Runa Sandvik
@runasand.bsky.social
Founder of Granitt, securing journalists and at-risk people around the world.
My latest for Journalist and Spy: Pablo González, Russian-Spanish journalist, alleged GRU agent. Wrote for EU + U.S. media, @drewhinshaw.bsky.social & Joe Parkinson say he began working for GRU in 2010. Arrested in Poland in '22, swapped with Russia in '24. www.journalistandspy.com/p/pablo-gonz...
Pablo González
Pablo González is a Russian-Spanish journalist and an alleged agent of the GRU, Russia’s military intelligence agency.
www.journalistandspy.com
November 10, 2025 at 3:57 PM
My latest for Journalist and Spy: Pablo González, Russian-Spanish journalist, alleged GRU agent. Wrote for EU + U.S. media, @drewhinshaw.bsky.social & Joe Parkinson say he began working for GRU in 2010. Arrested in Poland in '22, swapped with Russia in '24. www.journalistandspy.com/p/pablo-gonz...
Igor Rogov, who claimed to be a Russian opposition activist when he was arrested in Poland last summer, "has admitted he worked as an undercover agent" for the FSB and "informed on other opposition figures." Rogov is due to go on trial next month. www.theguardian.com/world/2025/n...
Russian activist held in Poland admits he worked as FSB agent, court papers say
Igor Rogov, who left Russia in 2021, due to go on trial accused of informing on other Russian opposition activists
www.theguardian.com
November 9, 2025 at 8:06 PM
Igor Rogov, who claimed to be a Russian opposition activist when he was arrested in Poland last summer, "has admitted he worked as an undercover agent" for the FSB and "informed on other opposition figures." Rogov is due to go on trial next month. www.theguardian.com/world/2025/n...
If you're not familiar with Masih Alinejad's work and the story of how the Iranian government paid two Russian men $500,000 to kill her in 2022, I recommend reading this piece. The men were sentenced to 25 years in prison in a New York courtroom yesterday. www.theguardian.com/us-news/2025...
Two Russians sentenced to 25 years for plot to kill Iranian dissident in US
Mobsters Rafat Amirov and Polad Omarov plotted to assassinate Masih Alinejad at her New York home
www.theguardian.com
October 30, 2025 at 12:30 PM
If you're not familiar with Masih Alinejad's work and the story of how the Iranian government paid two Russian men $500,000 to kill her in 2022, I recommend reading this piece. The men were sentenced to 25 years in prison in a New York courtroom yesterday. www.theguardian.com/us-news/2025...
Peter Williams, former exec at Trenchant, has pleaded guilty to two counts of stealing trade secrets and selling them to a Russian broker. Williams "even agreed to provide three months’ worth of support or software updates to the products he sold." www.wired.com/story/peter-...
October 30, 2025 at 12:12 PM
Peter Williams, former exec at Trenchant, has pleaded guilty to two counts of stealing trade secrets and selling them to a Russian broker. Williams "even agreed to provide three months’ worth of support or software updates to the products he sold." www.wired.com/story/peter-...
Been a while since we heard from Memento Labs / Hacking Team! This time a government client was caught using an “outdated version of the Windows spyware” and the CEO is “not sure which of the company’s customers were caught.” techcrunch.com/2025/10/28/c...
October 29, 2025 at 9:24 AM
Been a while since we heard from Memento Labs / Hacking Team! This time a government client was caught using an “outdated version of the Windows spyware” and the CEO is “not sure which of the company’s customers were caught.” techcrunch.com/2025/10/28/c...
iOS with Lockdown Mode is still the best defense we have against sophisticated spyware. Here's a snippet from @micahflee.com's keynote at @bsidespdx.bsky.social a few days ago. micahflee.com/practical-de...
October 27, 2025 at 3:31 PM
iOS with Lockdown Mode is still the best defense we have against sophisticated spyware. Here's a snippet from @micahflee.com's keynote at @bsidespdx.bsky.social a few days ago. micahflee.com/practical-de...
