Citizen Lab identified indicators that Cellebrite forensic extraction tools were used on a Samsung device belonging to Kenyan activist Boniface Mwangi during police custody (July 2025).

Amnesty International separately confirmed a successful Predator spyware infection on an Angolan journalist’s iPhone running iOS 16.2.

Technical implications:
• Commercial forensic tools can enable full device extraction
• Predator supports modular deployment and anti-analysis techniques
• Infection attempts leveraged WhatsApp delivery vectors
• Restart disrupted active spyware persistence in one case
Operational questions:
– How should vendors enforce client compliance?
– What detection artifacts can defenders monitor?
– Are mobile EDR solutions sufficient against mercenary spyware?
– What governance frameworks are realistically enforceable?

Share your technical assessment below.

Source: https://citizenlab.ca/research/cellebrite-used-on-kenyan-activist-and-politician-boniface-mwangi/

Follow TechNadu for continued surveillance-tech and threat intelligence coverage.

#IncidentResponse #MobileSecurity #ThreatResearch #SpywareAnalysis #Forensics #EDR #CyberGovernance #InfosecCommunity #ThreatIntel #DigitalRights

Switzerland Operationalizes 24-Hour Critical Infrastructure Cyber Reporting

The National Cyber Security Centre (NCSC) processed ~65,000 incident reports in 2025, including 222 under the newly mandated 24-hour reporting requirement under the ISG/CSV framework.

Operational enhancements included:
• Expanded Cyber Security Hub (1,600 members)
• 4,615 incident artifacts exchanged via MISP
• Increased bug bounty deployment across federal IT
• Open-source vulnerability testing (TYPO3, QGIS)
• CHF 18.4M total expenditure, including CHF 3.8M IT investment
This represents a mature shift toward structured national cyber governance: centralized intake, intelligence enrichment, proactive vulnerability reduction, and enforceable compliance.

From an operational standpoint, rapid disclosure requirements tighten detection cycles and strengthen cross-sector signal correlation.

Is mandatory reporting the future baseline for critical infrastructure defense?

Source: https://industrialcyber.co/reports/switzerlands-ncsc-boosts-operational-capabilities-mandates-cyberattack-reporting-on-critical-infrastructure/

Follow @technadu for global cyber governance and threat intelligence analysis.

#Infosec #NCSC #MISP #CyberGovernance #CriticalInfrastructure #BugBounty #OpenSourceSecurity #ThreatIntelligence

During the Trump administration, sensitive but unclassified CISA contracting documents were uploaded into a public AI platform by the agency’s acting director, triggering security alerts and a DHS-level assessment.

While no classified data was involved, the case highlights governance risks tied to AI exceptions, access controls, and data handling in high-security environments.

Source: https://www.technadu.com/cisa-acting-directors-chatgpt-uploads-again-draw-internal-anonymous-claims-as-dhs-pushes-to-clarify/619314/

What practical guardrails should govern AI usage in public-sector security roles?

Share insights and follow @technadu

#InfoSec #TrumpAdministration #AIUsage #DataHandling #CyberGovernance #CISA #PublicSectorSecurity

A U.S. court has temporarily restricted access to materials seized from a journalist during a federal investigation, pending judicial review.

Beyond press freedom implications, the case also underscores how digital evidence handling, access controls, and legal oversight intersect when sensitive information is involved.

From a security and governance standpoint, what best practices should guide investigations that touch journalistic sources?

Share your thoughts and follow @technadu for measured reporting at the intersection of cybersecurity, law, and policy.

Source: https://www.reuters.com/business/media-telecom/us-judge-temporarily-blocks-review-material-seized-washington-post-reporter-2026-01-21/

#InfoSec #CyberGovernance #DigitalForensics #PressFreedom #CyberLaw #TechNadu

Anchorage Police Department shut down specific servers and disabled vendor access after being notified that a third-party service provider was targeted in a cyber incident.

The department reports:
• No evidence of compromise to internal systems
• Proactive isolation and data removal measures
• Ongoing third-party investigation

This incident reinforces the importance of third-party risk visibility, contractual security controls, and rapid containment - even when direct impact is not confirmed.

How do you approach precautionary response when vendor exposure is suspected but unverified?

Source: https://dysruptionhub.com/anchorage-police-cyber-incident-alaska/

Share insights and follow @technadu for measured, fact-based security reporting.

#InfoSec #ThirdPartyRisk #IncidentResponse #PublicSectorSecurity #CyberGovernance #TechNadu

The UK government has admitted systemic weaknesses in its cyber resilience framework and unveiled a new Government Cyber Action Plan.

The strategy moves toward mandatory cybersecurity requirements, centralized accountability, and direct action on legacy IT and supply chain risk - signaling a fundamental shift in public sector cyber governance.

Details:
https://www.technadu.com/uk-government-admits-flaws-in-cyber-resilience-strategy-overhauls-cyber-policy-with-new-action-plan/617776/

#UKCyber #CyberResilience #PublicSectorSecurity #Infosec #CyberGovernance

How is cybersecurity law applied across European countries? How do its state members fit into the global picture? What's discretionary, and how can they ensure compliance?

#cybersecurity #europe #EU #europeanUnion #cybersecurityLaw #sovereignty #cyberGovernance #harmonization #NIS2 #GDPR #DORA #CRA #eIDAS2 #ECCC #ENISA

https://negativepid.blog/cybersecurity-in-europe-an-overview/
https://negativepid.blog/cybersecurity-in-europe-an-overview/

@UniStrathclyde (including our @cyber4humans)is hosting the Workshop on Cyber-Securing Democratic Elections on 27th June. Attendance is free and open to industry/practitioners, interested citizens, and academics: https://www.eventbrite.co.uk/e/workshop-on-cyber-securing-democratic-elections-tickets-635875349287 #Glasgow #Scotland #Cyber #Democracy #Resilience #CyberGovernance #Elections #Voting

#thankful for the invite from TechSec Initiative @GVAGrad@twitter.com to discuss #cybersecurity #cyberpolicy #cybergovernance #internationalsecurity #digitaltechnologies #policymaking It was a pleasure to talk about career paths #futureofwork #cybersecurityworkforce #cybereducation