 2025 at 7:46 PM
11 months, 11 tunnels, 13:35 hours.
TIL @emiratesairways.bsky.social has in-flight Tetris with a per-plane scoreboard. So next time you are on a 380, go see if my name is listed there.
January 28, 2025 at 10:35 PM
TIL @emiratesairways.bsky.social has in-flight Tetris with a per-plane scoreboard. So next time you are on a 380, go see if my name is listed there.