Exploit development shop Trenchant, owned by L3Harris, lost a bunch of internal tools in a “damaging leak” recently. A former employee was targeted with spyware, he claims the company designated him as a scapegoat. This should be bigger news, imo. techcrunch.com/2025/10/21/a...
October 22, 2025 at 9:14 AM
Exploit development shop Trenchant, owned by L3Harris, lost a bunch of internal tools in a “damaging leak” recently. A former employee was targeted with spyware, he claims the company designated him as a scapegoat. This should be bigger news, imo. techcrunch.com/2025/10/21/a...
My latest for Journalist and Spy: Bjørn Hallstrøm is a Norwegian TV producer and self-proclaimed spy. He says CIA in 80s-90s asked him to infiltrate groups in Afghanistan, Colombia, Cuba, Kuwait, Libya, and funded shows he sold to media in the Nordics. www.journalistandspy.com/p/bjrn-halls...
Bjørn Hallstrøm
Bjørn Hallstrøm is a Norwegian marketing manager, TV producer, and self-proclaimed former CIA agent.
www.journalistandspy.com
October 20, 2025 at 6:10 PM
My latest for Journalist and Spy: Bjørn Hallstrøm is a Norwegian TV producer and self-proclaimed spy. He says CIA in 80s-90s asked him to infiltrate groups in Afghanistan, Colombia, Cuba, Kuwait, Libya, and funded shows he sold to media in the Nordics. www.journalistandspy.com/p/bjrn-halls...
I’ve followed various coverage of Havana Syndrome over the years; still interesting to hear what @jenniferpforde.bsky.social and @bungey.bsky.social uncovered in their podcast ‘Havana Helmet Club’ (and I loved ‘West Cork’ from a few years ago). www.bbc.com/audio/brand/...
BBC Audio | Havana Helmet Club
Listen to the latest episodes of Havana Helmet Club on BBC Audio
www.bbc.com
October 8, 2025 at 12:17 PM
I’ve followed various coverage of Havana Syndrome over the years; still interesting to hear what @jenniferpforde.bsky.social and @bungey.bsky.social uncovered in their podcast ‘Havana Helmet Club’ (and I loved ‘West Cork’ from a few years ago). www.bbc.com/audio/brand/...
Been really enjoying this new book about Gunvor Galtung Haavik, a nurse turned secretary for the Norwegian MoFA in Moscow — and KGB spy for 30 years. The KGB used her to get closer to Americans, including Marion Peacock, Lloyd Eddenfield, Bernie G. Britain, and Roy Rhodes.
October 8, 2025 at 10:37 AM
Been really enjoying this new book about Gunvor Galtung Haavik, a nurse turned secretary for the Norwegian MoFA in Moscow — and KGB spy for 30 years. The KGB used her to get closer to Americans, including Marion Peacock, Lloyd Eddenfield, Bernie G. Britain, and Roy Rhodes.
I’m very excited to discuss journalism and source protection at the @gijn.org conference in Kuala Lumpur next month, alongside @sandrine-rigaud.bsky.social, @thesignalsnetwork.bsky.social, @pm-arnaud.bsky.social, and @paulradu.bsky.social. gijn.org/stories/gijc...
GIJC25 Program Launches — Two Nobel Laureates and African War Crimes Expert Are Featured Speakers
Journalism pioneer Maria Ressa, famed economist Joseph Stiglitz, and UN Rwanda Tribunal prosecutor Charles Adeogun-Phillips headline the top experts on the conference's program.
gijn.org
October 7, 2025 at 1:59 PM
I’m very excited to discuss journalism and source protection at the @gijn.org conference in Kuala Lumpur next month, alongside @sandrine-rigaud.bsky.social, @thesignalsnetwork.bsky.social, @pm-arnaud.bsky.social, and @paulradu.bsky.social. gijn.org/stories/gijc...
