Catching NSO Group's Pegasus Spyware
Offered By: media.ccc.de via YouTube
Course Description
Overview
Explore the behind-the-scenes investigation of NSO Group's Pegasus spyware in this 45-minute conference talk. Gain insights into Amnesty International's Security Lab's multi-year tracking efforts and the development of innovative forensic tools to detect the supposedly "undetectable" Pegasus spyware on infected devices. Learn about the open-source Mobile Verification Toolkit (MVT) used to identify traces of Pegasus on activists' and journalists' devices worldwide. Discover the methodology behind the global investigation into Pegasus abuses, including real-world examples from Morocco. Understand how MVT's features, such as ID Status Cache, network log analysis, and timeline functionality, contribute to uncovering sophisticated mobile spyware threats. Examine the impact of publishing forensic methodologies and tools on subsequent case discoveries.
Syllabus
Intro
Pegasus Project Global investigation into abuses of NSO Group's Pegasus abuses.
Pegasus found in-the-wild
A wild Pegasus message appears
Pegasus in Morocco
Mobile Verification Toolkit (MVT)
MVT: ID Status Cache
MVT: Network logs - evidence of infection
MVT: Timeline feature
Cases found following our publication of forensic methodology and tools
Conclusion
Taught by
media.ccc.de
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network