Controversy Erupts Over U.S. Defense Contractor's Talks to Buy NSO Group's Spyware
Hertzbleed side-channel attack threatens cryptographic software security, Microsoft issues fix for Follina and other flaws, Microsoft accused of taking too long to fix Azure flaws, much more
Metacurity is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.
In an unexpected and controversial development, a prominent American defense contractor, L3Harris, is in talks to buy sanctioned and notorious Israeli company NSO Group’s spyware tools, according to people familiar with the negotiations. The Biden administration is warning that a potential deal to buy the Israeli firm’s spyware would raise “serious” counterintelligence and security concerns for the U.S. government.
In November, the Commerce Department placed NSO Group on its export blacklist, known as the Entity List, after determining that its spyware had been used by oppressive foreign governments to “maliciously target” government officials, activists, journalists, academics, and embassy workers around the world.
“The U.S. Government opposes efforts by foreign companies to circumvent U.S. export control measures or sancti…