Original Research
These are investigative and technical research reports I authored or co-authored:
- Forensic Methodology Report: How to catch NSO Group's Pegasus
- German-made FinSpy spyware found in Egypt, and Mac and Linux versions revealed
- Moroccan Journalist Targeted With Network Injection Attacks Using NSO Group's Tools
- Bahrain, Kuwait and Norway contact tracing apps among most dangerous for privacy
- Qatar: Contact tracing app security flaw exposed sensitive personal details of more than one million
- Morocco: Human Rights Defenders Targeted with NSO Group's Spyware
- Evolving Phishing Attacks Targeting Journalists and Human Rights Defenders from the Middle-East and North Africa
- Exodus: New Android Spyware Made in Italy
- Phishing attacks using third-party applications against Egyptian civil society organizations
- When Best Practice Isn't Good Enough: Large Campaigns of Phishing Attacks in Middle East and North Africa Target Privacy-Conscious Users
- Amnesty International Among Targets of NSO-Powered Campaign
- Human Rights Under Surveillance - Digital Threats Against Human Rights Defenders in Pakistan
- Bahamut, Pursuing a Cyber Espionage Actor in the Middle East
- False Friends: How Fake Accounts and Crude Malware Targeted Dissidents in Azerbaijan
- Operation Kingphish: Uncovering a Campaign of Cyber Attacks against Civil Society in Qatar and Nepal
- Bitter Sweet: Supporters of Mexico's Soda Tax Targeted with NSO Exploit Links
- iKittens: Iranian Actor Resurfaces with Malware for Mac (MacDownloader)
- Beyond Fake News: an investigation into the murky world of fake campaigns
- Fictitious Profiles And WebRTC's Privacy Leaks Used to Identify Iranian Activists
- Malware Posing as Human Rights Organizations and Commercial Software Targeting Iranians, Foreign Policy Institutions, and Middle Eastern Countries
- Increased use of Android Malware targeting Journalists
- I Got a Letter From the Government the Other Day... Unveiling a Campaign of Intimidation, Kidnapping, and Malware in Kazakhstan
- Iran and the Soft War for Internet Dominance
- Packrat: Seven Years of a South American Threat Actor
- Investigative Report on the Hack of the Left Party Infrastructure in Bundestag
- All We Know of NSA and Five-Eyes Malware
- The Digital Arms Race: NSA Preps America for Future Battle
- Secret Malware in European Union Attack Linked To U.S. and British Intelligence
- Police Story: Hacking Team's Government Surveillance Malware
- Hacking Team's US Nexus
- Mapping Hacking Team's "Untraceable" Spyware
- Hacking Team and the Targeting of Ethiopian Journalists
- Upcoming G20 Summit Fuels Espionage Operations
- ByeBye Shell and the targeting of Pakistan
- KeyBoy, Targeted Attacks against Vietnam and India
- For Their Eyes Only: The Commercialization of Digital Spying
- Spying on the Seven Seas with AIS
- Botnets and the War on Bitcoin
- You Only Click Twice: FinFisher's Global Proliferation
- Skynet, a Tor-powered botnet straight from Reddit
- The SmartPhone Who Loved Me: FinFisher Goes Mobile?
- Analysis of the FinFisher Lawful Interception Malware
Books, Articles & Columns
- Covid-19 e app di Contact Tracing: privacy, tecnologia e gestione dell'emergenza
- Dissidents Have Been Abandoned and Besieged Online
- Technology must foster, not hinder, free speech
- Online Voting Is a Terrible Idea
- Manipulation of Public Opinion
- What Is To Be Hacked?
- Interview with Hisham Almiraat - a story of Activism, Surveillance, and Freedom
- Letter on Investigatory Power Bills
- On Export Controls
- India and #GoIBlocks: A Lesson for ISPs When Facing Censorship Orders
- What Protesters in Hong Kong (and Anywhere Else) Should Know About FireChat
- Deutsche Firmen verdienen Millionen mit Überwachungstechnik