Jurre van Bergen
@jurrevanbergen.nl
Technologist at Amnesty's Security Lab. Here's how to contact me securely: https://gist.github.com/DrWhax/61978d4e7df5291d4cf308f10dc20d5a
Reposted by Jurre van Bergen
It was one of a trio of reports about the spyware vendor over the course of a day, with additional evidence about further infections among the findings. via @timstarks.bsky.social cyberscoop.com/intellexa-re...
Intellexa remotely accessed Predator spyware customer systems, investigation finds
It was one of a trio of reports about the spyware vendor over the course of a day, with additional evidence about further infections among the findings.
cyberscoop.com
December 4, 2025 at 10:31 PM
It was one of a trio of reports about the spyware vendor over the course of a day, with additional evidence about further infections among the findings. via @timstarks.bsky.social cyberscoop.com/intellexa-re...
Interesting artefact in the uploaded JSKit code used by Intellexa from Google's Threat Intelligence Group.
"//TODO: va bene solo per ios 15 perchè l'exploit è uguale per tutte le version 15.0.x infatti se inferiore a 15.1 restituisce sempre 15.0" - some italian....
cloud.google.com/blog/topics/...
"//TODO: va bene solo per ios 15 perchè l'exploit è uguale per tutte le version 15.0.x infatti se inferiore a 15.1 restituisce sempre 15.0" - some italian....
cloud.google.com/blog/topics/...
Intellexa’s Prolific Zero-Day Exploits Continue | Google Cloud Blog
Commercial surveillance vendor Intellexa continues to thrive and exploit mobile zero-day vulnerabilities.
cloud.google.com
December 4, 2025 at 9:20 PM
Interesting artefact in the uploaded JSKit code used by Intellexa from Google's Threat Intelligence Group.
"//TODO: va bene solo per ios 15 perchè l'exploit è uguale per tutte le version 15.0.x infatti se inferiore a 15.1 restituisce sempre 15.0" - some italian....
cloud.google.com/blog/topics/...
"//TODO: va bene solo per ios 15 perchè l'exploit è uguale per tutte le version 15.0.x infatti se inferiore a 15.1 restituisce sempre 15.0" - some italian....
cloud.google.com/blog/topics/...
Reposted by Jurre van Bergen
Insikt Group researchers found new evidence of Predator's continued deployment in Iraq and Pakistan. New shell companies and other interconnected firms also discovered and suggest "expanding network footprint."
therecord.media/intellexa-pr...
therecord.media/intellexa-pr...
Researchers find Predator spyware is being used in several countries, including Iraq
Researchers also found indicators “likely associated” with the use of Predator spyware by an entity tied to Pakistan.
therecord.media
December 4, 2025 at 5:08 PM
Insikt Group researchers found new evidence of Predator's continued deployment in Iraq and Pakistan. New shell companies and other interconnected firms also discovered and suggest "expanding network footprint."
therecord.media/intellexa-pr...
therecord.media/intellexa-pr...
Great reporting by @lorenzofb.bsky.social who got Memento Lab's CEO, Paolo Lezzi, to admit they also use Teamviewer(??) to login to remote customer systems if they are asked to help with technical problems. Bizarre. techcrunch.com/2025/12/04/s...
December 4, 2025 at 6:26 PM
Great reporting by @lorenzofb.bsky.social who got Memento Lab's CEO, Paolo Lezzi, to admit they also use Teamviewer(??) to login to remote customer systems if they are asked to help with technical problems. Bizarre. techcrunch.com/2025/12/04/s...
Reposted by Jurre van Bergen
NEW: Staffers at notorious spyware maker Intellexa had live remote access to their customers' surveillance systems.
This allowed them to see the personal data of targets hacked with Intellexa's spyware Predator, according to research based on a leaked training video.
Needless to say, this is bad.
This allowed them to see the personal data of targets hacked with Intellexa's spyware Predator, according to research based on a leaked training video.
Needless to say, this is bad.
Sanctioned spyware maker Intellexa had direct access to government espionage victims, researchers say | TechCrunch
Based on a leaked video, security researchers alleged that Intellexa staffers have remote live access to their customers' surveillance systems, allowing them to see hacking targets’ personal data.
techcrunch.com
December 4, 2025 at 6:17 PM
NEW: Staffers at notorious spyware maker Intellexa had live remote access to their customers' surveillance systems.
