Publications

Original Research

These are investigative and technical research reports I authored or co-authored:

• Forensic Methodology Report: How to catch NSO Group's Pegasus - Amnesty International, 2021-07-18
• German-made FinSpy spyware found in Egypt, and Mac and Linux versions revealed - Amnesty International, 2020-09-25
• Moroccan Journalist Targeted With Network Injection Attacks Using NSO Group's Tools - Amnesty International, 2020-06-22
• Bahrain, Kuwait and Norway contact tracing apps among most dangerous for privacy - Amnesty International, 2020-06-16
• Qatar: Contact tracing app security flaw exposed sensitive personal details of more than one million - Amnesty International, 2020-05-26
• Morocco: Human Rights Defenders Targeted with NSO Group's Spyware - Amnesty International, 2019-10-10
• Evolving Phishing Attacks Targeting Journalists and Human Rights Defenders from the Middle-East and North Africa - Amnesty International, 2019-08-21
• Exodus: New Android Spyware Made in Italy - Security Without Borders, 2019-03-29
• Phishing attacks using third-party applications against Egyptian civil society organizations - Amnesty International, 2019-03-06
• When Best Practice Isn't Good Enough: Large Campaigns of Phishing Attacks in Middle East and North Africa Target Privacy-Conscious Users - Amnesty International, 2018-12-19
• Amnesty International Among Targets of NSO-Powered Campaign - Amnesty International, 2018-08-01
• Human Rights Under Surveillance - Digital Threats Against Human Rights Defenders in Pakistan - Amnesty International, 2018-05-15
• Bahamut, Pursuing a Cyber Espionage Actor in the Middle East - Bellingcat, 2017-06-12
• False Friends: How Fake Accounts and Crude Malware Targeted Dissidents in Azerbaijan - Amnesty International, 2017-03-10
• Operation Kingphish: Uncovering a Campaign of Cyber Attacks against Civil Society in Qatar and Nepal - Amnesty International, 2017-02-14
• Bitter Sweet: Supporters of Mexico's Soda Tax Targeted with NSO Exploit Links - Citizen Lab, 2017-02-11
• iKittens: Iranian Actor Resurfaces with Malware for Mac (MacDownloader) - , 2017-02-06
• Beyond Fake News: an investigation into the murky world of fake campaigns - Amnesty International, 2016-12-21
• Fictitious Profiles And WebRTC's Privacy Leaks Used to Identify Iranian Activists - , 2016-11-11
• Malware Posing as Human Rights Organizations and Commercial Software Targeting Iranians, Foreign Policy Institutions, and Middle Eastern Countries - , 2016-09-01
• Increased use of Android Malware targeting Journalists - , 2016-08-24
• I Got a Letter From the Government the Other Day... Unveiling a Campaign of Intimidation, Kidnapping, and Malware in Kazakhstan - EFF, 2016-08-03
• Iran and the Soft War for Internet Dominance - , 2016-08-04
• Packrat: Seven Years of a South American Threat Actor - Citizen Lab, 2015-12-08
• Investigative Report on the Hack of the Left Party Infrastructure in Bundestag - Netzpolitik, 2015-06-19
• All We Know of NSA and Five-Eyes Malware - Blog, 2015-01-27
• The Digital Arms Race: NSA Preps America for Future Battle - Der Spiegel, 2015-01-17
• Secret Malware in European Union Attack Linked To U.S. and British Intelligence - The Intercept, 2014-11-24
• Police Story: Hacking Team's Government Surveillance Malware - Citizen Lab, 2014-06-24
• Hacking Team's US Nexus - Citizen Lab, 2014-02-28
• Mapping Hacking Team's "Untraceable" Spyware - Citizen Lab, 2014-02-17
• Hacking Team and the Targeting of Ethiopian Journalists - Citizen Lab, 2014-02-12
• Upcoming G20 Summit Fuels Espionage Operations - Rapid7, 2013-08-26
• ByeBye Shell and the targeting of Pakistan - Rapid7, 2013-08-19
• KeyBoy, Targeted Attacks against Vietnam and India - Rapid7, 2013-07-07
• For Their Eyes Only: The Commercialization of Digital Spying - Citizen Lab, 2013-04-30
• Spying on the Seven Seas with AIS - Rapid7, 2013-04-29
• Botnets and the War on Bitcoin - Rapid7, 2013-04-12
• You Only Click Twice: FinFisher's Global Proliferation - Citizen Lab, 2013-03-13
• Skynet, a Tor-powered botnet straight from Reddit - Rapid7, 2012-12-02
• The SmartPhone Who Loved Me: FinFisher Goes Mobile? - Citizen Lab, 2012-08-29
• Analysis of the FinFisher Lawful Interception Malware - Rapid7, 2012-08-08

Books, Articles & Columns

I occasionally write articles and opinion pieces. You can contact me if you would like me to write for you.

• Covid-19 e app di Contact Tracing: privacy, tecnologia e gestione dell'emergenza - Amnesty International Italia, 2020-04-24
• Dissidents Have Been Abandoned and Besieged Online - Motherboard, 2018-02-13
• Technology must foster, not hinder, free speech - Deutsche Welle, 2017-07-13
• Online Voting Is a Terrible Idea - Motherboard, 2017-06-09
• Manipulation of Public Opinion - Amnesty Insights, 2017-05-24
• What Is To Be Hacked? - Limn Magazine, 2017-05-22
• Interview with Hisham Almiraat - a story of Activism, Surveillance, and Freedom - Medium, 2016-12-09
• Letter on Investigatory Power Bills - , 2015-11-27
• On Export Controls - , 2015-02-15
• India and #GoIBlocks: A Lesson for ISPs When Facing Censorship Orders - Global Voices, 2015-01-14
• What Protesters in Hong Kong (and Anywhere Else) Should Know About FireChat - Slate, 2014-10-02
• Deutsche Firmen verdienen Millionen mit Überwachungstechnik - Die Zeit, 2014-07-05

I contributed a chapter to the book Practicing Sovereignty: Digital Involvement in Times of Crises.

I contributed the closing chapter to the book Meinungsmache im Netz: Fake News, Bots und Hate Speech, which can also be found on Amazon.

Talks

For speaking engagements, please find my contact details here.

Following is a selection of talks I have given:

• Covid-19 e app di Contact Tracing - in discussione con Carola Frediani e Tina Marinari (Italian) at Amnesty International, June 2020
• Hacking Democracy: Power and Propaganda in the Digital Age - in discussion with Garry Kasparov at Re:publica 2017, May 2017
• Hacking the World at 33rd Chaos Communication Congress, December 2016
• Iran and the Soft War for Internet Dominance at BlackHat USA 2016, August 2016
• Helping the Helpless at Chaos Communication Camp 2015, August 2015
• Occupy Central and the Suppression of Dissent at C-Base, October 2014
• To Protect And Infect - The Militarization of the Internet at 30th Chaos Communication Congress, December 2013