Spent the last week in Taiwan! Such a beautiful country and lots of delicious food. Would love to visit again! 🇹🇼
October 7, 2025 at 1:35 PM
Spent the last week in Taiwan! Such a beautiful country and lots of delicious food. Would love to visit again! 🇹🇼
Working on my skydiving license in between security assessments, keynotes, and research. Here’s my first jump in Empuriabrava, Spain with two instructors and my own parachute.
August 11, 2025 at 12:43 PM
Working on my skydiving license in between security assessments, keynotes, and research. Here’s my first jump in Empuriabrava, Spain with two instructors and my own parachute.
Thanks to ODA-Nettverk for inviting me to keynote Inspiration Day yesterday! Really enjoyed being back in Oslo and talking about the importance of end-to-end encryption.
May 29, 2025 at 7:07 AM
Thanks to ODA-Nettverk for inviting me to keynote Inspiration Day yesterday! Really enjoyed being back in Oslo and talking about the importance of end-to-end encryption.
Had the pleasure of being a guest on the Adventures of Alice & Bob Podcast recently! Check out the interview for stories about my work with journalists and high-risk people — and that one time I hacked a smart-rifle in 2015. www.beyondtrust.com/podcast/ep-7...
Ep. 79 - Hacking Rifles and Protecting Reporters //… | BeyondTrust
BeyondTrust’s Privileged Access Management platform protects your organization from unwanted remote access, stolen credentials, and misused privileges
www.beyondtrust.com
May 27, 2025 at 8:37 PM
Had the pleasure of being a guest on the Adventures of Alice & Bob Podcast recently! Check out the interview for stories about my work with journalists and high-risk people — and that one time I hacked a smart-rifle in 2015. www.beyondtrust.com/podcast/ep-7...
The Kaspersky researchers who discovered Careto more than a decade ago privately concluded that the group was run by the Spanish government. Careto relied heavily on phishing emails impersonating Spanish newspapers. techcrunch.com/2025/05/23/m...
May 26, 2025 at 4:41 PM
The Kaspersky researchers who discovered Careto more than a decade ago privately concluded that the group was run by the Spanish government. Careto relied heavily on phishing emails impersonating Spanish newspapers. techcrunch.com/2025/05/23/m...
I’ll be in Stockholm in mid-June! Available for consulting, presentations, workshops for journalists and security folks. Also planning on spending some time in the wind tunnel. 🥳
May 26, 2025 at 8:07 AM
I’ll be in Stockholm in mid-June! Available for consulting, presentations, workshops for journalists and security folks. Also planning on spending some time in the wind tunnel. 🥳
A team of journalists in Norway spent a year secretly monitoring a credit card fraud gang to uncover who's behind it and how they operate. Here's the story -- in English -- of how they unmasked Darcula and the crime-as-a-service software Magic Cat. www.nrk.no/dokumentar/x...
The scammers have tricked millions through text messages:
Who are they and how do they scam us?
www.nrk.no
May 5, 2025 at 3:03 PM
A team of journalists in Norway spent a year secretly monitoring a credit card fraud gang to uncover who's behind it and how they operate. Here's the story -- in English -- of how they unmasked Darcula and the crime-as-a-service software Magic Cat. www.nrk.no/dokumentar/x...
I’m really looking forward to speaking at ODA Inspiration Day in Oslo on May 28! I’ll be there a couple of days prior and would love to meet folks for coffee and/or work. odanettverk.no/2025/04/22/r...
Runa Sandvik is coming to ODA Inspiration Day 2025 - ODA-Nettverk
Runa Sandvik is the founder of Granitt, a consultancy focused on security for journalists and other at-risk people around the world. We are thrilled to have one of the world's leading experts on hacki...
odanettverk.no
April 23, 2025 at 8:59 AM
I’m really looking forward to speaking at ODA Inspiration Day in Oslo on May 28! I’ll be there a couple of days prior and would love to meet folks for coffee and/or work. odanettverk.no/2025/04/22/r...