This allowed them to see the personal data of targets hacked with Intellexa's spyware Predator, according to research based on a leaked training video.
Needless to say, this is bad.
This allowed them to see the personal data of targets hacked with Intellexa's spyware Predator, according to research based on a leaked training video.
Needless to say, this is bad.
Reposted by Jurre van Bergen
🔥 The #IntellexaLeaks
⚠ Νέα διεθνής έρευνα του @insidestory.gr σε συνεργασία με την @haaretzcom.bsky.social, WAV Research Collective και την τεχνική συνδρομή του Εργαστηρίου Ασφαλείας της @amnesty.org προχωρά σήμερα σε σημαντικές αποκαλύψεις: insidestory.gr/article/inte...
⚠ Νέα διεθνής έρευνα του @insidestory.gr σε συνεργασία με την @haaretzcom.bsky.social, WAV Research Collective και την τεχνική συνδρομή του Εργαστηρίου Ασφαλείας της @amnesty.org προχωρά σήμερα σε σημαντικές αποκαλύψεις: insidestory.gr/article/inte...
December 4, 2025 at 1:24 PM
🔥 The #IntellexaLeaks
⚠ Νέα διεθνής έρευνα του @insidestory.gr σε συνεργασία με την @haaretzcom.bsky.social, WAV Research Collective και την τεχνική συνδρομή του Εργαστηρίου Ασφαλείας της @amnesty.org προχωρά σήμερα σε σημαντικές αποκαλύψεις: insidestory.gr/article/inte...
⚠ Νέα διεθνής έρευνα του @insidestory.gr σε συνεργασία με την @haaretzcom.bsky.social, WAV Research Collective και την τεχνική συνδρομή του Εργαστηρίου Ασφαλείας της @amnesty.org προχωρά σήμερα σε σημαντικές αποκαλύψεις: insidestory.gr/article/inte...
A special thanks to the courageous sources who stepped forward and made #IntellexaLeaks possible. This wouldn't have been possible without them.
a man in a suit and tie is giving a thank you sign .
ALT: a man in a suit and tie is giving a thank you sign .
media.tenor.com
December 4, 2025 at 1:35 PM
A special thanks to the courageous sources who stepped forward and made #IntellexaLeaks possible. This wouldn't have been possible without them.
Happy holidays Intellexa, xoxo.
December 4, 2025 at 1:12 PM
Happy holidays Intellexa, xoxo.
🚨 - New report by Haaretz, Inside Story, Inside-IT and Amnesty International release the Intellexa Leaks. Which exposes Intellexa support staff had access through Teamviewer to customer deployments and confirms found IOC's in the past by civil society. 🧵👇
December 4, 2025 at 11:37 AM
🚨 - New report by Haaretz, Inside Story, Inside-IT and Amnesty International release the Intellexa Leaks. Which exposes Intellexa support staff had access through Teamviewer to customer deployments and confirms found IOC's in the past by civil society. 🧵👇
Reposted by Jurre van Bergen
1/ Today we release a new report exposing previously undisclosed entities connected to the wider #Intellexa ecosystem as well as newly identified activity clusters in Iraq and indications of activity in Pakistan: www.recordedfuture.com/research/int...
Intellexa’s Global Corporate Web
www.recordedfuture.com
December 4, 2025 at 4:18 AM
1/ Today we release a new report exposing previously undisclosed entities connected to the wider #Intellexa ecosystem as well as newly identified activity clusters in Iraq and indications of activity in Pakistan: www.recordedfuture.com/research/int...
Reposted by Jurre van Bergen
🚨NEW🚨 At the southern border, officers use Cellebrite forensic devices to access iPhones of immigration crime suspects.
Except they don't always get the data CBP wants. So CBP orders Apple to provide it instead.
A CBP playbook on border surveillance.
www.forbes.com/sites/the-wi...
Except they don't always get the data CBP wants. So CBP orders Apple to provide it instead.
A CBP playbook on border surveillance.
www.forbes.com/sites/the-wi...
