Talks & Publications
Original Research
These are investigative and technical research reports I authored or co-authored:
- Forensic Methodology Report: How to catch NSO Group’s Pegasus, Amnesty International, 18 July 2021
- German-made FinSpy spyware found in Egypt, and Mac and Linux versions revealed, Amnesty International, 25 September 2020
- Moroccan Journalist Targeted With Network Injection Attacks Using NSO Group’s Tools, Amnesty International, 22 June 2020
- Bahrain, Kuwait and Norway contact tracing apps among most dangerous for privacy, Amnesty International, 16 June 2020
- Qatar: Contact tracing app security flaw exposed sensitive personal details of more than one million, Amnesty International, 26 May 2020
- Morocco: Human Rights Defenders Targeted with NSO Group’s Spyware, Amnesty International, 10 October 2019
- Evolving Phishing Attacks Targeting Journalists and Human Rights Defenders from the Middle-East and North Africa, Amnesty International, 21 August 2019
- Exodus: New Android Spyware Made in Italy, Security Without Borders, 29 March 2019
- Phishing attacks using third-party applications against Egyptian civil society organizations, Amnesty International, 6 March 2019
- When Best Practice Isn’t Good Enough: Large Campaigns of Phishing Attacks in Middle East and North Africa Target Privacy-Conscious Users, Amnesty International, 19 December 2018
- Amnesty International Among Targets of NSO-Powered Campaign, Amnesty International, 1 August 2018
- Human Rights Under Surveillance - Digital Threats Against Human Rights Defenders in Pakistan, Amnesty International, 15 May 2018
- Bahamut, Pursuing a Cyber Espionage Actor in the Middle East, Bellingcat, 12 June 2017
- False Friends: How Fake Accounts and Crude Malware Targeted Dissidents in Azerbaijan, Amnesty International, 10 March 2017
- Operation Kingphish: Uncovering a Campaign of Cyber Attacks against Civil Society in Qatar and Nepal, Amnesty International, 14 February 2017
- Bitter Sweet: Supporters of Mexico’s Soda Tax Targeted with NSO Exploit Links, CitizenLab, 11 February 2017
- iKittens: Iranian Actor Resurfaces with Malware for Mac (MacDownloader), 6 February 2017
- Beyond Fake News: an investigation into the murky world of fake campaigns, Amnesty International, 21 December 2016
- Fictitious Profiles And WebRTC’s Privacy Leaks Used to Identify Iranian Activists, 11 November 2016
- Malware Posing as Human Rights Organizations and Commercial Software Targeting Iranians, Foreign Policy Institutions, and Middle Eastern Countries, 1 September 2016
- Increased use of Android Malware targeting Journalists, 24 August 2016
- I Got a Letter From the Government the Other Day… Unveiling a Campaign of Intimidation, Kidnapping, and Malware in Kazakhstan, EFF, 3 August 2016
- Iran and the Soft War for Internet Dominance, 4 August 2016
- Packrat: Seven Years of a South American Threat Actor, CitizenLab, 8 December 2015
- Investigative Report on the Hack of the Left Party Infrastructure in Bundestag, Netzpolitik, 19 June 2015
- All We Know of NSA and Five-Eyes Malware, Blog, 27 January 2015
- The Digital Arms Race: NSA Preps America for Future Battle, Der Spiegel, 17 January 2015
- Secret Malware in European Union Attack Linked To U.S. and British Intelligence, The Intercept, 24 November 2014
- Police Story: Hacking Team’s Government Surveillance Malware, CitizenLab, 24 June 2014
- Hacking Team’s US Nexus, CitizenLab, 28 February 2014
- Mapping Hacking Team’s “Untraceable” Spyware, CitizenLab, 17 February 2014
- Hacking Team and the Targeting of Ethiopian Journalists, CitizenLab, 12 February 2014
- Upcoming G20 Summit Fuels Espionage Operations, Rapid7, 26 August 2013
- ByeBye Shell and the targeting of Pakistan, Rapid7, 19 August 2013
- KeyBoy, Targeted Attacks against Vietnam and India, Rapid7, 07 June 2013
- For Their Eyes Only: The Commercialization of Digital Spying, CitizenLab, 30 April 2013
- Spying on the Seven Seas with AIS, Rapid7, 29 April 2013
- Botnets and the War on Bitcoin, Rapid7, 12 April 2013
- You Only Click Twice: FinFisher’s Global Proliferation, CitizenLab, 13 March 2013
- Skynet, a Tor-powered botnet straight from Reddit, Rapid7, 02 December 2012
- The SmartPhone Who Loved Me: FinFisher Goes Mobile?, CitizenLab, 29 August 2012
- Analysis of the FinFisher Lawful Interception Malware, Rapid7, 08 August 2012
Books, Articles & Columns
I occasionally write articles and opinion pieces. You can contact me if you would like me to write for you.
- Covid-19 e app di Contact Tracing: privacy, tecnologia e gestione dell’emergenza (Italian), Amnesty International Italia, 24 April 2020
- Dissidents Have Been Abandoned and Besieged Online, Motherboard, 13 February 2018
- Technology must foster, not hinder, free speech, Deutsche Welle, 13 Jul 2017
- Online Voting Is a Terrible Idea, Motherboard, 09 June 2017
- Manipulation of Public Opinion, Amnesty Insights, 24 May 2017
- What Is To Be Hacked?, Limn Magazine, 22 May 2017
- Interview with Hisham Almiraat — a story of Activism, Surveillance, and Freedom, Medium, 9 December 2016
- Letter on Investigatory Power Bills, 27 November 2015
- On Export Controls, 15 February 2015
- India and #GoIBlocks: A Lesson for ISPs When Facing Censorship Orders, Global Voices, 14 January 2015
- What Protesters in Hong Kong (and Anywhere Else) Should Know About FireChat, Slate, 02 October 2014
- Deutsche Firmen verdienen Millionen mit Überwachungstechnik, Die Zeit, 05 September 2014
I contributed a chapter to the book Practicing Sovereignty: Digital Involvement in Times of Crises.

I contributed the closing chapter to the book Meinungsmache im Netz: Fake News, Bots und Hate Speech, which can also be found on Amazon.

Videos & Presentations
For speaking engagements, please find my contact details here.
Following is a selection of talks I have given:
- Covid-19 e app di Contact Tracing (Italian), in discussione con Carola Frediani e Tina Marinari, Amnesty International, June 2020
- Hacking Democracy: Power and Propaganda in the Digital Age, in discussion with Garry Kasparov, Re:publica 2017, May 2017
- Hacking the World, 33rd Chaos Communication Congress, December 2016
- Iran and the Soft War for Internet Dominance, BlackHat USA 2016, August 2016
- Helping the Helpless, Chaos Communication Camp 2015, August 2015
- Occupy Central and the Suppression of Dissent, C-Base, October 2014
- To Protect And Infect - The Militarization of the Internet, 30th Chaos Communication Congress, December 2013