Cyber-arms-dealer Grey Heron really, really doesn't want you to know about the connections between them and the disgraced Hacking Team

When Grey Heron surfaced this month selling anti-Signal and anti-Telegram surveillance tools at a UK trade show for cyber-arms-dealers, sharp-eyed journalists at Motherboard immediately noticed that the company's spokesman was last seen fronting for Hacking Team, a disgraced Italian cyber-arms-dealer that provided surveillance weapons to some of the world's cruelest dictators.

Stalkerware vendor Retina-X capitulates to vigilante hacker, shuts down "indefinitely"

Retina-X sold a bunch of spyware apps (PhoneSheriff, TeenShield, SniperSpy and Mobile Spy) that they advised parents to sneak onto their kids' devices, jealous men to sneak onto their girlfriends' devices, and bosses to sneak onto their employees' devices, in order to covertly track their location data, steal their photos and videos, and spy on calls, keystrokes and texts.

Israeli firm Cyberbit illegally spied on behalf of Ethiopia's despots, then stored all their stolen data on an unencrypted, world-readable website

Researchers from the University of Toronto's amazing Citizen Lab (previously) have published a new report detailing the latest tactics from the autocratic government of Ethiopia, "the world's first turnkey surveillance state" whose human rights abuses have been entirely enabled with software and expertise purchased on the open market, largely from companies in western countries like Finfisher and Hacking Team.

Cyber-arms dealer offers $1m for zero-day Tor hacks

Zerodium is a cyber-arms dealer that produces hacking tools for governments by buying up newly discovered defects in widely used systems, weaponizing them and then selling them to be used against criminals, activists, journalists and other targets of state surveillance.

Camera-equipped sex toy manufacturer ignores multiple warnings about horrible, gaping security vulnerability

The uniquely horribly named Svakom Siime Eye is an Internet of Things sex-toy with a wireless camera that allows you to stream video of the insides of your orifices as they are penetrated by it; researchers at the UK's Pen Test Partners discovered that once you login to it via the wifi network (default password "88888888"), you can root it and control it from anywhere in the world.

Yahoo reveals hackers took a further 1 billion accounts (phone, DoB, names, emails)

Just a few months after Yahoo disclosed a 2014 breach of 500 million user accounts, the company today revealed this was preceded by a 1 billion account breach in 2013, in which the hackers took everything: hashed passwords, names, email addresses, phone numbers, dates of birth, and possibly the tools necessary to forge login cookies that would bypass password checks altogether. — Read the rest

Internet-destroying outages were caused by "amateurish" IoT malware

Some of the internet's most popular, well-defended services — including Twitter — were knocked offline yesterday by a massive denial-of-service attack that security experts are blaming on botnets made from thousands of hacked embedded systems in Internet of Things devices like home security cameras and video recorders.