Border Patrol’s Digital Playbook: Hack iPhones, Raid iCloud Accounts
A CBP search warrant shows how it relies on data raids on iClouds when its forensics tools can't get enough information from iPhones.
www.forbes.com
December 2, 2025 at 8:37 PM
🚨NEW🚨 At the southern border, officers use Cellebrite forensic devices to access iPhones of immigration crime suspects.
Except they don't always get the data CBP wants. So CBP orders Apple to provide it instead.
A CBP playbook on border surveillance.
www.forbes.com/sites/the-wi...
Except they don't always get the data CBP wants. So CBP orders Apple to provide it instead.
A CBP playbook on border surveillance.
www.forbes.com/sites/the-wi...
Reposted by Jurre van Bergen
New report by 🇫🇷France's National Cyber Security Agency (@anssi-fr.bsky.social) on the threat landscape for mobile phones since 2015.
👇
www.cert.ssi.gouv.fr/uploads/CERT...
👇
www.cert.ssi.gouv.fr/uploads/CERT...
November 27, 2025 at 6:46 AM
New report by 🇫🇷France's National Cyber Security Agency (@anssi-fr.bsky.social) on the threat landscape for mobile phones since 2015.
👇
www.cert.ssi.gouv.fr/uploads/CERT...
👇
www.cert.ssi.gouv.fr/uploads/CERT...
Who'd like to read a book on the Intellexa Alliance?
November 25, 2025 at 2:40 PM
Who'd like to read a book on the Intellexa Alliance?
Reposted by Jurre van Bergen
Happy to have written this new blogpost from Brave Research, based on work at Internet Architecture Board, with Hamed Haddadi and Kyle Den Hartog.
brave.com/blog/zkp-age...
1/3
brave.com/blog/zkp-age...
1/3
November 6, 2025 at 3:52 PM
Happy to have written this new blogpost from Brave Research, based on work at Internet Architecture Board, with Hamed Haddadi and Kyle Den Hartog.
brave.com/blog/zkp-age...
1/3
brave.com/blog/zkp-age...
1/3
Bluesky had zero funny dick Cheney joke today. I saw multiple good one on X.
November 4, 2025 at 10:39 PM
Bluesky had zero funny dick Cheney joke today. I saw multiple good one on X.
Reposted by Jurre van Bergen
Readers in Chinese-speaking regions can now gain deeper insights into our findings on Geedge's suite!
Our report “The Internet Coup” is now available in Traditional Chinese (using Taiwanese terminology), thanks to the translation by @anoni.net. #GreatFirewallExport
anoni.net/docs/report/...
Our report “The Internet Coup” is now available in Traditional Chinese (using Taiwanese terminology), thanks to the translation by @anoni.net. #GreatFirewallExport
anoni.net/docs/report/...
網路政變 / The Internet Coup | InterSecLab - 匿名網路社群 Anoni.net/Docs
關於中國網路防火牆服務輸出到其他國家,希望引起各界對網路自由和網路治理的反思和警覺
anoni.net
October 30, 2025 at 3:15 PM
Readers in Chinese-speaking regions can now gain deeper insights into our findings on Geedge's suite!
Our report “The Internet Coup” is now available in Traditional Chinese (using Taiwanese terminology), thanks to the translation by @anoni.net. #GreatFirewallExport
anoni.net/docs/report/...
Our report “The Internet Coup” is now available in Traditional Chinese (using Taiwanese terminology), thanks to the translation by @anoni.net. #GreatFirewallExport
anoni.net/docs/report/...
More research being conducted on the Geedge Networks dataset. @domaintools.bsky.social started a series dissecting the Geedge leak and posted their 1st part out of 3. dti.domaintools.com/inside-the-g... #GFWExport
Inside the Great Firewall Part 1: The Dump - DomainTools Investigations | DTI
Analysis of the 500GB+ Great Firewall data breach revealing China’s state censorship network, VPN evasion tactics, and the operators behind it.
dti.domaintools.com
October 31, 2025 at 12:05 PM
More research being conducted on the Geedge Networks dataset. @domaintools.bsky.social started a series dissecting the Geedge leak and posted their 1st part out of 3. dti.domaintools.com/inside-the-g... #GFWExport
The Sydney Opera House spoiled us by uploading a recent concert by Beth Gibbons on their YouTube channel. www.youtube.com/watch?v=apAo...
