Talks & Publications

Original Research

These are investigative and technical research reports I authored or co-authored:

• German-made FinSpy spyware found in Egypt, and Mac and Linux versions revealed, Amnesty International, 25 September 2020
• Moroccan Journalist Targeted With Network Injection Attacks Using NSO Group’s Tools, Amnesty International, 22 June 2020
• Bahrain, Kuwait and Norway contact tracing apps among most dangerous for privacy, Amnesty International, 16 June 2020
• Qatar: Contact tracing app security flaw exposed sensitive personal details of more than one million, Amnesty International, 26 May 2020
• Morocco: Human Rights Defenders Targeted with NSO Group’s Spyware, Amnesty International, 10 October 2019
• Evolving Phishing Attacks Targeting Journalists and Human Rights Defenders from the Middle-East and North Africa, Amnesty International, 21 August 2019
• Exodus: New Android Spyware Made in Italy, Security Without Borders, 29 March 2019
• Phishing attacks using third-party applications against Egyptian civil society organizations, Amnesty International, 6 March 2019
• When Best Practice Isn’t Good Enough: Large Campaigns of Phishing Attacks in Middle East and North Africa Target Privacy-Conscious Users, Amnesty International, 19 December 2018
• Amnesty International Among Targets of NSO-Powered Campaign, Amnesty International, 1 August 2018
• Human Rights Under Surveillance - Digital Threats Against Human Rights Defenders in Pakistan, Amnesty International, 15 May 2018
• Bahamut, Pursuing a Cyber Espionage Actor in the Middle East, Bellingcat, 12 June 2017
• False Friends: How Fake Accounts and Crude Malware Targeted Dissidents in Azerbaijan, Amnesty International, 10 March 2017
• Operation Kingphish: Uncovering a Campaign of Cyber Attacks against Civil Society in Qatar and Nepal, Amnesty International, 14 February 2017
• Bitter Sweet: Supporters of Mexico’s Soda Tax Targeted with NSO Exploit Links, CitizenLab, 11 February 2017
• iKittens: Iranian Actor Resurfaces with Malware for Mac (MacDownloader), 6 February 2017
• Beyond Fake News: an investigation into the murky world of fake campaigns, Amnesty International, 21 December 2016
• Fictitious Profiles And WebRTC’s Privacy Leaks Used to Identify Iranian Activists, 11 November 2016
• Malware Posing as Human Rights Organizations and Commercial Software Targeting Iranians, Foreign Policy Institutions, and Middle Eastern Countries, 1 September 2016
• Increased use of Android Malware targeting Journalists, 24 August 2016
• I Got a Letter From the Government the Other Day… Unveiling a Campaign of Intimidation, Kidnapping, and Malware in Kazakhstan, EFF, 3 August 2016
• Iran and the Soft War for Internet Dominance, 4 August 2016
• Packrat: Seven Years of a South American Threat Actor, CitizenLab, 8 December 2015
• Investigative Report on the Hack of the Left Party Infrastructure in Bundestag, Netzpolitik, 19 June 2015
• All We Know of NSA and Five-Eyes Malware, Blog, 27 January 2015
• The Digital Arms Race: NSA Preps America for Future Battle, Der Spiegel, 17 January 2015
• Secret Malware in European Union Attack Linked To U.S. and British Intelligence, The Intercept, 24 November 2014
• Police Story: Hacking Team’s Government Surveillance Malware, CitizenLab, 24 June 2014
• Hacking Team’s US Nexus, CitizenLab, 28 February 2014
• Mapping Hacking Team’s “Untraceable” Spyware, CitizenLab, 17 February 2014
• Hacking Team and the Targeting of Ethiopian Journalists, CitizenLab, 12 February 2014
• Upcoming G20 Summit Fuels Espionage Operations, Rapid7, 26 August 2013
• ByeBye Shell and the targeting of Pakistan, Rapid7, 19 August 2013
• KeyBoy, Targeted Attacks against Vietnam and India, Rapid7, 07 June 2013
• For Their Eyes Only: The Commercialization of Digital Spying, CitizenLab, 30 April 2013
• Spying on the Seven Seas with AIS, Rapid7, 29 April 2013
• Botnets and the War on Bitcoin, Rapid7, 12 April 2013
• You Only Click Twice: FinFisher’s Global Proliferation, CitizenLab, 13 March 2013
• Skynet, a Tor-powered botnet straight from Reddit, Rapid7, 02 December 2012
• The SmartPhone Who Loved Me: FinFisher Goes Mobile?, CitizenLab, 29 August 2012
• Analysis of the FinFisher Lawful Interception Malware, Rapid7, 08 August 2012

Books, Articles & Columns

I occasionally write articles and opinion pieces. You can contact me if you would like me to write for you.

• Covid-19 e app di Contact Tracing: privacy, tecnologia e gestione dell’emergenza (Italian), Amnesty International Italia, 24 April 2020
• Dissidents Have Been Abandoned and Besieged Online, Motherboard, 13 February 2018
• Technology must foster, not hinder, free speech, Deutsche Welle, 13 Jul 2017
• Online Voting Is a Terrible Idea, Motherboard, 09 June 2017
• Manipulation of Public Opinion, Amnesty Insights, 24 May 2017
• What Is To Be Hacked?, Limn Magazine, 22 May 2017
• Interview with Hisham Almiraat — a story of Activism, Surveillance, and Freedom, Medium, 9 December 2016
• Letter on Investigatory Power Bills, 27 November 2015
• On Export Controls, 15 February 2015
• India and #GoIBlocks: A Lesson for ISPs When Facing Censorship Orders, Global Voices, 14 January 2015
• What Protesters in Hong Kong (and Anywhere Else) Should Know About FireChat, Slate, 02 October 2014
• Deutsche Firmen verdienen Millionen mit Überwachungstechnik, Die Zeit, 05 September 2014

I contributed the closing chapter to the book Meinungsmache im Netz: Fake News, Bots und Hate Speech, which can also be found on Amazon.

Videos & Presentations

For speaking engagements, please find my contact details here.
Following is a selection of talks I have given:

• Covid-19 e app di Contact Tracing (Italian), in discussione con Carola Frediani e Tina Marinari, Amnesty International, June 2020
• Hacking Democracy: Power and Propaganda in the Digital Age, in discussion with Garry Kasparov, Re:publica 2017, May 2017
• Hacking the World, 33rd Chaos Communication Congress, December 2016
• Iran and the Soft War for Internet Dominance, BlackHat USA 2016, August 2016
• Helping the Helpless, Chaos Communication Camp 2015, August 2015
• Occupy Central and the Suppression of Dissent, C-Base, October 2014
• To Protect And Infect - The Militarization of the Internet, 30th Chaos Communication Congress, December 2013