News articles often focus on spyware victims who had their devices checked and opted to go public. We rarely hear about those who didn’t. New court documents from WhatsApp v. NSO shed some light on the true scale of the targeting in a 2019 campaign. techcrunch.com/2025/04/09/c...
Court document reveals locations of WhatsApp victims targeted by NSO spyware | TechCrunch
The list of 1,223 victims in 51 countries hints at the “true scale of the spyware problem,” per one researcher.
techcrunch.com
April 10, 2025 at 4:47 PM
News articles often focus on spyware victims who had their devices checked and opted to go public. We rarely hear about those who didn’t. New court documents from WhatsApp v. NSO shed some light on the true scale of the targeting in a 2019 campaign. techcrunch.com/2025/04/09/c...
More of this, please. bsky.app/profile/prop...
D.C., we keep on trucking. 🚚
If you are or were a federal worker, our Signal tipline is always open and actively monitored: 917-512-0201.
If you are or were a federal worker, our Signal tipline is always open and actively monitored: 917-512-0201.
March 6, 2025 at 5:32 PM
More of this, please. bsky.app/profile/prop...
If you’re interested in aviation security, check out this fantastic 2013 talk from Hugo Teso on leveraging ADS-B, ACARS, and on-board systems to attack virtual airplanes systems. www.youtube.com/watch?v=wk1j...
#HITB2013AMS D1T1 Hugo Teso - Aircraft Hacking: Practical Aero Series
YouTube video by Hack In The Box Security Conference
www.youtube.com
February 18, 2025 at 11:00 AM
If you’re interested in aviation security, check out this fantastic 2013 talk from Hugo Teso on leveraging ADS-B, ACARS, and on-board systems to attack virtual airplanes systems. www.youtube.com/watch?v=wk1j...
In November, Apple told @davidyambio.bsky.social he was targeted by “a mercenary spyware attack.” Yambio, an activist in Italy, has long criticized Italy’s dealings with Libya. He did not receive a notification from WhatsApp, so unclear what he was targeted with. www.theguardian.com/world/2025/f...
Campaigner for migrants in Libya targeted in spyware attack
Exclusive: Italy-based David Yambio, a critic of Meloni government, was told of attempt to compromise his phone
www.theguardian.com
February 15, 2025 at 11:54 AM
In November, Apple told @davidyambio.bsky.social he was targeted by “a mercenary spyware attack.” Yambio, an activist in Italy, has long criticized Italy’s dealings with Libya. He did not receive a notification from WhatsApp, so unclear what he was targeted with. www.theguardian.com/world/2025/f...
In Chasing Shadows, @rondeibert.bsky.social writes that Ben Hubbard was the first case “of an American journalist being targeted with Pegasus.” Hubbard was targeted in June 2018, but due to “concerns of New York Times management about going public,” @citizenlab.ca didn’t publish until early 2020.
February 15, 2025 at 8:39 AM
In Chasing Shadows, @rondeibert.bsky.social writes that Ben Hubbard was the first case “of an American journalist being targeted with Pegasus.” Hubbard was targeted in June 2018, but due to “concerns of New York Times management about going public,” @citizenlab.ca didn’t publish until early 2020.
Apple’s Lockdown Mode feature for iOS, iPadOS, macOS, and watchOS remains the best protection we have against sophisticated spyware. Here’s what you should know about the feature, to turn it on: Settings > Privacy & Security. www.glitchcat.xyz/p/four-thing...
Four things to know about Lockdown Mode
Earlier this week, Apple notified a number of individuals that state-sponsored actors may be targeting their iPhones.
www.glitchcat.xyz
February 14, 2025 at 5:18 PM
Apple’s Lockdown Mode feature for iOS, iPadOS, macOS, and watchOS remains the best protection we have against sophisticated spyware. Here’s what you should know about the feature, to turn it on: Settings > Privacy & Security. www.glitchcat.xyz/p/four-thing...