Beth Gibbons | Live at Sydney Opera House
YouTube video by Sydney Opera House
www.youtube.com
October 30, 2025 at 3:15 PM
The Sydney Opera House spoiled us by uploading a recent concert by Beth Gibbons on their YouTube channel. www.youtube.com/watch?v=apAo...
TIL that it's not possible to register a foreign marriage if you're both foreigners but residents of Portugal. Okay?
October 29, 2025 at 3:38 PM
TIL that it's not possible to register a foreign marriage if you're both foreigners but residents of Portugal. Okay?
Reposted by Jurre van Bergen
Exclusive: US military officials required to sign NDAs tied to Latin America mission, sources say www.reuters.com/world/americ...
Exclusive: US military officials required to sign NDAs tied to Latin America mission, sources say
U.S. military officials involved with President Donald Trump's expanding operations in Latin America have been asked to sign non-disclosure agreements, three U.S. officials say, a development that raises new questions about a military buildup that Venezuela fears may lead to an invasion.
www.reuters.com
October 28, 2025 at 8:27 PM
Exclusive: US military officials required to sign NDAs tied to Latin America mission, sources say www.reuters.com/world/americ...
PBS did a great section on the Great Firewall Export, that we published together with @papertrailmedia.de @interseclab.bsky.social @justiceformyanmar.org @theglobeandmail.com @torproject.bsky.social and us @amnesty.org. www.pbs.org/newshour/sho...
Massive leak exposes how China’s ‘Great Firewall’ is being exported to other countries
For years, China’s government has used what’s known as the “Great Firewall” to censor the internet inside its country and block access to select foreign websites. Now, a document leak shows that a lit...
www.pbs.org
October 23, 2025 at 7:39 PM
PBS did a great section on the Great Firewall Export, that we published together with @papertrailmedia.de @interseclab.bsky.social @justiceformyanmar.org @theglobeandmail.com @torproject.bsky.social and us @amnesty.org. www.pbs.org/newshour/sho...
Reposted by Jurre van Bergen
Next week (29–31 Oct), FIND’s Jack Parham joins @smex.org's Bread&Net in Beirut!
Make sure you catch our two sessions:
🔎 Look Who’s Selling — workshop on investigating surveillance firms
🎤 Click, Load, Kill — panel on the cyberweapon industry in WANA
🔗 Register: breadandnet.org
Make sure you catch our two sessions:
🔎 Look Who’s Selling — workshop on investigating surveillance firms
🎤 Click, Load, Kill — panel on the cyberweapon industry in WANA
🔗 Register: breadandnet.org
October 23, 2025 at 4:05 PM
Next week (29–31 Oct), FIND’s Jack Parham joins @smex.org's Bread&Net in Beirut!
Make sure you catch our two sessions:
🔎 Look Who’s Selling — workshop on investigating surveillance firms
🎤 Click, Load, Kill — panel on the cyberweapon industry in WANA
🔗 Register: breadandnet.org
Make sure you catch our two sessions:
🔎 Look Who’s Selling — workshop on investigating surveillance firms
🎤 Click, Load, Kill — panel on the cyberweapon industry in WANA
🔗 Register: breadandnet.org
The Netherlands is slipping on the democracy index and thats worrisome.
October 20, 2025 at 1:07 PM
The Netherlands is slipping on the democracy index and thats worrisome.
It's been quite a number of years since we've seen how the Pegasus client panel looks. Document from the WhatsApp lawsuit. (p15 storage.courtlistener.com/recap/gov.us...)
October 18, 2025 at 9:51 PM
It's been quite a number of years since we've seen how the Pegasus client panel looks. Document from the WhatsApp lawsuit. (p15 storage.courtlistener.com/recap/gov.us...)
Weird times ahead...
Hard to explain to non-Dutch that for a Dutch (non-far-right) political party to wave the national flag at a rally is actually unusual, and a statement that you are trying to retake patriotic ground. Flag-waving long frowned on as quasi fascist
October 18, 2025 at 8:03 PM
Weird times ahead...